Squidguard-squid3-1.4_4-amd64 failed on pfsense 2.2
-
No the build failed and I didn't have time to investigate.
-
:-\Â If there is anything I could assist with, I'll be glad to help..
-
Subj does not start after reboot until you do not update the blacklist :-\
-
Hello,
I have the same Problem with pfSense and Squidguard.
I installed pfSense2.2 with FreeBDS (amd64), squid (2.7.9 pkg v. 4.3.6), squidGuard-devel (1.5_1beta pkg v. 1.5.6) and Captive Protal Plus in VMware Player.
Yesterday everything worked fine , but today the squid and squidGuard service keep crashing all the time.I updates the Blacklist, and then everything was fine again.
Is this a normal behavior of this package? How can i fix this?
Im not so skilled with linux, would be grade if anyone can help me :-)
-
Hello,
I have the same Problem with pfSense and Squidguard.
I installed pfSense2.2 with FreeBDS (amd64), squid (2.7.9 pkg v. 4.3.6), squidGuard-devel (1.5_1beta pkg v. 1.5.6) and Captive Protal Plus in VMware Player.
Yesterday everything worked fine , but today the squid and squidGuard service keep crashing all the time.I updates the Blacklist, and then everything was fine again.
Is this a normal behavior of this package? How can i fix this?
Im not so skilled with linux, would be grade if anyone can help me :-)
I am having the same issue on my box.
Has this been resolved?
-
Try squid3 + squidguard 3
-
It seems the cause for the problem is that the blacklist db is either removed or corrupted when restarting the box. Proof: The blacklist tab shows no sign of a downloaded blacklist and a blacklist database. Since squidguard is configured to use a blacklist it will fail which subsequently also causes squid to fail since the url_rewriter fails.
-
Hi folks,
I tried to get squid3 and squidguard for squid3 to function on a 64Bit-system. I updated from 2.1.5 to 2.2.1. Some packages did not update at all like squi3, squidguard for squid3 and pfblocker (because the package has now a new name = pfblockerng). That was still ok for me. So I treid to install pfblockerng at first. The installtaion and the configuration where successful and to me is this package realy good.
Then I tried to install squid3 without squidguard. All OK so far. I was able to start both addons clamav and icap. Then came the test, if squid3 and squidguard for squid3 are operational. This failed. Squid3 stopped and squidguard never started. Then I read in the forum to tr squidguard-devel instead. I did so, but this did not function at all.
Disapointed about thes packages I deinstalled both packages. After a reboot, I installed squid2 and squidguard for squid2. Everthing was OK and squid with squidguard are OK now. The blacklist were still there after a reboot and the system ist working now.
Now a question to those how are responsible for the package squi3 and its squidguard: When will there be a solution for this problem and is it possible not to implement clamav and icap? I suggest that this should be a separate package.
Hope to see a new package as soon as possible.
thnx a lot.
I TRIED THIS ON THE LATEST pfsense 2.2.1
Sorry for this overhasty message that squid2 with squidguard works fine on pfsense 2.2.1.
That is not realy true. Some things work and some do not. I tried it with several clients and some had connection and some did not. What is the reason. I don not know, but what I know is that not all "Proxy filter SquidGuard: Groups Access Control List (ACL)" work. If you try to configure more than 2 acls you are able to save them, but those clients have no internet at all.
example:
First 192.168.1.60-192.168.1.69 ist set to client1 = These IPs are able to surf.
Second 192.168.1.70-192.168.1.79 ist set to client1 = These IPs are able to surf.
… everyting follows has no connection.
fith 192.168.1.90-192.168.1.99 ist set to client1 = These IPs are able to surf.Therefor I guess, there ist still work to do. I am going back to the older release pfsense 2.1.5.
:'( :-\ >:( -
I looked around a bit and found out that the issue is SquidGuard saving files to the /tmp directory.
When pfsense is rebooted /tmp directory is rebuilt meaning it erases all files and puts updated ones
BUT squidGuards files: squidGuard, squidGuard_blacklist_update.sh, squidguard_blacklist.tar & squidguard_download.stat are never rebuilt. Im guessing one of this files is the db or wrkdir.You can test this by downloading the blacklist.tar.gz of ur choice and looked at the /tmp folder, then reboot and those files will be gone.
This can potentially be a very easy fix for someone that has knowledge of squidGuard package code or maybe even the config file. Pretty much squidGuard has to not read/write files in the /tmp but rather somewhere else. (Ex. in the /var/squidGuard directory)
Ill try to mess around to see if i can find the file or code that saves files to the /tmp and advice back.
Attached are pics of the /temp directory before and after the reboot
@mir:
It seems the cause for the problem is that the blacklist db is either removed or corrupted when restarting the box. Proof: The blacklist tab shows no sign of a downloaded blacklist and a blacklist database. Since squidguard is configured to use a blacklist it will fail which subsequently also causes squid to fail since the url_rewriter fails.
 -
Thanks, this is exactly my problem, rebuilding the database in Squidguard solves the issue.
However, I am in a third world country with multiple daily power cuts, so there are many reboots of pfsense. therefore Squidguard as it is, is not usefull for me. Hope for a fix soon, or if somebody knows how to do an automatic rebuild after a reboot I would be happy :-)
-
Get a small UPS that allows your router to survive brief outages.
-
Thanks, this is exactly my problem, rebuilding the database in Squidguard solves the issue.
However, I am in a third world country with multiple daily power cuts, so there are many reboots of pfsense. therefore Squidguard as it is, is not usefull for me. Hope for a fix soon, or if somebody knows how to do an automatic rebuild after a reboot I would be happy :-)
Current squidGuard version is 1.9.14
SquidGuard has gone through a couple updates since my post here, not sure if the issue has actually been fix.Anyhow I got around that issue by automatically updating the blacklist after every reboot.
Below tutorial was done using root account and shallalist blacklist.1. I manually downloaded the blacklist and put it in the directory /var/squidGuard
cd /var/squidGuard && fetch http://www.shallalist.de/Downloads/shallalist.tar.gz2. Then I created file named squidGuard_blacklist_update.sh made it executable and placed it in directory /usr/local/etc/rc.d/
  ```
cd /usr/local/etc/rc.d/ && touch squidGuard_blacklist_update.sh && chmod +x squidGuard_blacklist_update.sh3\. Then using ee I copied below script to squidGuard_blacklist_update.sh and saved itee /usr/local/etc/rc.d/squidGuard_blacklist_update.sh
#!/usr/local/bin/php -f
  $incl = "/usr/local/pkg/squidguard_configurator.inc";
  if (file_exists($incl)) {
    require_once($incl);
    sg_reconfigure_blacklist( "/var/squidGuard/shallalist.tar.gz", "" );
  }
  exit;At this point you can reboot and the script will rebuild the blacklist on every boot up. The only downside is that it also runs the script on shutdown for some reason. This causes shutdown to take about a minute longer than usual but worth the sacrifice. Important Notes: Keep in mind that this solution will not actually update the blacklist from the internet just rebuild it from the blacklist file downloaded on /var/squidGuard. A solutions to this is to use below script place it in /root and then use CRON to run it on a schedulecd /root && touch squidGuard_blacklist_update.sh && chmod +x squidGuard_blacklist_update.sh
ee /root/squidGuard_blacklist_update.sh
#!/usr/local/bin/php -f
  $incl = "/usr/local/pkg/squidguard_configurator.inc";
  if (file_exists($incl)) {
    require_once($incl);
    sg_reconfigure_blacklist( "http://www.shallalist.de/Downloads/shallalist.tar.gz", "" );
  }
  exit;Please let me know if you have any questions and hope this tutorial helps -
@KOM:
Get a small UPS that allows your router to survive brief outages.
I have a big ups that can run for 2 hours. However, that is not enough. Power cuts are often 5 or 6 hours. generator only tuns in the evening.
Current squidGuard version is 1.9.14
SquidGuard has gone through a couple updates since my post here, not sure if the issue has actually been fix.No, not yet fixed.
Anyhow I got around that issue by automatically updating the blacklist after every reboot.
Below tutorial was done using root account and shallalist blacklist.Please let me know if you have any questions and hope this tutorial helps
Yes, it helps!
Thank you very much :-)
-
I also struggle to get squid3 (amd64) on pfsense 2.2. But it already get stuck during the installation process:
Reconfiguring filter… One moment please...
and then remains there forever, no progress. Under "services" there is also no entry for squid (proxy server).
The log gives me this:May 14 14:15:23 lighttpd[21484]: (network_writev.c.107) writev failed: Operation not permitted 12 May 14 14:15:23 lighttpd[21484]: (connections.c.619) connection closed: write failed on fd 12How can I resolve this?
