• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Squid3 - New GUI with sync, normal and reverse proxy

Cache/Proxy
104
428
470.5k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • A
    aGeekhere
    last edited by Sep 13, 2015, 11:19 PM

    The "same issue" is that the link to show squid's changes in the package manger is incorrect and gives

    get 404 error

    link
    https://github.com/pfsense/pfsense-packages/commits/master/config/34

    Anyway it is only minor, Found the correct link anyway
    https://github.com/pfsense/pfsense-packages/tree/master/config/squid3/34

    Never Fear, A Geek is Here!

    1 Reply Last reply Reply Quote 0
    • D
      doktornotor Banned
      last edited by Sep 14, 2015, 12:37 AM

      @aGeekHere:

      The "same issue" is that the link to show squid's changes in the package manger is incorrect

      Not fixable in package, plus not really sure why it matters.

      1 Reply Last reply Reply Quote 0
      • A
        Alex_RQ
        last edited by Sep 15, 2015, 1:55 AM

        Hello ALL,

        Recently switched from NON-Transparent proxy to Transparent. Figured out that URL-Filter (squidGuard) doesn't work for HTTPS sites. So, even if I block all the sites in squidGuard configuration user still able to browse ANY HTTPS site (I made sure that user gets ERROR page for HTTP, so squidGurd works for NON-encrypted traffic).
        In NON-Transparent mode it DOES work and users gets regular "Unable to connect" (FireFox) or "This webpage is not available" (Chrome). I assume this is normal behavior.

        We run squid3 v0.3.1 (with clamav integrated) and squidGuard v1.9.15 on pfSense 2.2.4-RELEASE (amd64).

        1. Is it a known issue with TRANSPARENT mode? Is it possible to fix it somehow? BTW, we do NOT use SSL interception.

        2. The second question would be "Where can I get a changelog (the list of new features / fixed issues) for the latest squid3 v0.3.2?".

        Thank you in advance.

        1 Reply Last reply Reply Quote 0
        • C
          clusty
          last edited by Oct 9, 2015, 2:25 AM

          Hello,

          Something very doubtful is happening: every 1-2 updates completely breaks squid. It seem like it stops caching any traffic in transparent mode.
          Multiple reinstallations does not seem to fix it.

          Is it a very buggy?

          1 Reply Last reply Reply Quote 0
          • A
            aGeekhere
            last edited by Oct 9, 2015, 3:24 AM

            I have found that squid gets stuck (just sits there pulling full bandwidth) with adobe cc updates,

            the error

            09.10.2015 14:17:23	192.168.1.244	TCP_CLIENT_REFRESH_MISS_ABORTED/206	http://swupdl.adobe.com/updates/oobe/aam20/win/PhotoshopCameraRaw8-8.0/9.2.89/setup.zip	-	203.213.33.73
            

            Have to disable squid in order for the update to download.

            Never Fear, A Geek is Here!

            1 Reply Last reply Reply Quote 0
            • V
              voxeljorz
              last edited by Oct 12, 2015, 3:32 AM Oct 12, 2015, 2:43 AM

              Squidguard didn't filter websites and clamd also stopped after update.

              Reinstalled Squid and SquidGuard, working fine now.

              Only clamav service was stopped.
              Error: Missing /var/db/clamav/*.cvd or *.cld files. Running freshclam in background.

              1 Reply Last reply Reply Quote 0
              • D
                doktornotor Banned
                last edited by Oct 12, 2015, 11:56 AM

                @voxeljorz:

                Error: Missing /var/db/clamav/*.cvd or *.cld files. Running freshclam in background.

                There was absolutely no need to reinstall the package. Antivirus cannot run without AV definitions. You simply must wait until they are downloaded. After that, you can start ClamAV. There's a log message about it, there's a GUI note about it. Not really sure what else could be done for people that lack basic understanding of things like the fact that AV without defs doesn't work.

                1 Reply Last reply Reply Quote 0
                • P
                  Panja
                  last edited by Oct 12, 2015, 8:16 PM

                  If I want ClamAV to work on my pfSense box, this is the package I need to run with? Squid3 0.4.0 package
                  I don't care about the reverse proxy though (not need in my situation). Do I still need this package?

                  1 Reply Last reply Reply Quote 0
                  • D
                    doktornotor Banned
                    last edited by Oct 12, 2015, 8:22 PM

                    Could you clarify what's the purpose you want to run ClamAV for?

                    1 Reply Last reply Reply Quote 0
                    • P
                      Panja
                      last edited by Oct 12, 2015, 9:11 PM

                      I would like ClamAV to work as a virusscanner for my clients.
                      So whne they browse and stumble upon a virus it gets blocked.

                      1 Reply Last reply Reply Quote 0
                      • D
                        doktornotor Banned
                        last edited by Oct 12, 2015, 9:13 PM

                        Well yes, then this is the package. Good luck ;)

                        1 Reply Last reply Reply Quote 0
                        • P
                          Panja
                          last edited by Oct 12, 2015, 9:17 PM

                          Care to explain?
                          ClamAV sh*t?

                          1 Reply Last reply Reply Quote 0
                          • C
                            CrisKolkman
                            last edited by Oct 14, 2015, 2:58 PM

                            Hello all,

                            I just installed pfSense in VirtualBox and it seems to be running fine.
                            I needed to install a router as pfSense because I run multiple webserver and with Squid3 I am filtering based on host which is being accessed.
                            Problem is that pfSense is not the first router, I have my ISP modem which also contains a router (Ziggo in Netherlands).

                            The way I have set it up now is like this:

                            sub.domain.com is being transferred to my ISP external IP.
                            My ISP modem is sending al port 80 traffic to the pfSense WAN interface.

                            Only thing what happens is that when I try to reach sub.domain.com, it is getting redirected to HTTPS and then the error that the server is taking too long to respond.
                            When I edit the hostfile for my local PC to point directly to the pfSense WAN interface, it is working like it should.

                            Hope you understand my question/problem, if not please ask.

                            1 Reply Last reply Reply Quote 0
                            • F
                              fragged
                              last edited by Oct 14, 2015, 3:02 PM

                              Don't try to access local servers with their WAN/Public address from inside your network. You can make host overrides on your DNS if you must use the same URL.

                              1 Reply Last reply Reply Quote 0
                              • C
                                CrisKolkman
                                last edited by Oct 14, 2015, 3:07 PM

                                @fragged:

                                Don't try to access local servers with their WAN/Public address from inside your network. You can make host overrides on your DNS if you must use the same URL.

                                I don't try to access the local server on the public IP, I added the WAN IP for the pfSense server in my hostfile to test if Squid3 is "redirecting" to the correct webserver.
                                The pfSense WAN interface has a local IP since my modem is the main router and handling DHCP etc.

                                1 Reply Last reply Reply Quote 0
                                • C
                                  CrisKolkman
                                  last edited by Oct 14, 2015, 3:32 PM Oct 14, 2015, 3:25 PM

                                  Found the problem now, redirect is not working.

                                  When I try to access sub.domain.com I should get redirected to sub.domain.com/web/index.html, but that is not happening.
                                  Instead it redirects me to https://sub.domain.com which is resulting in the "Server not responding" error.

                                  When I enter sub.domain.com/web/index.html from the outside network, it is working fine and I'm getting send to the correct webserver.

                                  I did add the redirect in Squid3, what could be the problem?

                                  Edit:

                                  Depends on the browser, Chrome keeps sending me to https even when I type the whole URL like: http://sub.domain.com/web/index.html
                                  Firefox only sends me to https when I try to go to sub.domain.com, when I enter the whole URL it works in Firefox.
                                  In MS Edge I don't get redirected to https at all.

                                  Above has all been tested from outside my local network.

                                  From my inside network (sub.domain.com is also pointed to the external ISP IP) Firefox also keeps sending me to https, even when I enter the whole url.

                                  1 Reply Last reply Reply Quote 0
                                  • P
                                    Panja
                                    last edited by Oct 14, 2015, 7:09 PM

                                    @CrisKolkman:

                                    Hello all,

                                    I just installed pfSense in VirtualBox and it seems to be running fine.
                                    I needed to install a router as pfSense because I run multiple webserver and with Squid3 I am filtering based on host which is being accessed.
                                    Problem is that pfSense is not the first router, I have my ISP modem which also contains a router (Ziggo in Netherlands).

                                    The way I have set it up now is like this:

                                    sub.domain.com is being transferred to my ISP external IP.
                                    My ISP modem is sending al port 80 traffic to the pfSense WAN interface.

                                    Only thing what happens is that when I try to reach sub.domain.com, it is getting redirected to HTTPS and then the error that the server is taking too long to respond.
                                    When I edit the hostfile for my local PC to point directly to the pfSense WAN interface, it is working like it should.

                                    Hope you understand my question/problem, if not please ask.

                                    Maybe off topic by why not put your Ziggo modem in bridge mode?
                                    I have the same setup (Ziggo as well), my Ubee EVW3226 has been setup as bridge, so it's a "modem only".
                                    That makes my pfSense the first router in line.

                                    1 Reply Last reply Reply Quote 0
                                    • C
                                      CrisKolkman
                                      last edited by Oct 14, 2015, 7:46 PM

                                      @Panja:

                                      @CrisKolkman:

                                      Hello all,

                                      I just installed pfSense in VirtualBox and it seems to be running fine.
                                      I needed to install a router as pfSense because I run multiple webserver and with Squid3 I am filtering based on host which is being accessed.
                                      Problem is that pfSense is not the first router, I have my ISP modem which also contains a router (Ziggo in Netherlands).

                                      The way I have set it up now is like this:

                                      sub.domain.com is being transferred to my ISP external IP.
                                      My ISP modem is sending al port 80 traffic to the pfSense WAN interface.

                                      Only thing what happens is that when I try to reach sub.domain.com, it is getting redirected to HTTPS and then the error that the server is taking too long to respond.
                                      When I edit the hostfile for my local PC to point directly to the pfSense WAN interface, it is working like it should.

                                      Hope you understand my question/problem, if not please ask.

                                      Maybe off topic by why not put your Ziggo modem in bridge mode?
                                      I have the same setup (Ziggo as well), my Ubee EVW3226 has been setup as bridge, so it's a "modem only".
                                      That makes my pfSense the first router in line.

                                      I do know that but the setup in my house maken that quite difficult so that's not really an option.

                                      1 Reply Last reply Reply Quote 0
                                      • P
                                        Panja
                                        last edited by Oct 15, 2015, 12:32 PM

                                        Ok, clear and understood.  8)

                                        1 Reply Last reply Reply Quote 0
                                        • First post
                                          Last post
                                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.