Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    ICAP protocol error.

    Cache/Proxy
    2
    4
    900
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sisko212
      last edited by

      Hello everyone,
      I am experimenting, since I've updated to pfsense 2.4.4, an error on the antivirus as this:
      ICAP protocol error
      It happens randomly, and obviously, all websites are unreachable.
      After a few tens of seconds, the problem disappears and everything starts working again.
      My squid configuration is quite unusual because i like to have big cache:
      Hard Disk Cache Size: 20480
      Hard Disk Cache System: aufs
      Maximum Object Size: 2048
      Memory Cache Size: 8192
      Maximum Object Size in RAM: 8192
      Memory Replacement Policy: Heap GDSF

      Someone has some suggestion where to investigate for a solution ?
      Thanks.

      1 Reply Last reply Reply Quote 0
      • I
        Impatient
        last edited by

        I really don't see the logic in having a large disk cache and a large memory cache.
        What ssl directive have you selected?
        What ICAP error?
        What hardware?

        1 Reply Last reply Reply Quote 0
        • S
          sisko212
          last edited by sisko212

          Hi Impatient, thanks for your answer, here more informations:

          1. just because i have memory and disk space to do so, and then i wanted to use it in order to save bandwidth, above all when windows and macos updates are available.
          2. ssl filtering is set as MITM Mode: Splice All; Compatibility mode: Modern; DHParams Key: 2048; Remote Cert Checks and Certificate Adap: all unselected.
          3. error: ICAP protocol error .... nothing else. When the error occours and i take a look on services windows, all antivirus and icap services looks turned down.
          4. hardware: pc custom: motherboard SuperMicro x10sdv-tp9f; Cpu: Xeon D-1518 2.2 ghz 4c/8th; Ram 32gb DDR4; disk: 2 ssd Trascend TS64SSD360S (64gb) as zfs raidz1; 6 nic 1gb copper; 2 nic 10g fiber;

          Anyway, from a week i decrease a couple of values, and i am testing squid memory cache size: 1024 and Maximum Object Size in ram: 512., and looks to work, because the error is not occured yet.
          I will keep you informed if continues to remain stable.
          Thanks.

          1 Reply Last reply Reply Quote 0
          • I
            Impatient
            last edited by

            From my understanding memory cache amount is the minimum squid will use for cache plus you also have to allow for antivirus scan's, in transit object's, etc.
            For instance on my home network I use 1024mb and 256kb and when I check System Activity squid is using 2646mb. and Clam is using another 948mb.plus you have to provide memory for any other package's you install and the firewall itself.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.