SquidGuard Group ACL not working

mdalacu

Thanky very much coffelover for helping me with this!
I have another issue, after upgrading pfsense to 2.4.5 series, every morning when people comes to work squid crashes.
The only options i have are:
-from cli starting squid (simple squid..no other parameters) or
-delete cache from UI and then squid automaticaliy restart without a problem or
-reboot the whole system
From services UI i can not restart the squid service. It fails.
This is a tipical log file:

How can i investigate further this problem:
"Jul 29 09:02:17 kernel pid 65891 (squid), jid 0, uid 100: exited on signal 6"

Jul 29 05:04:11 	check_reload_status 		Restarting ipsec tunnels
Jul 29 05:04:11 	check_reload_status 		Restarting OpenVPN tunnels/interfaces
Jul 29 05:04:11 	check_reload_status 		Reloading filter
Jul 29 09:02:17 	kernel 		pid 65891 (squid), jid 0, uid 100: exited on signal 6
Jul 29 09:05:03 	kernel 		pid 67277 (squid), jid 0, uid 100: exited on signal 6
Jul 29 09:05:05 	kernel 		pid 39788 (squid), jid 0, uid 100: exited on signal 6
Jul 29 09:05:06 	kernel 		pid 43264 (squid), jid 0, uid 100: exited on signal 6
Jul 29 09:05:07 	kernel 		pid 46291 (squid), jid 0, uid 100: exited on signal 6
Jul 29 09:05:08 	kernel 		pid 49802 (squid), jid 0, uid 100: exited on signal 6
Jul 29 09:05:09 	kernel 		pid 52665 (squid), jid 0, uid 100: exited on signal 6
Jul 29 09:05:10 	Squid_Alarm 	56905 	Squid has exited. Reconfiguring filter.
Jul 29 09:05:10 	Squid_Alarm 	57086 	Attempting restart...
Jul 29 09:05:13 	Squid_Alarm 	59138 	Reconfiguring filter...
Jul 29 09:05:13 	check_reload_status 		Reloading filter
Jul 29 09:05:14 	php-fpm 	397 	/rc.filter_configure_sync: [squid] Installed but not started. Not installing 'nat' rules.
Jul 29 09:05:14 	php-fpm 	397 	/rc.filter_configure_sync: [squid] Installed but not started. Not installing 'pfearly' rules.
Jul 29 09:05:15 	php-fpm 	397 	/rc.filter_configure_sync: [squid] Installed but not started. Not installing 'filter' rules.
Jul 29 09:36:16 	php-fpm 	30623 	/pkg_edit.php: Session timed out for user 'admin' from: 192.168.16.10 (Local Database)
Jul 29 09:36:18 	php-fpm 	30623 	/pkg_edit.php: Successful login for user 'admin' from: 192.168.16.10 (Local Database)
Jul 29 09:36:52 	php-fpm 	339 	/pkg_edit.php: [squid] Clear disk cache forced via GUI. Clearing cache now...
Jul 29 09:36:52 	php-fpm 	339 	/pkg_edit.php: [squid] Stopping any running proxy monitors
Jul 29 09:36:53 	php-fpm 	339 	/pkg_edit.php: [squid] Creating cache dir '/var/squid/cache' ...
Jul 29 09:36:53 	php-fpm 	339 	/pkg_edit.php: [squid] Creating Squid cache subdirs in /var/squid/cache ...
Jul 29 09:36:56 	php-fpm 	339 	/pkg_edit.php: [squid] Starting service...
Jul 29 09:36:56 	php-fpm 	339 	/pkg_edit.php: [squid] Starting a proxy monitor script
Jul 29 09:36:57 	check_reload_status 		Syncing firewall
Jul 29 09:36:57 	php-fpm 	339 	/pkg_edit.php: [squid] - squid_resync function call pr:1 bp: rpc:no
Jul 29 09:36:59 	php-fpm 	339 	/pkg_edit.php: [squid] Adding cronjobs ...
Jul 29 09:36:59 	php-fpm 	339 	/pkg_edit.php: [squid] Antivirus features disabled.
Jul 29 09:36:59 	php-fpm 	339 	/pkg_edit.php: [squid] Removing freshclam cronjob.
Jul 29 09:36:59 	php-fpm 	339 	/pkg_edit.php: [squid] Stopping any running proxy monitors
Jul 29 09:37:00 	php-fpm 	339 	/pkg_edit.php: [squid] Reloading for configuration sync...
Jul 29 09:37:00 	php-fpm 	339 	/pkg_edit.php: [squid] Starting a proxy monitor script
Jul 29 09:37:01 	check_reload_status 		Reloading filter
Jul 29 09:39:28 	sshd 	82200 	user root login class [preauth]
Jul 29 09:39:28 	sshd 	82200 	user root login class [preauth]
Jul 29 09:39:31 	sshd 	82200 	Accepted keyboard-interactive/pam for root from 192.168.16.10 port 50956 ssh2
Jul 29 09:49:43 	kernel 		pid 332 (squid), jid 0, uid 100: exited on signal 6
Jul 29 10:02:13 	kernel 		pid 32699 (squid), jid 0, uid 100: exited on signal 6 

Thank you again! i will start another thread if you think it will help someone else but me.

viktor_g

@mdalacu said in SquidGuard Group ACL not working:

@coffeelover I will test this imidiatly!
But if it is like this then it is a bug because Allow all destinations it is always disabled! I use it only for investigation.!!

EDIT: Yes you are right! If i removed the ip form Allow_all_destinations even if this ACL is disabled then Management ACL started working again!
Thank you for thi, i have tested everything but this! :-)

Seems related to https://redmine.pfsense.org/issues/4088

coffeelover

@viktor_g yeah, but i don't agree completely to the bug. It is filed very opinionated and some guesses are completely wrong.
Squidguard just resets a non-resolvable client to the default acl, which is common behaviour. If the default acl means 'allow_all', it is an configuration issue, it doesn't "renders squidguard useless".

But yes, perhaps a global setting like 'include non-linked acls in config' would be nice or at least a warning should be shown.

coffeelover

@mdalacu i would check:

• the system resources (cpu, ram, filesystem usage)
• the file permissions

Daily could mean that squid is not able to rotate the logs, because of wrong file permissions.

And if it works after you cleaned the disk cache, it could just be the filesystem filling up.

mdalacu

@coffeelover Hi. Thanks for your reply.
I have checked everthing...RAM CPU Disk Space ..nothing out of the ordinary.
The file permissions seems ok because the system rotates logs at 00:00 without problems.

Squid crashes between 9 and 9:30 AM every morning. I see nothing in crontab which runs at 9...

[2.4.5-RELEASE][root@VSPFW.suciupopa.ro]/var/squid/logs: ls -l
total 296544
-rw-r-----  1 squid  proxy  27603284 Jul 30 12:07 access.log
-rw-r-----  1 squid  proxy  95043059 Jul 30 00:00 access.log.0
-rw-r-----  1 squid  proxy  90147081 Jul 29 00:00 access.log.1
-rw-r-----  1 squid  proxy  82716598 Jul 28 00:00 access.log.2
-rw-r-----  1 squid  proxy    620734 Jul 30 11:38 cache.log
-rw-r-----  1 squid  proxy   1139736 Jul 29 17:33 cache.log.0
-rw-r-----  1 squid  proxy   1189305 Jul 28 17:27 cache.log.1
-rw-r-----  1 squid  proxy   3545291 Jul 27 22:47 cache.log.2
-rw-r-----  1 squid  proxy   1210310 Jul 30 11:47 netdb.state
[2.4.5-RELEASE][root@VSPFW.suciupopa.ro]/var/squid/logs: df -h
Filesystem                                         Size    Used   Avail Capacity  Mounted on
/dev/gptid/d5335474-d186-11e9-b43e-00155d105a07     45G    2.3G     39G     5%    /
devfs                                              1.0K    1.0K      0B   100%    /dev
/dev/md0                                           3.4M    108K    3.0M     3%    /var/run
devfs                                              1.0K    1.0K      0B   100%    /var/dhcpd/dev
[2.4.5-RELEASE][root@VSPFW.suciupopa.ro]/var/squid/logs: ls -ltr ../cache/
total 68
drwxr-x---  258 squid  proxy  3584 Jul 30 09:20 00
drwxr-x---  258 squid  proxy  3584 Jul 30 09:20 01
drwxr-x---  258 squid  proxy  3584 Jul 30 09:20 02
drwxr-x---  258 squid  proxy  3584 Jul 30 09:20 03
drwxr-x---  258 squid  proxy  3584 Jul 30 09:20 04
drwxr-x---  258 squid  proxy  3584 Jul 30 09:20 05
drwxr-x---  258 squid  proxy  3584 Jul 30 09:20 06
drwxr-x---  258 squid  proxy  3584 Jul 30 09:20 07
drwxr-x---  258 squid  proxy  3584 Jul 30 09:20 08
drwxr-x---  258 squid  proxy  3584 Jul 30 09:20 09
drwxr-x---  258 squid  proxy  3584 Jul 30 09:20 0A
drwxr-x---  258 squid  proxy  3584 Jul 30 09:20 0B
drwxr-x---  258 squid  proxy  3584 Jul 30 09:20 0C
drwxr-x---  258 squid  proxy  3584 Jul 30 09:20 0D
drwxr-x---  258 squid  proxy  3584 Jul 30 09:20 0E
drwxr-x---  258 squid  proxy  3584 Jul 30 09:20 0F
-rw-r-----    1 squid  proxy    72 Jul 30 09:43 swap.state
[2.4.5-RELEASE][root@VSPFW.suciupopa.ro]/var/squid/logs: cat /etc/cro
cron.d/  crontab
[2.4.5-RELEASE][root@VSPFW.suciupopa.ro]/var/squid/logs: cat /etc/crontab
# /etc/crontab - root's crontab for FreeBSD
#
# $FreeBSD$
#
SHELL=/bin/sh
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin
#
#minute hour    mday    month   wday    who     command
#
#*/5    *       *       *       *       root    /usr/libexec/atrun
#
# Save some entropy so that /dev/random can re-seed on boot.
#*/11   *       *       *       *       operator /usr/libexec/save-entropy
#
# Rotate log files every hour, if necessary.
#0      *       *       *       *       root    newsyslog
#
# Perform daily/weekly/monthly maintenance.
#1      3       *       *       *       root    periodic daily
#15     4       *       *       6       root    periodic weekly
#30     5       1       *       *       root    periodic monthly
#
# Adjust the time zone if the CMOS clock keeps local time, as opposed to
# UTC time.  See adjkerntz(8) for details.
#1,31   0-5     *       *       *       root    adjkerntz -a
#
# pfSense specific crontab entries
# Created: July 28, 2020, 8:51 am
#

1,31    0-5     *       *       *       root    /usr/bin/nice -n20 adjkerntz -a
1       3       1       *       *       root    /usr/bin/nice -n20 /etc/rc.update_bogons.sh
1       1       *       *       *       root    /usr/bin/nice -n20 /etc/rc.dyndns.update
*/60    *       *       *       *       root    /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot
30      12      *       *       *       root    /usr/bin/nice -n20 /etc/rc.update_urltables
1       0       *       *       *       root    /usr/bin/nice -n20 /etc/rc.update_pkg_metadata
0       0       *       *       *       root    /usr/bin/nice -n20 /usr/local/etc/rc.d/squidGuard_logrotate
30      1       *       *       *       root    /root/squidGuard_blacklist_update.sh
0       0       *       *       *       root    /usr/local/sbin/squid -k rotate -f /usr/local/etc/squid/squid.conf
15      0       *       *       *       root    /usr/local/pkg/swapstate_check.php
0       */12    *       *       *       root    /usr/local/bin/perl /usr/local/www/lightsquid/lightparser.pl today
15      0       *       *       *       root    /usr/local/bin/perl /usr/local/www/lightsquid/lightparser.pl yesterday
#
# If possible do not add items to this file manually.
# If done so, this file must be terminated with a blank line (e.g. new line)
#

This is the log from today whan it crashed at 9:14.

Jul 29 14:20:26 check_reload_status Syncing firewall
Jul 29 14:20:26 check_reload_status Syncing firewall
Jul 29 14:20:31 check_reload_status Syncing firewall
Jul 29 14:20:42 php-fpm 397 /pkg_edit.php: [squid] - squid_resync function call pr:1 bp: rpc:no
Jul 29 14:20:44 php-fpm 397 /pkg_edit.php: [squid] Adding cronjobs ...
Jul 29 14:20:44 php-fpm 397 /pkg_edit.php: [squid] Antivirus features disabled.
Jul 29 14:20:44 php-fpm 397 /pkg_edit.php: [squid] Removing freshclam cronjob.
Jul 29 14:20:44 php-fpm 397 /pkg_edit.php: [squid] Stopping any running proxy monitors
Jul 29 14:20:45 php-fpm 397 /pkg_edit.php: [squid] Reloading for configuration sync...
Jul 29 14:20:46 php-fpm 397 /pkg_edit.php: [squid] Starting a proxy monitor script
Jul 29 14:20:47 check_reload_status Reloading filter
Jul 29 15:45:17 check_reload_status Syncing firewall
Jul 29 15:45:17 check_reload_status Syncing firewall
Jul 29 15:45:28 check_reload_status Syncing firewall
Jul 29 15:45:39 php-fpm 99938 /pkg_edit.php: [squid] - squid_resync function call pr:1 bp: rpc:no
Jul 29 15:45:40 php-fpm 99938 /pkg_edit.php: [squid] Adding cronjobs ...
Jul 29 15:45:40 php-fpm 99938 /pkg_edit.php: [squid] Antivirus features disabled.
Jul 29 15:45:40 php-fpm 99938 /pkg_edit.php: [squid] Removing freshclam cronjob.
Jul 29 15:45:40 php-fpm 99938 /pkg_edit.php: [squid] Stopping any running proxy monitors
Jul 29 15:45:41 php-fpm 99938 /pkg_edit.php: [squid] Reloading for configuration sync...
Jul 29 15:45:41 php-fpm 99938 /pkg_edit.php: [squid] Starting a proxy monitor script
Jul 29 15:45:42 check_reload_status Reloading filter
Jul 30 01:30:25 kernel (da0:storvsc0:0:0:0): WRITE(6). CDB: 0a 19 d2 28 40 00
Jul 30 01:30:25 kernel (da0:storvsc0:0:0:0): CAM status: SCSI Status Error
Jul 30 01:30:25 kernel (da0:storvsc0:0:0:0): SCSI status: Check Condition
Jul 30 01:30:25 kernel (da0:storvsc0:0:0:0): SCSI sense: UNIT ATTENTION asc:3f,2 (Changed operating definition)
Jul 30 01:30:25 kernel (da0:storvsc0:0:0:0): Retrying command (per sense data)
Jul 30 02:08:03 kernel (da0:storvsc0:0:0:0): WRITE(6). CDB: 0a 07 4f 08 01 00
Jul 30 02:08:03 kernel (da0:storvsc0:0:0:0): CAM status: SCSI Status Error
Jul 30 02:08:03 kernel (da0:storvsc0:0:0:0): SCSI status: Check Condition
Jul 30 02:08:03 kernel (da0:storvsc0:0:0:0): SCSI sense: UNIT ATTENTION asc:3f,2 (Changed operating definition)
Jul 30 02:08:03 kernel (da0:storvsc0:0:0:0): Retrying command (per sense data)
Jul 30 05:00:55 rc.gateway_alarm 7850 >>> Gateway alarm: GW_WAN (Addr:192.168.16.1 Alarm:1 RTT:1.383ms RTTsd:1.839ms Loss:21%)
Jul 30 05:00:55 check_reload_status updating dyndns GW_WAN
Jul 30 05:00:55 check_reload_status Restarting ipsec tunnels
Jul 30 05:00:55 check_reload_status Restarting OpenVPN tunnels/interfaces
Jul 30 05:00:55 check_reload_status Reloading filter
Jul 30 05:02:23 check_reload_status Linkup starting hn0
Jul 30 05:02:23 kernel hn0: network changed, change 1
Jul 30 05:02:23 kernel hn0: link state changed to DOWN
Jul 30 05:02:24 php-fpm 99938 /rc.linkup: Ignoring link event for bridge member without IP config
Jul 30 05:02:24 check_reload_status Reloading filter
Jul 30 05:02:27 sshd 82200 Timeout, client not responding.
Jul 30 05:02:28 check_reload_status Linkup starting hn0
Jul 30 05:02:28 kernel hn0: link state changed to UP
Jul 30 05:02:29 php-fpm 339 /rc.linkup: Ignoring link event for bridge member without IP config
Jul 30 05:02:29 check_reload_status Reloading filter
Jul 30 05:02:41 check_reload_status Linkup starting hn0
Jul 30 05:02:41 kernel hn0: network changed, change 1
Jul 30 05:02:41 kernel hn0: link state changed to DOWN
Jul 30 05:02:42 php-fpm 30623 /rc.linkup: Ignoring link event for bridge member without IP config
Jul 30 05:02:42 check_reload_status Reloading filter
Jul 30 05:02:46 check_reload_status Linkup starting hn0
Jul 30 05:02:46 kernel hn0: link state changed to UP
Jul 30 05:02:47 php-fpm 338 /rc.linkup: Ignoring link event for bridge member without IP config
Jul 30 05:02:47 check_reload_status Reloading filter
Jul 30 05:02:53 check_reload_status Linkup starting hn0
Jul 30 05:02:53 kernel hn0: network changed, change 1
Jul 30 05:02:53 kernel hn0: link state changed to DOWN
Jul 30 05:02:54 php-fpm 22515 /rc.linkup: Ignoring link event for bridge member without IP config
Jul 30 05:02:54 check_reload_status Reloading filter
Jul 30 05:02:58 check_reload_status Linkup starting hn0
Jul 30 05:02:58 kernel hn0: link state changed to UP
Jul 30 05:02:59 php-fpm 397 /rc.linkup: Ignoring link event for bridge member without IP config
Jul 30 05:02:59 check_reload_status Reloading filter
Jul 30 05:04:14 rc.gateway_alarm 86494 >>> Gateway alarm: GW_WAN (Addr:192.168.16.1 Alarm:0 RTT:1.445ms RTTsd:1.415ms Loss:5%)
Jul 30 05:04:14 check_reload_status updating dyndns GW_WAN
Jul 30 05:04:14 check_reload_status Restarting ipsec tunnels
Jul 30 05:04:14 check_reload_status Restarting OpenVPN tunnels/interfaces
Jul 30 05:04:14 check_reload_status Reloading filter
Jul 30 09:14:55 kernel pid 3599 (squid), jid 0, uid 100: exited on signal 6
Jul 30 09:14:56 kernel pid 58817 (squid), jid 0, uid 100: exited on signal 6
Jul 30 09:14:57 kernel pid 61209 (squid), jid 0, uid 100: exited on signal 6
Jul 30 09:14:58 kernel pid 64892 (squid), jid 0, uid 100: exited on signal 6
Jul 30 09:14:59 kernel pid 67991 (squid), jid 0, uid 100: exited on signal 6
Jul 30 09:15:00 kernel pid 71182 (squid), jid 0, uid 100: exited on signal 6
Jul 30 09:15:22 Squid_Alarm 75627 Squid has exited. Reconfiguring filter.
Jul 30 09:15:22 Squid_Alarm 75891 Attempting restart...
Jul 30 09:15:25 Squid_Alarm 77973 Reconfiguring filter...
Jul 30 09:15:25 check_reload_status Reloading filter
Jul 30 09:15:26 php-fpm 22515 /rc.filter_configure_sync: [squid] Installed but not started. Not installing 'nat' rules.
Jul 30 09:15:26 php-fpm 22515 /rc.filter_configure_sync: [squid] Installed but not started. Not installing 'pfearly' rules.
Jul 30 09:15:26 php-fpm 22515 /rc.filter_configure_sync: [squid] Installed but not started. Not installing 'filter' rules.
Jul 30 09:19:47 php-fpm 397 /pkg_edit.php: Session timed out for user 'admin' from: 192.168.16.10 (Local Database)
Jul 30 09:19:49 php-fpm 397 /pkg_edit.php: Successful login for user 'admin' from: 192.168.16.10 (Local Database)
Jul 30 09:20:19 php-fpm 22515 /pkg_edit.php: [squid] Clear disk cache forced via GUI. Clearing cache now...
Jul 30 09:20:19 php-fpm 22515 /pkg_edit.php: [squid] Stopping any running proxy monitors
Jul 30 09:20:21 php-fpm 22515 /pkg_edit.php: [squid] Creating cache dir '/var/squid/cache' ...
Jul 30 09:20:21 php-fpm 22515 /pkg_edit.php: [squid] Creating Squid cache subdirs in /var/squid/cache ...
Jul 30 09:20:25 php-fpm 22515 /pkg_edit.php: [squid] Starting service...
Jul 30 09:20:25 php-fpm 22515 /pkg_edit.php: [squid] Starting a proxy monitor script
Jul 30 09:20:26 check_reload_status Syncing firewall
Jul 30 09:20:26 php-fpm 22515 /pkg_edit.php: [squid] - squid_resync function call pr:1 bp: rpc:no
Jul 30 09:20:28 php-fpm 22515 /pkg_edit.php: [squid] Adding cronjobs ...
Jul 30 09:20:28 php-fpm 22515 /pkg_edit.php: [squid] Antivirus features disabled.
Jul 30 09:20:28 php-fpm 22515 /pkg_edit.php: [squid] Removing freshclam cronjob.
Jul 30 09:20:28 php-fpm 22515 /pkg_edit.php: [squid] Stopping any running proxy monitors
Jul 30 09:20:29 php-fpm 22515 /pkg_edit.php: [squid] Reloading for configuration sync...
Jul 30 09:20:29 php-fpm 22515 /pkg_edit.php: [squid] Starting a proxy monitor script
Jul 30 09:20:30 check_reload_status Reloading filter

What other logs should i check?
Thank you again! :-)

coffeelover

@mdalacu said in SquidGuard Group ACL not working:

Jul 30 01:30:25 kernel (da0:storvsc0:0:0:0): WRITE(6). CDB: 0a 19 d2 28 40 00
Jul 30 01:30:25 kernel (da0:storvsc0:0:0:0): CAM status: SCSI Status Error
Jul 30 01:30:25 kernel (da0:storvsc0:0:0:0): SCSI status: Check Condition
Jul 30 01:30:25 kernel (da0:storvsc0:0:0:0): SCSI sense: UNIT ATTENTION asc:3f,2 (Changed operating definition)
Jul 30 01:30:25 kernel (da0:storvsc0:0:0:0): Retrying command (per sense data)
Jul 30 02:08:03 kernel (da0:storvsc0:0:0:0): WRITE(6). CDB: 0a 07 4f 08 01 00
Jul 30 02:08:03 kernel (da0:storvsc0:0:0:0): CAM status: SCSI Status Error
Jul 30 02:08:03 kernel (da0:storvsc0:0:0:0): SCSI status: Check Condition
Jul 30 02:08:03 kernel (da0:storvsc0:0:0:0): SCSI sense: UNIT ATTENTION asc:3f,2 (Changed operating definition)
Jul 30 02:08:03 kernel (da0:storvsc0:0:0:0): Retrying command (per sense data)

And it works before 9? These scsi errors are from hyper-v snapshots i guess?
Perhaps try to disable these? There is no filesystem error, but i think it is worth a try.

And you should increase the debug level:

debug_options 1,5 6,5 ALL,1

Section 1 is main loop, Section 6 is disk i/o.

mdalacu

Hi coffelover!
Yes you are right, at that time windows backup start. But unfortuantly it is unrelated.
But today i have restarted and cleaned the cache at 8:30 AM from UI to see if it will crash again. At 9:02 it crashed ...:/ CPU was ok, RAM also, disk space 35 GB free...
Could be an user that try to access something that crashes the whole squid? The office hours starts at 9:00 AM here..
Is there any other log that i could look into?
Thanks.

Jul 31 08:42:06 	php-fpm 	28232 	/pkg_edit.php: [squid] Starting a proxy monitor script
Jul 31 08:42:07 	check_reload_status 		Reloading filter
Jul 31 09:02:56 	kernel 		pid 43401 (squid), jid 0, uid 100: exited on signal 6
Jul 31 09:02:57 	kernel 		pid 52412 (squid), jid 0, uid 100: exited on signal 6
Jul 31 09:02:58 	kernel 		pid 55101 (squid), jid 0, uid 100: exited on signal 6
Jul 31 09:02:59 	kernel 		pid 58638 (squid), jid 0, uid 100: exited on signal 6
Jul 31 09:03:00 	kernel 		pid 61188 (squid), jid 0, uid 100: exited on signal 6
Jul 31 09:03:01 	kernel 		pid 63750 (squid), jid 0, uid 100: exited on signal 6
Jul 31 09:03:17 	Squid_Alarm 	68674 	Squid has exited. Reconfiguring filter.
Jul 31 09:03:17 	Squid_Alarm 	68975 	Attempting restart...
Jul 31 09:03:20 	Squid_Alarm 	71372 	Reconfiguring filter...
Jul 31 09:03:20 	check_reload_status 		Reloading filter
Jul 31 09:03:22 	php-fpm 	28232 	/rc.filter_configure_sync: [squid] Installed but not started. Not installing 'nat' rules.
Jul 31 09:03:22 	php-fpm 	28232 	/rc.filter_configure_sync: [squid] Installed but not started. Not installing 'pfearly' rules.
Jul 31 09:03:22 	php-fpm 	28232 	/rc.filter_configure_sync: [squid] Installed but not started. Not installing 'filter' rules.
Jul 31 09:13:27 	php-fpm 	338 	/pkg_edit.php: [squid] Clear disk cache forced via GUI. Clearing cache now...
Jul 31 09:13:27 	php-fpm 	338 	/pkg_edit.php: [squid] Stopping any running proxy monitors
Jul 31 09:13:28 	php-fpm 	338 	/pkg_edit.php: [squid] Creating cache dir '/var/squid/cache' ...
Jul 31 09:13:28 	php-fpm 	338 	/pkg_edit.php: [squid] Creating Squid cache subdirs in /var/squid/cache ...
Jul 31 09:13:31 	php-fpm 	338 	/pkg_edit.php: [squid] Starting service...
Jul 31 09:13:31 	radiusd 	63099 	(109) Login OK: [DSP03] (from client T2600G-52TS_01 port 0 via TLS tunnel)
Jul 31 09:13:31 	radiusd 	63099 	(110) Login OK: [DSP03] (from client T2600G-52TS_01 port 3 cli f4-4d-30-6b-80-ce)
Jul 31 09:13:32 	php-fpm 	338 	/pkg_edit.php: [squid] Starting a proxy monitor script
Jul 31 09:13:33 	check_reload_status 		Syncing firewall
Jul 31 09:13:33 	php-fpm 	338 	/pkg_edit.php: [squid] - squid_resync function call pr:1 bp: rpc:no
Jul 31 09:13:34 	php-fpm 	338 	/pkg_edit.php: [squid] Adding cronjobs ...
Jul 31 09:13:34 	php-fpm 	338 	/pkg_edit.php: [squid] Antivirus features disabled.
Jul 31 09:13:34 	php-fpm 	338 	/pkg_edit.php: [squid] Removing freshclam cronjob.
Jul 31 09:13:34 	php-fpm 	338 	/pkg_edit.php: [squid] Stopping any running proxy monitors
Jul 31 09:13:35 	php-fpm 	338 	/pkg_edit.php: [squid] Reloading for configuration sync...
Jul 31 09:13:35 	php-fpm 	338 	/pkg_edit.php: [squid] Starting a proxy monitor script
Jul 31 09:13:36 	check_reload_status 		Reloading filter
Jul 31 09:15:03 	check_reload_status 		Syncing firewall
Jul 31 09:15:03 	check_reload_status 		Syncing firewall
Jul 31 09:15:11 	check_reload_status 		Syncing firewall
Jul 31 09:15:22 	php-fpm 	28232 	/pkg_edit.php: [squid] - squid_resync function call pr:1 bp: rpc:no
Jul 31 09:15:23 	php-fpm 	28232 	/pkg_edit.php: [squid] Adding cronjobs ...
Jul 31 09:15:23 	php-fpm 	28232 	/pkg_edit.php: [squid] Antivirus features disabled.
Jul 31 09:15:23 	php-fpm 	28232 	/pkg_edit.php: [squid] Removing freshclam cronjob.
Jul 31 09:15:23 	php-fpm 	28232 	/pkg_edit.php: [squid] Stopping any running proxy monitors
Jul 31 09:15:24 	php-fpm 	28232 	/pkg_edit.php: [squid] Reloading for configuration sync...
Jul 31 09:15:24 	php-fpm 	28232 	/pkg_edit.php: [squid] Starting a proxy monitor script
Jul 31 09:15:25 	check_reload_status 		Reloading filter
Jul 31 09:15:27 	radiusd 	63099 	(121) Login OK: [MCV18] (from client T2600G-52TS_01 port 0 via TLS tunnel)
Jul 31 09:15:27 	radiusd 	63099 	(122) Login OK: [MCV18] (from client T2600G-52TS_01 port 14 cli a4-ae-e4-7d-b5-f1)

coffeelover

The debugging logs from squid go to /var/log/squid/cache.log

mdalacu

Hi. I do not have such a file..but:
/var/squid/logs/cache.log

This is the log from the time of crash...and it continuies like this...6000 lines...
Do you see anything importand than the second log line?
Thanks
EDIT: I have problem pasting the log here...it says that contains spam. So i have uplaoded the log as an atachmentsquid.cache.log.txt

2020-07-31 08:46:56 [45559] logfile not allowed in acl other than default
2020/07/31 09:02:56 kid1| assertion failed: http.cc:1533: "!Comm::MonitorsRead(serverConnection->fd)"
2020/07/31 09:02:56 kid1| Starting Squid Cache version 4.10 for amd64-portbld-freebsd11.3...
2020/07/31 09:02:56 kid1| Service Name: squid
2020-07-31 09:02:56 [53246] (squidGuard): can't write to logfile /var/log/squidGuard/squidGuard.log
2020-07-31 09:02:56 [53246] New setting: logdir: /var/squidGuard/log
2020-07-31 09:02:56 [53246] New setting: dbhome: /var/db/squidGuard
2020-07-31 09:02:56 [53246] init domainlist /var/db/squidGuard/blk_blacklists_ads/domains
2020-07-31 09:02:56 [53246] loading dbfile /var/db/squidGuard/blk_blacklists_ads/domains.db
2020-07-31 09:02:56 [53246] init urllist /var/db/squidGuard/blk_blacklists_ads/urls
2020-07-31 09:02:56 [53246] loading dbfile /var/db/squidGuard/blk_blacklists_ads/urls.db

coffeelover

Your permissions for /var/log/squidGuard/squidGuard.log are not correct.

And i would check my generated whitelist file and possibly fix the whitelist entries.

mdalacu

This post is deleted!

mdalacu

@coffeelover
Hi This ar the permission for the file. Are those wrong?

[2.4.5-RELEASE][root@VSPFW.suciupopa.ro]/var/log/squidGuard: ls -ltr
total 1632
-rw-r--r--  1 root  squid  1624971 Aug  3 01:30 squidGuard.log
[2.4.5-RELEASE][root@VSPFW.suciupopa.ro]/var/log/squidGuard:

The whitelists are only modified in the UI...
this is the file:

[2.4.5-RELEASE][root@VSPFW.suciupopa.ro]/var/squid/acl: cat whitelist.acl
microsoft.com
download.microsoft.com
download.windowsupdate.com
update.microsoft.com
dl.delivery.mp.microsoft.com
emdl.ws.microsoft.com
update.microsoft.com.akadns.net
update.microsoft.com.nsatc.net
windowsupdate.com
windowsupdate.microsoft.com
ntservicepack.microsoft.com
wustat.windows.com
facebook.com
decl.anaf.mfinante.gov.ro
anaf.ro[2.4.5-RELEASE][root@VSPFW.suciupopa.ro]/var/squid/acl:

Is there anything wrong? Thx.

coffeelover

The owner / groups needs to be "squid:squid" so squidGuard is able to write to this file.

The whitelist is included as type dstdom_regex, so the entries have to be regular expressions.

So you have at least to escape the dots and add the $ to the line end to match the end of the domain. And to be on safe side, just need to change the entries, that they start either with beginning of line or with a dot. Otherwise an entry like "facebook.com$" matches "badfacebook.com"

I changed your list, removed redundant entries and ordered the remaining by alphabet:

(^|\.)anaf\.ro$
(^|\.)decl\.anaf\.mfinante\.gov\.ro$
(^|\.)facebook\.com$
(^|\.)microsoft\.com$
(^|\.)update\.microsoft\.com\.akadns\.net$
(^|\.)update\.microsoft\.com\.nsatc\.net$
(^|\.)windowsupdate\.com$
(^|\.)wustat\.windows\.com$

mdalacu

@coffeelover Thank you for your time and patience.
I have done the modifications whitelist + changing sguidGuard.log permissions and ownership. I will see in the morning if squid stops crashing.
The whitelist file was functioning properly, for those sites the certificate was not changed with the one from our internal CA.
I will report back!
Have a nice day! :-)

mdalacu

@coffeelover
Hi ..in the morinig..same problem:
For sure it is not a cron job because in WE, when nobody (but me :/ ) is at the office squid does not crash.
I think some user is trying to access a site which crashes squid, but i can find who or what.
Any ideeas?
Thanks again.

Aug 4 07:57:37 	radiusd 	28195 	(48) Login OK: [DSP03] (from client T2600G-52TS_01 port 0 via TLS tunnel)
Aug 4 07:57:37 	radiusd 	28195 	(49) Login OK: [DSP03] (from client T2600G-52TS_01 port 3 cli f4-4d-30-6b-80-ce)
Aug 4 08:41:47 	php-fpm 	338 	/status_logs.php: Session timed out for user 'admin' from: 192.168.16.10 (Local Database)
Aug 4 08:41:50 	php-fpm 	338 	/status_logs.php: Successful login for user 'admin' from: 192.168.16.10 (Local Database)
Aug 4 09:00:36 	kernel 		pid 56671 (squid), jid 0, uid 100: exited on signal 6
Aug 4 09:00:37 	kernel 		pid 84027 (squid), jid 0, uid 100: exited on signal 6
Aug 4 09:00:39 	kernel 		pid 89031 (squid), jid 0, uid 100: exited on signal 6
Aug 4 09:00:40 	kernel 		pid 92708 (squid), jid 0, uid 100: exited on signal 6
Aug 4 09:00:41 	kernel 		pid 95868 (squid), jid 0, uid 100: exited on signal 6
Aug 4 09:00:42 	kernel 		pid 98402 (squid), jid 0, uid 100: exited on signal 6
Aug 4 09:01:31 	Squid_Alarm 	21806 	Squid has exited. Reconfiguring filter.
Aug 4 09:01:31 	Squid_Alarm 	22203 	Attempting restart...
Aug 4 09:01:34 	Squid_Alarm 	24558 	Reconfiguring filter...
Aug 4 09:01:35 	check_reload_status 		Reloading filter
Aug 4 09:01:36 	php-fpm 	339 	/rc.filter_configure_sync: [squid] Installed but not started. Not installing 'nat' rules.
Aug 4 09:01:36 	php-fpm 	339 	/rc.filter_configure_sync: [squid] Installed but not started. Not installing 'pfearly' rules.
Aug 4 09:01:36 	php-fpm 	339 	/rc.filter_configure_sync: [squid] Installed but not started. Not installing 'filter' rules.
Aug 4 09:35:20 	php-fpm 	338 	/pkg_edit.php: [squid] Clear disk cache forced via GUI. Clearing cache now...
Aug 4 09:35:20 	php-fpm 	338 	/pkg_edit.php: [squid] Stopping any running proxy monitors
Aug 4 09:35:21 	php-fpm 	338 	/pkg_edit.php: [squid] Creating cache dir '/var/squid/cache' ...
Aug 4 09:35:21 	php-fpm 	338 	/pkg_edit.php: [squid] Creating Squid cache subdirs in /var/squid/cache ...
Aug 4 09:35:25 	php-fpm 	338 	/pkg_edit.php: [squid] Starting service...
Aug 4 09:35:26 	php-fpm 	338 	/pkg_edit.php: [squid] Starting a proxy monitor script
Aug 4 09:35:27 	check_reload_status 		Syncing firewall
Aug 4 09:35:27 	php-fpm 	338 	/pkg_edit.php: [squid] - squid_resync function call pr:1 bp: rpc:no
Aug 4 09:35:28 	php-fpm 	338 	/pkg_edit.php: [squid] Adding cronjobs ...
Aug 4 09:35:28 	php-fpm 	338 	/pkg_edit.php: [squid] Antivirus features disabled.
Aug 4 09:35:28 	php-fpm 	338 	/pkg_edit.php: [squid] Removing freshclam cronjob.
Aug 4 09:35:28 	php-fpm 	338 	/pkg_edit.php: [squid] Stopping any running proxy monitors
Aug 4 09:35:29 	php-fpm 	338 	/pkg_edit.php: [squid] Reloading for configuration sync...
Aug 4 09:35:29 	php-fpm 	338 	/pkg_edit.php: [squid] Starting a proxy monitor script
Aug 4 09:35:30 	check_reload_status 		Reloading filter 

coffeelover

@coffeelover said in SquidGuard Group ACL not working:

debug_options 1,5 6,5 ALL,1

I think the only option to find the cause is to increase the debug level.

mdalacu

@coffeelover Hi, but in what file should i put the line? Thanks.

coffeelover

You have to put this line in general -> show advanced options -> "Custom Options (Before Auth)"

mdalacu

@coffeelover Thank for this.
I have done it and of course today in the morning, it crashed...
This is the cache.log. In access.log i see nothing special, i have tested all the sites and they do not crash squid..
Maybe you see something useful in the log, i didn't.. :/
Thank you again for your time coffelover :-)

2020/08/10 09:03:47| SendEcho ERROR: sending to ICMPv6 packet to [2a00:1450:4013:c07::bd]: (65) No route to host
2020/08/10 09:05:43| SendEcho ERROR: sending to ICMPv6 packet to [2a00:1450:4013:c08::bd]: (65) No route to host
2020/08/10 09:05:59 kid1| Starting new redirector helpers...
2020/08/10 09:05:59 kid1| helperOpenServers: Starting 4/16 'squidGuard' processes
2020/08/10 09:07:30| SendEcho ERROR: sending to ICMPv6 packet to [2a00:1450:4013:c01::bd]: (65) No route to host
2020/08/10 09:09:31| SendEcho ERROR: sending to ICMPv6 packet to [2a00:1450:4013:c07::bd]: (65) No route to host
2020/08/10 09:09:34| SendEcho ERROR: sending to ICMPv6 packet to [2a00:1450:4013:c00::bd]: (65) No route to host
2020/08/10 09:09:34| SendEcho ERROR: sending to ICMPv6 packet to [2a00:1450:4013:c04::bd]: (65) No route to host
2020/08/10 09:10:45 kid1| Error negotiating SSL connection on FD 51: error:00000001:lib(0):func(0):reason(1) (1/0)
2020/08/10 09:10:47 kid1| Error negotiating SSL connection on FD 48: error:00000001:lib(0):func(0):reason(1) (1/0)
2020/08/10 09:10:49 kid1| Error negotiating SSL connection on FD 48: error:00000001:lib(0):func(0):reason(1) (1/0)
2020/08/10 09:10:52 kid1| Error negotiating SSL connection on FD 69: error:00000001:lib(0):func(0):reason(1) (1/0)
2020/08/10 09:10:56 kid1| Error negotiating SSL connection on FD 153: error:00000001:lib(0):func(0):reason(1) (1/0)
2020/08/10 09:10:58 kid1| Error negotiating SSL connection on FD 167: error:00000001:lib(0):func(0):reason(1) (1/0)
2020/08/10 09:11:45 kid1| assertion failed: http.cc:1533: "!Comm::MonitorsRead(serverConnection->fd)"
2020/08/10 09:11:46 kid1| Current Directory is /usr/local/www
2020/08/10 09:11:46 kid1| Starting Squid Cache version 4.10 for amd64-portbld-freebsd11.3...
2020/08/10 09:11:46 kid1| Service Name: squid
2020/08/10 09:11:46 kid1| Process ID 25066
2020/08/10 09:11:46 kid1| Process Roles: worker
2020/08/10 09:11:46 kid1| With 57276 file descriptors available
2020/08/10 09:11:46 kid1| Initializing IP Cache...
2020/08/10 09:11:46 kid1| DNS Socket created at [::], FD 5
2020/08/10 09:11:46 kid1| DNS Socket created at 0.0.0.0, FD 9
2020/08/10 09:11:46 kid1| Adding nameserver 127.0.0.1 from /etc/resolv.conf
2020/08/10 09:11:46 kid1| Adding nameserver 192.168.16.12 from /etc/resolv.conf
2020/08/10 09:11:46 kid1| Adding nameserver 192.168.16.1 from /etc/resolv.conf
2020/08/10 09:11:46 kid1| Adding domain suciupopa.ro from /etc/resolv.conf
2020/08/10 09:11:46 kid1| helperOpenServers: Starting 5/128 'security_file_certgen' processes
2020/08/10 09:11:46 kid1| helperOpenServers: Starting 8/16 'squidGuard' processes
2020/08/10 09:11:46 kid1| Logfile: opening log /var/squid/logs/access.log
2020/08/10 09:11:46 kid1| WARNING: log name now starts with a module name. Use 'stdio:/var/squid/logs/access.log'
2020/08/10 09:11:46 kid1| Unlinkd pipe opened on FD 42
2020/08/10 09:11:46 kid1| Store logging disabled
2020/08/10 09:11:46 kid1| Swap maxSize 102400 + 65536 KB, estimated 12918 objects
2020/08/10 09:11:46 kid1| Target number of buckets: 645
2020/08/10 09:11:46 kid1| Using 8192 Store buckets
2020/08/10 09:11:46 kid1| Max Mem  size: 65536 KB
2020/08/10 09:11:46 kid1| Max Swap size: 102400 KB
2020/08/10 09:11:46 kid1| Rebuilding storage in /var/squid/cache (clean log)
2020/08/10 09:11:46 kid1| Using Least Load store dir selection
2020/08/10 09:11:46 kid1| Current Directory is /usr/local/www
2020/08/10 09:11:46 kid1| Finished loading MIME types and icons.
2020/08/10 09:11:46 kid1| HTCP Disabled.
2020/08/10 09:11:46 kid1| Pinger socket opened on FD 48
2020/08/10 09:11:46 kid1| NETDB state reloaded; 703 entries, 47 msec
2020/08/10 09:11:46 kid1| Squid plugin modules loaded: 0
2020/08/10 09:11:46 kid1| Adaptation support is off.
2020/08/10 09:11:46 kid1| Accepting SSL bumped HTTP Socket connections at local=192.168.16.22:3128 remote=[::] FD 45 flags=9
2020/08/10 09:11:46 kid1| Accepting HTTP Socket connections at local=127.0.0.1:3128 remote=[::] FD 46 flags=9
2020/08/10 09:11:46 kid1| Done reading /var/squid/cache swaplog (0 entries)
2020/08/10 09:11:46 kid1| Store rebuilding is 0.00% complete
2020/08/10 09:11:46 kid1| Finished rebuilding storage from disk.
2020/08/10 09:11:46 kid1|         0 Entries scanned
2020/08/10 09:11:46 kid1|         0 Invalid entries.
2020/08/10 09:11:46 kid1|         0 With invalid flags.
2020/08/10 09:11:46 kid1|         0 Objects loaded.
2020/08/10 09:11:46 kid1|         0 Objects expired.
2020/08/10 09:11:46 kid1|         0 Objects cancelled.
2020/08/10 09:11:46 kid1|         0 Duplicate URLs purged.
2020/08/10 09:11:46 kid1|         0 Swapfile clashes avoided.
2020/08/10 09:11:46 kid1|   Took 0.07 seconds (  0.00 objects/sec).
2020/08/10 09:11:46 kid1| Beginning Validation Procedure
2020/08/10 09:11:46 kid1|   Completed Validation Procedure
2020/08/10 09:11:46 kid1|   Validated 0 Entries
2020/08/10 09:11:46 kid1|   store_swap_size = 0.00 KB
2020/08/10 09:11:46| pinger: Initialising ICMP pinger ...
2020/08/10 09:11:46| pinger: ICMP socket opened.
2020/08/10 09:11:46| pinger: ICMPv6 socket opened
2020/08/10 09:11:46 kid1| assertion failed: http.cc:1533: "!Comm::MonitorsRead(serverConnection->fd)"
2020/08/10 09:11:47 kid1| Current Directory is /usr/local/www
2020/08/10 09:11:47 kid1| Starting Squid Cache version 4.10 for amd64-portbld-freebsd11.3...
2020/08/10 09:11:47 kid1| Service Name: squid
2020/08/10 09:11:47 kid1| Process ID 27819
2020/08/10 09:11:47 kid1| Process Roles: worker
2020/08/10 09:11:47 kid1| With 57276 file descriptors available
2020/08/10 09:11:47 kid1| Initializing IP Cache...
2020/08/10 09:11:47 kid1| DNS Socket created at [::], FD 5
2020/08/10 09:11:47 kid1| DNS Socket created at 0.0.0.0, FD 9
2020/08/10 09:11:47 kid1| Adding nameserver 127.0.0.1 from /etc/resolv.conf
2020/08/10 09:11:47 kid1| Adding nameserver 192.168.16.12 from /etc/resolv.conf
2020/08/10 09:11:47 kid1| Adding nameserver 192.168.16.1 from /etc/resolv.conf
2020/08/10 09:11:47 kid1| Adding domain suciupopa.ro from /etc/resolv.conf
2020/08/10 09:11:47 kid1| helperOpenServers: Starting 5/128 'security_file_certgen' processes
2020/08/10 09:11:47 kid1| helperOpenServers: Starting 8/16 'squidGuard' processes
2020/08/10 09:11:47 kid1| Logfile: opening log /var/squid/logs/access.log
2020/08/10 09:11:47 kid1| WARNING: log name now starts with a module name. Use 'stdio:/var/squid/logs/access.log'
2020/08/10 09:11:47 kid1| Unlinkd pipe opened on FD 42
2020/08/10 09:11:47 kid1| Store logging disabled
2020/08/10 09:11:47 kid1| Swap maxSize 102400 + 65536 KB, estimated 12918 objects
2020/08/10 09:11:47 kid1| Target number of buckets: 645
2020/08/10 09:11:47 kid1| Using 8192 Store buckets
2020/08/10 09:11:47 kid1| Max Mem  size: 65536 KB
2020/08/10 09:11:47 kid1| Max Swap size: 102400 KB
2020/08/10 09:11:47 kid1| Rebuilding storage in /var/squid/cache (dirty log)
2020/08/10 09:11:47 kid1| Using Least Load store dir selection
2020/08/10 09:11:47 kid1| Current Directory is /usr/local/www
2020/08/10 09:11:47 kid1| Finished loading MIME types and icons.
2020/08/10 09:11:47 kid1| HTCP Disabled.
2020/08/10 09:11:47| pinger: Initialising ICMP pinger ...
2020/08/10 09:11:47| pinger: ICMP socket opened.
2020/08/10 09:11:47| pinger: ICMPv6 socket opened
2020/08/10 09:11:47 kid1| Pinger socket opened on FD 48
2020/08/10 09:11:47 kid1| NETDB state reloaded; 703 entries, 47 msec
2020/08/10 09:11:47 kid1| Squid plugin modules loaded: 0
2020/08/10 09:11:47 kid1| Adaptation support is off.
2020/08/10 09:11:47 kid1| Accepting SSL bumped HTTP Socket connections at local=192.168.16.22:3128 remote=[::] FD 45 flags=9
2020/08/10 09:11:47 kid1| Accepting HTTP Socket connections at local=127.0.0.1:3128 remote=[::] FD 46 flags=9
2020/08/10 09:11:47 kid1| Done reading /var/squid/cache swaplog (0 entries)
2020/08/10 09:11:47 kid1| Store rebuilding is 0.00% complete
2020/08/10 09:11:47 kid1| Finished rebuilding storage from disk.
2020/08/10 09:11:47 kid1|         0 Entries scanned
2020/08/10 09:11:47 kid1|         0 Invalid entries.
2020/08/10 09:11:47 kid1|         0 With invalid flags.
2020/08/10 09:11:47 kid1|         0 Objects loaded.
2020/08/10 09:11:47 kid1|         0 Objects expired.
2020/08/10 09:11:47 kid1|         0 Objects cancelled.
2020/08/10 09:11:47 kid1|         0 Duplicate URLs purged.
2020/08/10 09:11:47 kid1|         0 Swapfile clashes avoided.
2020/08/10 09:11:47 kid1|   Took 0.07 seconds (  0.00 objects/sec).
2020/08/10 09:11:47 kid1| Beginning Validation Procedure
2020/08/10 09:11:47 kid1|   Completed Validation Procedure
2020/08/10 09:11:47 kid1|   Validated 0 Entries
2020/08/10 09:11:47 kid1|   store_swap_size = 0.00 KB
2020/08/10 09:11:48| SendEcho ERROR: sending to ICMPv6 packet to [2a01:111:f100:9001::1761:945a]: (65) No route to host
2020/08/10 09:11:48 kid1| assertion failed: http.cc:1533: "!Comm::MonitorsRead(serverConnection->fd)"
2020/08/10 09:11:48 kid1| Current Directory is /usr/local/www
2020/08/10 09:11:48 kid1| Starting Squid Cache version 4.10 for amd64-portbld-freebsd11.3...
2020/08/10 09:11:48 kid1| Service Name: squid
2020/08/10 09:11:48 kid1| Process ID 31602
2020/08/10 09:11:48 kid1| Process Roles: worker
2020/08/10 09:11:48 kid1| With 57276 file descriptors available
2020/08/10 09:11:48 kid1| Initializing IP Cache...
2020/08/10 09:11:48 kid1| DNS Socket created at [::], FD 5
2020/08/10 09:11:48 kid1| DNS Socket created at 0.0.0.0, FD 9
2020/08/10 09:11:48 kid1| Adding nameserver 127.0.0.1 from /etc/resolv.conf
2020/08/10 09:11:48 kid1| Adding nameserver 192.168.16.12 from /etc/resolv.conf
2020/08/10 09:11:48 kid1| Adding nameserver 192.168.16.1 from /etc/resolv.conf
2020/08/10 09:11:48 kid1| Adding domain suciupopa.ro from /etc/resolv.conf
2020/08/10 09:11:48 kid1| helperOpenServers: Starting 5/128 'security_file_certgen' processes
2020/08/10 09:11:48 kid1| helperOpenServers: Starting 8/16 'squidGuard' processes
2020/08/10 09:11:48 kid1| Logfile: opening log /var/squid/logs/access.log
2020/08/10 09:11:48 kid1| WARNING: log name now starts with a module name. Use 'stdio:/var/squid/logs/access.log'
2020/08/10 09:11:48 kid1| Unlinkd pipe opened on FD 42
2020/08/10 09:11:48 kid1| Store logging disabled
2020/08/10 09:11:48 kid1| Swap maxSize 102400 + 65536 KB, estimated 12918 objects
2020/08/10 09:11:48 kid1| Target number of buckets: 645
2020/08/10 09:11:48 kid1| Using 8192 Store buckets
2020/08/10 09:11:48 kid1| Max Mem  size: 65536 KB
2020/08/10 09:11:48 kid1| Max Swap size: 102400 KB
2020/08/10 09:11:48 kid1| Rebuilding storage in /var/squid/cache (dirty log)
2020/08/10 09:11:48 kid1| Using Least Load store dir selection
2020/08/10 09:11:48 kid1| Current Directory is /usr/local/www
2020/08/10 09:11:48 kid1| Finished loading MIME types and icons.
2020/08/10 09:11:48 kid1| HTCP Disabled.
2020/08/10 09:11:48 kid1| Pinger socket opened on FD 48
2020/08/10 09:11:49| pinger: Initialising ICMP pinger ...
2020/08/10 09:11:49| pinger: ICMP socket opened.
2020/08/10 09:11:49| pinger: ICMPv6 socket opened
2020/08/10 09:11:49 kid1| NETDB state reloaded; 703 entries, 59 msec
2020/08/10 09:11:49 kid1| Squid plugin modules loaded: 0
2020/08/10 09:11:49 kid1| Adaptation support is off.
2020/08/10 09:11:49 kid1| Accepting SSL bumped HTTP Socket connections at local=192.168.16.22:3128 remote=[::] FD 45 flags=9
2020/08/10 09:11:49 kid1| Accepting HTTP Socket connections at local=127.0.0.1:3128 remote=[::] FD 46 flags=9
2020/08/10 09:11:49 kid1| Done reading /var/squid/cache swaplog (0 entries)
2020/08/10 09:11:49 kid1| Store rebuilding is 0.00% complete
2020/08/10 09:11:49 kid1| Finished rebuilding storage from disk.
2020/08/10 09:11:49 kid1|         0 Entries scanned
2020/08/10 09:11:49 kid1|         0 Invalid entries.
2020/08/10 09:11:49 kid1|         0 With invalid flags.
2020/08/10 09:11:49 kid1|         0 Objects loaded.
2020/08/10 09:11:49 kid1|         0 Objects expired.
2020/08/10 09:11:49 kid1|         0 Objects cancelled.
2020/08/10 09:11:49 kid1|         0 Duplicate URLs purged.
2020/08/10 09:11:49 kid1|         0 Swapfile clashes avoided.
2020/08/10 09:11:49 kid1|   Took 0.08 seconds (  0.00 objects/sec).
2020/08/10 09:11:49 kid1| Beginning Validation Procedure
2020/08/10 09:11:49 kid1|   Completed Validation Procedure
2020/08/10 09:11:49 kid1|   Validated 0 Entries
2020/08/10 09:11:49 kid1|   store_swap_size = 0.00 KB
2020/08/10 09:11:49| SendEcho ERROR: sending to ICMPv6 packet to [2a01:111:f100:9001::1761:945a]: (65) No route to host
2020/08/10 09:11:49 kid1| assertion failed: http.cc:1533: "!Comm::MonitorsRead(serverConnection->fd)"
2020/08/10 09:11:49 kid1| Current Directory is /usr/local/www
2020/08/10 09:11:49 kid1| Starting Squid Cache version 4.10 for amd64-portbld-freebsd11.3...
2020/08/10 09:11:49 kid1| Service Name: squid
2020/08/10 09:11:49 kid1| Process ID 39820
2020/08/10 09:11:49 kid1| Process Roles: worker
2020/08/10 09:11:49 kid1| With 57276 file descriptors available
2020/08/10 09:11:49 kid1| Initializing IP Cache...
2020/08/10 09:11:49 kid1| DNS Socket created at [::], FD 5
2020/08/10 09:11:49 kid1| DNS Socket created at 0.0.0.0, FD 9
2020/08/10 09:11:49 kid1| Adding nameserver 127.0.0.1 from /etc/resolv.conf
2020/08/10 09:11:49 kid1| Adding nameserver 192.168.16.12 from /etc/resolv.conf
2020/08/10 09:11:49 kid1| Adding nameserver 192.168.16.1 from /etc/resolv.conf
2020/08/10 09:11:49 kid1| Adding domain suciupopa.ro from /etc/resolv.conf
2020/08/10 09:11:49 kid1| helperOpenServers: Starting 5/128 'security_file_certgen' processes
2020/08/10 09:11:49 kid1| helperOpenServers: Starting 8/16 'squidGuard' processes
2020/08/10 09:11:49 kid1| Logfile: opening log /var/squid/logs/access.log
2020/08/10 09:11:49 kid1| WARNING: log name now starts with a module name. Use 'stdio:/var/squid/logs/access.log'
2020/08/10 09:11:50 kid1| Unlinkd pipe opened on FD 42
2020/08/10 09:11:50 kid1| Store logging disabled
2020/08/10 09:11:50 kid1| Swap maxSize 102400 + 65536 KB, estimated 12918 objects
2020/08/10 09:11:50 kid1| Target number of buckets: 645
2020/08/10 09:11:50 kid1| Using 8192 Store buckets
2020/08/10 09:11:50 kid1| Max Mem  size: 65536 KB
2020/08/10 09:11:50 kid1| Max Swap size: 102400 KB
2020/08/10 09:11:50 kid1| Rebuilding storage in /var/squid/cache (dirty log)
2020/08/10 09:11:50 kid1| Using Least Load store dir selection
2020/08/10 09:11:50 kid1| Current Directory is /usr/local/www
2020/08/10 09:11:50 kid1| Finished loading MIME types and icons.
2020/08/10 09:11:50 kid1| HTCP Disabled.
2020/08/10 09:11:50| pinger: Initialising ICMP pinger ...
2020/08/10 09:11:50| pinger: ICMP socket opened.
2020/08/10 09:11:50| pinger: ICMPv6 socket opened
2020/08/10 09:11:50 kid1| Pinger socket opened on FD 48
2020/08/10 09:11:50 kid1| NETDB state reloaded; 703 entries, 48 msec
2020/08/10 09:11:50 kid1| Squid plugin modules loaded: 0
2020/08/10 09:11:50 kid1| Adaptation support is off.
2020/08/10 09:11:50 kid1| Accepting SSL bumped HTTP Socket connections at local=192.168.16.22:3128 remote=[::] FD 45 flags=9
2020/08/10 09:11:50 kid1| Accepting HTTP Socket connections at local=127.0.0.1:3128 remote=[::] FD 46 flags=9
2020/08/10 09:11:50 kid1| Done reading /var/squid/cache swaplog (0 entries)
2020/08/10 09:11:50 kid1| Store rebuilding is 0.00% complete
2020/08/10 09:11:50 kid1| Finished rebuilding storage from disk.
2020/08/10 09:11:50 kid1|         0 Entries scanned
2020/08/10 09:11:50 kid1|         0 Invalid entries.
2020/08/10 09:11:50 kid1|         0 With invalid flags.
2020/08/10 09:11:50 kid1|         0 Objects loaded.
2020/08/10 09:11:50 kid1|         0 Objects expired.
2020/08/10 09:11:50 kid1|         0 Objects cancelled.
2020/08/10 09:11:50 kid1|         0 Duplicate URLs purged.
2020/08/10 09:11:50 kid1|         0 Swapfile clashes avoided.
2020/08/10 09:11:50 kid1|   Took 0.07 seconds (  0.00 objects/sec).
2020/08/10 09:11:50 kid1| Beginning Validation Procedure
2020/08/10 09:11:50 kid1|   Completed Validation Procedure
2020/08/10 09:11:50 kid1|   Validated 0 Entries
2020/08/10 09:11:50 kid1|   store_swap_size = 0.00 KB
2020/08/10 09:11:50 kid1| assertion failed: http.cc:1533: "!Comm::MonitorsRead(serverConnection->fd)"
2020/08/10 09:11:50 kid1| Current Directory is /usr/local/www
2020/08/10 09:11:50 kid1| Starting Squid Cache version 4.10 for amd64-portbld-freebsd11.3...
2020/08/10 09:11:50 kid1| Service Name: squid
2020/08/10 09:11:50 kid1| Process ID 42924
2020/08/10 09:11:50 kid1| Process Roles: worker
2020/08/10 09:11:50 kid1| With 57276 file descriptors available
2020/08/10 09:11:50 kid1| Initializing IP Cache...
2020/08/10 09:11:50 kid1| DNS Socket created at [::], FD 5
2020/08/10 09:11:50 kid1| DNS Socket created at 0.0.0.0, FD 9
2020/08/10 09:11:50 kid1| Adding nameserver 127.0.0.1 from /etc/resolv.conf
2020/08/10 09:11:50 kid1| Adding nameserver 192.168.16.12 from /etc/resolv.conf
2020/08/10 09:11:50 kid1| Adding nameserver 192.168.16.1 from /etc/resolv.conf
2020/08/10 09:11:50 kid1| Adding domain suciupopa.ro from /etc/resolv.conf
2020/08/10 09:11:50 kid1| helperOpenServers: Starting 5/128 'security_file_certgen' processes
2020/08/10 09:11:50 kid1| helperOpenServers: Starting 8/16 'squidGuard' processes
2020/08/10 09:11:50 kid1| Logfile: opening log /var/squid/logs/access.log
2020/08/10 09:11:50 kid1| WARNING: log name now starts with a module name. Use 'stdio:/var/squid/logs/access.log'
2020/08/10 09:11:51 kid1| Unlinkd pipe opened on FD 42
2020/08/10 09:11:51 kid1| Store logging disabled
2020/08/10 09:11:51 kid1| Swap maxSize 102400 + 65536 KB, estimated 12918 objects
2020/08/10 09:11:51 kid1| Target number of buckets: 645
2020/08/10 09:11:51 kid1| Using 8192 Store buckets
2020/08/10 09:11:51 kid1| Max Mem  size: 65536 KB
2020/08/10 09:11:51 kid1| Max Swap size: 102400 KB
2020/08/10 09:11:51 kid1| Rebuilding storage in /var/squid/cache (dirty log)
2020/08/10 09:11:51 kid1| Using Least Load store dir selection
2020/08/10 09:11:51 kid1| Current Directory is /usr/local/www
2020/08/10 09:11:51 kid1| Finished loading MIME types and icons.
2020/08/10 09:11:51 kid1| HTCP Disabled.
2020/08/10 09:11:51| pinger: Initialising ICMP pinger ...
2020/08/10 09:11:51| pinger: ICMP socket opened.
2020/08/10 09:11:51| pinger: ICMPv6 socket opened
2020/08/10 09:11:51 kid1| Pinger socket opened on FD 48
2020/08/10 09:11:51 kid1| NETDB state reloaded; 703 entries, 47 msec
2020/08/10 09:11:51 kid1| Squid plugin modules loaded: 0
2020/08/10 09:11:51 kid1| Adaptation support is off.
2020/08/10 09:11:51 kid1| Accepting SSL bumped HTTP Socket connections at local=192.168.16.22:3128 remote=[::] FD 45 flags=9
2020/08/10 09:11:51 kid1| Accepting HTTP Socket connections at local=127.0.0.1:3128 remote=[::] FD 46 flags=9
2020/08/10 09:11:51 kid1| Done reading /var/squid/cache swaplog (0 entries)
2020/08/10 09:11:51 kid1| Store rebuilding is 0.00% complete
2020/08/10 09:11:51 kid1| Finished rebuilding storage from disk.
2020/08/10 09:11:51 kid1|         0 Entries scanned
2020/08/10 09:11:51 kid1|         0 Invalid entries.
2020/08/10 09:11:51 kid1|         0 With invalid flags.
2020/08/10 09:11:51 kid1|         0 Objects loaded.
2020/08/10 09:11:51 kid1|         0 Objects expired.
2020/08/10 09:11:51 kid1|         0 Objects cancelled.
2020/08/10 09:11:51 kid1|         0 Duplicate URLs purged.
2020/08/10 09:11:51 kid1|         0 Swapfile clashes avoided.
2020/08/10 09:11:51 kid1|   Took 0.07 seconds (  0.00 objects/sec).
2020/08/10 09:11:51 kid1| Beginning Validation Procedure
2020/08/10 09:11:51 kid1|   Completed Validation Procedure
2020/08/10 09:11:51 kid1|   Validated 0 Entries
2020/08/10 09:11:51 kid1|   store_swap_size = 0.00 KB
2020/08/10 09:11:51 kid1| assertion failed: http.cc:1533: "!Comm::MonitorsRead(serverConnection->fd)"

mdalacu

@coffeelover I have finally found the problem. I have isolated a computer from the internal network which had a "Adobe Creative Cloud" client installed ant put in autostart. Every time that program launched it would crash squid. I was not able (i dodn't have the time) to investigate all that addresses that program was trying to reach. As soon as i uninstalled the program 9'o clock squid crash disappeared!
I so over the internet similar problems with different sites but does did not manifest on my squid version.
The squid crashed befor it could write in log the offending url and only with FW logging was to cumber stone to find out.
Thank you again.