Squidguard on pf2.1 release STILL fails after a Year !!

duanes

Running Squidguard + pfSense 2.1 current releases.

In the Proxy, Filter settings, click on tab for TIMES.
I have times defined, but the filter items fails to change.

This was working (but not reliably) on 2.1 until a month or so ago, but now, it always fails to switch over.

Also, when it DOES work, the switchover takes a while to load and traffic is dropped for 20-30 seconds.  If the Shalla Blacklist is enabled, the switchover often cause crashes (maybe from buffer over flows).  If it does not crash, it takes 100+ seconds to start passing traffic again.  (FW hardware is AMD Athlon 4400+ CPU with 4GB RAM, 250GB Caviar Black drive)

See my previous complaint: https://forum.pfsense.org/index.php?topic=59671

snips of config:

time Lunch_And_Break {
weekly * 11:57-12:30
weekly fri 11:27-12:00
weekly * 09:27-10:00
weekly * 13:57-14:30
}

src WLmachines {
ip    10.1.5.231-10.1.5.248
ip    10.1.5.191/32
ip    10.1.5.150/32
log block.log
}

src Normal {
ip    10.1.5.0/24
log block.log
}

dest Porn {
expressionlist Porn/expressions
redirect http://10.1.1.5:81/sgerror.php?url=403%20Videos%20are%20currently%20blocked%20due%20to%20excess%20usage.%20%28Please%20do%20not%20use%20videos%20for%20radio%20stations.%29&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
log block.log
}

dest Videos {
domainlist Videos/domains
redirect http://10.1.1.5:81/sgerror.php?url=403%20Videos%20are%20currently%20blocked%20due%20to%20excess%20usage.%20%28Please%20do%20not%20use%20videos%20for%20radio%20stations.%29&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
log block.log
}

Facebook Block

dest Facebook {
domainlist Facebook/domains
redirect http://10.1.1.5:81/sgerror.php?url=403%20Due%20to%20excess%20usage%20during%20work%20hours%2C%20Facebook%20is%20currently%20blocked.&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
}

acl  {

WLmachines  {
pass Videos Facebook !Porn all
redirect http://10.1.1.5:81/sgerror.php?url=403%20Blocked%20By%20Firewall.&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
log block.log
}

Normal  within Lunch_And_Break {
pass Videos Facebook !Porn all
redirect http://10.1.1.5:81/sgerror.php?url=403%20Some%20pages%20are%20blocked%20during%20work%20times.&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
log block.log
} else {
pass !Porn !Videos !Facebook all
redirect http://10.1.1.5:81/sgerror.php?url=403%20Some%20pages%20are%20blocked%20during%20work%20times.&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
log block.log
}

default  {
pass !Porn Videos Facebook all
redirect http://10.1.1.5:81/sgerror.php?url=403%20&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
}
}

duanes

FYI - I uninstalled and reinstalled Suid and Squidguard.

Here are the specific Packages on my system:

2.1-RELEASE (amd64)
built on Wed Sep 11 18:17:37 EDT 2013
FreeBSD 8.3-RELEASE-p11

AutoConfigBackup                    Services                              1.20
Lightsquid                                Network Report                  1.8.2 pkg v.2.33
OpenVPN Client Export Utility  Security                              1.2.4
pfBlocker                                  Firewall                              1.0.2
squid3                                      Network                              3.1.20 pkg 2.0.6
squidGuard-squid3                    Network Management        1.4_4 pkg v.1.9.5

duanes

This problem goes back YEARS !!

Seriously, does no one ever use time restrictions on Squidguard ?

https://forum.pfsense.org/index.php/topic,43352.0.html