Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    2.3.1 - No outbound HTTP after upgrade

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    12 Posts 6 Posters 2.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      spittlbm
      last edited by

      Just upgraded 2.2.6 to 2.3.1.

      Everything else works, except I cannot get to HTTP from the LAN (to outside).

      I can:
      –Ping internally
      --Ping extenally
      --Resolve DNS
      --VPN works
      --Load HTTPS websites (ie this site)
      --Incoming/outgoing email works (Gmail and local email server)

      I've checked:
      --No LAN GW
      --Outbound NAT is automatic
      --Rebooted
      --#1 LAN rule is ANY ANY ANY (source, destination, port)

      Packages installed:
      Cron
      pfBlockerNG
      Service_Watchdog
      Snort
      Squid

      What am I missing?

      1 Reply Last reply Reply Quote 0
      • H
        Harvy66
        last edited by

        My guess is snort or squid, probably squid. I'm only replying because others have not yet. When they do, they can help more, but I can at least give a direction.

        1 Reply Last reply Reply Quote 0
        • mudmanc4M
          mudmanc4
          last edited by

          Upload the config file you saved as a backup just before updating the main OS and go from there.

          1 Reply Last reply Reply Quote 0
          • N
            nottyboy
            last edited by

            I think I have the same issue, I only have lightsquid, squid, squidguard installed, after upgraded from 2.1 to 2.3, after starting squid, all traffic will be diverted to https, those website do not have https are not accesible, I have to stop the squid for now.  :'(

            1 Reply Last reply Reply Quote 0
            • S
              spittlbm
              last edited by

              So I uploaded my backup config and everything righted itself until today.

              I updated snort to _13 and updated to 2.3.1_1 and we're back down.

              Restored my 2.2.6 config and rebooted.  Everything is smooth until the packages finish loading and it's back to no HTTP outbound (HTTPS, ICMP, etc work fine).

              With 2.3.1 and 2.3.1_1, squid is 'stopped' on reboot

              Brian

              1 Reply Last reply Reply Quote 0
              • S
                spittlbm
                last edited by

                Just checked and Squid was stopped again.

                Reinstalled Squid and things appear OK for a couple minutes.

                HTTP back down.  I check and Squid is stopped.  Clearly a Squid issue.

                Uninstalled Squid, Reinstalled, service is up and down.

                Did a cd /var/squid and chown -R squid cache/ and service is back up (without me hitting start).

                1 Reply Last reply Reply Quote 0
                • A
                  Amuzed2pieces
                  last edited by

                  I have a similar issue… and also had squid running before upgrade.  Going through my logs I found the pfSense is re-translating many Ipv4 outgoing requests as Ipv6, and not Ipv4.  Additionally, any "allow all" rule is not being obeyed, I must singularly allow each device and port to access each web IP and port.  Only those websites that can respond or fix Ipv6 requests seem to be working.

                  1 Reply Last reply Reply Quote 0
                  • A
                    Amuzed2pieces
                    last edited by

                    @spittlbm:

                    Just checked and Squid was stopped again.

                    Reinstalled Squid and things appear OK for a couple minutes.

                    HTTP back down.  I check and Squid is stopped.  Clearly a Squid issue.

                    Uninstalled Squid, Reinstalled, service is up and down.

                    Did a cd /var/squid and chown -R squid cache/ and service is back up (without me hitting start).

                    Did your HTTP access improve after changing permissions on Squid?  or is it still up and down.

                    1 Reply Last reply Reply Quote 0
                    • N
                      nottyboy
                      last edited by

                      I think chown on cache solved my issue!

                      @spittlbm:

                      Just checked and Squid was stopped again.

                      Reinstalled Squid and things appear OK for a couple minutes.

                      HTTP back down.  I check and Squid is stopped.  Clearly a Squid issue.

                      Uninstalled Squid, Reinstalled, service is up and down.

                      Did a cd /var/squid and chown -R squid cache/ and service is back up (without me hitting start).

                      1 Reply Last reply Reply Quote 0
                      • B
                        baggar11
                        last edited by

                        Squid has given me problems on 2 of my upgrades since v2.1. I usually stop the service, if not stopped already, console/ssh on and delete the whole squid cache directory. Then reinstall squid. Usually fixes the issue while retaining my settings.

                        1 Reply Last reply Reply Quote 0
                        • A
                          Amuzed2pieces
                          last edited by

                          I reverted back last night to 2.2.6, but will try changing permissions, deleting squid cache and reinstalling squid in the next few weeks.

                          1 Reply Last reply Reply Quote 0
                          • S
                            spittlbm
                            last edited by

                            Update: We've been good all day today.  So for me, deleting squid, reinstalling, chown worked.

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.