Is Squid3 really working for pfSense 2.2.2
-
HI,
I clean installed Squid3, all setting were by default, changed some config errors in AntiVirus tab, so all the services was up and running fine, BUT, I can't surf the internet UNLESS I turn the 'HTTP transparent proxy mode' off.
What am I missing? Thanks.
-
how do you have squid3 setup? Do you also have squidGuard installed? What services are on and off?
-
how do you have squid3 setup? Do you also have squidGuard installed? What services are on and off?
I didn't install squidGuard, should I have to? Squid3, clamav and icap services are all on.
-
The following is the errors I got when surf internet:
ERROR
The requested URL could not be retrievedThe following error was encountered while trying to retrieve the URL: http://www.google.ca
Connection to 127.0.0.1 failed.
The system returned: (60) Operation timed out
The remote host or network may be down. Please try the request again.
Your cache administrator is admin@localhost.
ERROR
The requested URL could not be retrievedThe following error was encountered while trying to retrieve the URL: http://www.dslreports.com/forum/rogers
Unable to forward this request at this time.
This request could not be forwarded to the origin server or to any parent caches.
Some possible problems are:
An Internet connection needed to access this domains origin servers may be down.
All configured parent caches may be currently unreachable.
The administrator may not allow this cache to make direct connections to origin servers.Your cache administrator is admin@localhost.
I only installed snort, pfBlokerNG, and squid3, for Squid3, all the settings were setup by default, changed squid.inc, changed anti-virus configs, and execute freshclam, but I got above odd errors, can't surf internet unless turn off the transparent HTTP proxy.
What am I doing wrong?
The following is the cache.log from /var/squid/logs:
2015/05/20 19:07:21 kid1| Starting Squid Cache version 3.4.10 for amd64-portbld-freebsd10.1…
2015/05/20 19:07:21| pinger: Initialising ICMP pinger ...
2015/05/20 19:09:06 kid1| WARNING: Creating /var/squid/cache/00/39
FATAL: Received Segment Violation...dying.
CPU Usage: 0.102 seconds = 0.050 user + 0.052 sys
Maximum Resident Size: 103568 KB
Page faults with physical i/o: 0
2015/05/20 19:10:01 kid1| Starting Squid Cache version 3.4.10 for amd64-portbld-freebsd10.1...
2015/05/20 19:10:01| pinger: Initialising ICMP pinger ...
2015/05/20 19:10:28 kid1| Starting Squid Cache version 3.4.10 for amd64-portbld-freebsd10.1...
2015/05/20 19:10:29| pinger: Initialising ICMP pinger ...
2015/05/20 19:13:11| pinger: Initialising ICMP pinger ...
2015/05/20 19:13:12| pinger: Initialising ICMP pinger ...
2015/05/20 19:14:16| pinger: Initialising ICMP pinger ...
2015/05/20 19:14:17| pinger: Initialising ICMP pinger ...
2015/05/20 19:28:29| pinger: Initialising ICMP pinger ...
2015/05/20 19:28:30| pinger: Initialising ICMP pinger ...
2015/05/20 19:29:29 kid1| WARNING: Creating /var/squid/cache/00/25
2015/05/20 19:30:05| pinger: Initialising ICMP pinger ...
2015/05/20 19:30:10| pinger: Initialising ICMP pinger ...
2015/05/20 19:31:07| pinger: Initialising ICMP pinger ...
2015/05/20 19:31:08| pinger: Initialising ICMP pinger ...
2015/05/20 19:31:31| pinger: Initialising ICMP pinger ...
2015/05/20 19:31:31| pinger: Initialising ICMP pinger ...
2015/05/20 19:32:17| pinger: Initialising ICMP pinger ...
2015/05/20 19:32:19| pinger: Initialising ICMP pinger ...
2015/05/20 19:49:10| pinger: Initialising ICMP pinger ...
2015/05/20 19:49:11| pinger: Initialising ICMP pinger ...
2015/05/20 20:03:56| pinger: Initialising ICMP pinger ...
2015/05/20 20:04:18| pinger: Initialising ICMP pinger ...
2015/05/20 20:04:19| pinger: Initialising ICMP pinger ...
FATAL: Received Segment Violation...dying.
CPU Usage: 4.415 seconds = 3.477 user + 0.937 sys
Maximum Resident Size: 110800 KB
Page faults with physical i/o: 0
2015/05/20 20:07:00 kid1| Starting Squid Cache version 3.4.10 for amd64-portbld-freebsd10.1...
2015/05/20 20:07:00| pinger: Initialising ICMP pinger ...
2015/05/20 20:08:40 kid1| Starting Squid Cache version 3.4.10 for amd64-portbld-freebsd10.1...
2015/05/20 20:08:41| pinger: Initialising ICMP pinger ...
2015/05/20 20:16:13| pinger: Initialising ICMP pinger ...
2015/05/20 20:16:14| pinger: Initialising ICMP pinger ... -
The error means it's working as it should.
Now configure it…..... attach the 'LAN' interface and tick the "Allow users on Interface" and "Transparent HTTP proxy". Save it and restart squid through Status-> Services. Or Restart your pfsense (not mandatory)
If you want to content Filter, you must install squidguard also.
-
After you install squid, you must either reboot or restart squid or it will not work.
-
The error means it's working as it should.
Now configure it…..... attach the 'LAN' interface and tick the "Allow users on Interface" and "Transparent HTTP proxy". Save it and restart squid through Status-> Services. Or Restart your pfsense (not mandatory)
If you want to content Filter, you must install squidguard also.
Restart service made it works. Thanks much, now going back to enable Anti-Virus.
-
After correcting config warnings, and enable Anti-Virus. I got
The following error was encountered while trying to retrieve the URL: http://www.google.ca/
ICAP protocol error.
The system returned: [No Error]
This means that some aspect of the ICAP communication failed.
Some possible problems are:
The ICAP server is not reachable.
An Illegal response was received from the ICAP server.
Disable Ant-virus, made Squid3 works again. What am I missing?
EDIT: Solved after looking at https://forum.pfsense.org/index.php?topic=77264.msg485524#msg485524
-
Try rebooting the pfsense box.. if the issue the still persists reinstall the squid and see.
-
How to make Antivirus works on HTTPS link?
