Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    2.3.1-RELEASE-p5 ПРоблемы с squid

    Scheduled Pinned Locked Moved Russian
    15 Posts 4 Posters 2.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ?
      A Former User
      last edited by

      Здравствуйте,
      После обновления с 2.0.1 сквид перестал стартовать. Пробовал переустановить, ничего не дало.
      При применении настроек сквида, идет долгое ожидание и потом говорит что соединение разорвано и страница недоступна.

      1 Reply Last reply Reply Quote 0
      • werterW
        werter
        last edited by

        Доброе.
        Что пишет в логах при установке, запуске и тд ? Почистите хвосты от сквида сперва и после только устанавливайте.

        1 Reply Last reply Reply Quote 0
        • ?
          A Former User
          last edited by

          @werter:

          Доброе.
          Что пишет в логах при установке, запуске и тд ? Почистите хвосты от сквида сперва и после только устанавливайте.

          Подскажите как почистить.

          1 Reply Last reply Reply Quote 0
          • werterW
            werter
            last edited by

            Что пишет в логах при установке, запуске и тд ?

            1 Reply Last reply Reply Quote 0
            • ?
              A Former User
              last edited by

              Вобщем пробовал ставить отдельно squid, он ругается на отсутствие squidguard. Поставил squidguard и вот что при установке и в логах

              >>> Installing pfSense-pkg-squid... 
              Updating pfSense-core repository catalogue...
              pfSense-core repository is up-to-date.
              Updating pfSense repository catalogue...
              pfSense repository is up-to-date.
              All repositories are up-to-date.
              Checking integrity... done (0 conflicting)
              The following 15 package(s) will be affected (of 0 checked):
              
              New packages to be INSTALLED:
              	pfSense-pkg-squid: 0.4.18 [pfSense]
              	squid_radius_auth: 1.10 [pfSense]
              	squid: 3.5.19 [pfSense]
              	krb5: 1.14.1 [pfSense]
              	pkgconf: 0.9.12_1 [pfSense]
              	cyrus-sasl: 2.1.26_12 [pfSense]
              	squidclamav: 6.14 [pfSense]
              	c-icap: 0.4.2,2 [pfSense]
              	c-icap-modules: 0.4.2_1 [pfSense]
              	clamav: 0.99.1 [pfSense]
              	unzoo: 4.4_2 [pfSense]
              	arc: 5.21p [pfSense]
              	lha: 1.14i_6 [pfSense]
              	arj: 3.10.22_4 [pfSense]
              	json-c: 0.12_2 [pfSense]
              
              The process will require 26 MiB more space.
              [1/15] Installing pkgconf-0.9.12_1...
              [1/15] Extracting pkgconf-0.9.12_1: ....... done
              [2/15] Installing unzoo-4.4_2...
              [2/15] Extracting unzoo-4.4_2: .. done
              [3/15] Installing arc-5.21p...
              [3/15] Extracting arc-5.21p: ...... done
              [4/15] Installing lha-1.14i_6...
              [4/15] Extracting lha-1.14i_6: .. done
              [5/15] Installing arj-3.10.22_4...
              [5/15] Extracting arj-3.10.22_4: .......... done
              [6/15] Installing json-c-0.12_2...
              [6/15] Extracting json-c-0.12_2: .......... done
              [7/15] Installing krb5-1.14.1...
              [7/15] Extracting krb5-1.14.1: .......... done
              [8/15] Installing cyrus-sasl-2.1.26_12...
              *** Updated user `cyrus'.
              [8/15] Extracting cyrus-sasl-2.1.26_12: .......... done
              [9/15] Installing c-icap-0.4.2,2...
              ===> Creating users and/or groups.
              Using existing group 'c_icap'.
              Using existing user 'c_icap'.
              [9/15] Extracting c-icap-0.4.2,2: .......... done
              [10/15] Installing clamav-0.99.1...
              ===> Creating users and/or groups.
              Using existing group 'clamav'.
              Using existing group 'mail'.
              Using existing user 'clamav'.
              [10/15] Extracting clamav-0.99.1: .......... done
              [11/15] Installing squid_radius_auth-1.10...
              [11/15] Extracting squid_radius_auth-1.10: .... done
              [12/15] Installing squid-3.5.19...
              ===> Creating users and/or groups.
              Using existing group 'squid'.
              Using existing user 'squid'.
              ===> Pre-installation configuration for squid-3.5.19
              [12/15] Extracting squid-3.5.19: .......... done
              [13/15] Installing squidclamav-6.14...
              [13/15] Extracting squidclamav-6.14: .......... done
              [14/15] Installing c-icap-modules-0.4.2_1...
              [14/15] Extracting c-icap-modules-0.4.2_1: .......... done
              [15/15] Installing pfSense-pkg-squid-0.4.18...
              [15/15] Extracting pfSense-pkg-squid-0.4.18: .......... done
              Saving updated package information...
              done.
              Loading package configuration... done.
              Configuring package components...
              Loading package instructions...
              Custom commands...
              Executing custom_php_install_command()...done.
              Executing custom_php_resync_config_command()...done.
              Menu items... done.
              Services... done.
              Writing configuration... done.
              Message from cyrus-sasl-2.1.26_12:
              You can use sasldb2 for authentication, to add users use:
              
              	saslpasswd2 -c username
              
              If you want to enable SMTP AUTH with the system Sendmail, read
              Sendmail.README
              
              NOTE: This port has been compiled with a default pwcheck_method of
                    auxprop.  If you want to authenticate your user by /etc/passwd,
                    PAM or LDAP, install ports/security/cyrus-sasl2-saslauthd and
                    set sasl_pwcheck_method to saslauthd after installing the
                    Cyrus-IMAPd 2.X port.  You should also check the
                    /usr/local/lib/sasl2/*.conf files for the correct
                    pwcheck_method.
                    If you want to use GSSAPI mechanism, install
                    ports/security/cyrus-sasl2-gssapi.
                    If you want to use SRP mechanism, install
                    ports/security/cyrus-sasl2-srp.
                    If you want to use LDAP auxprop plugin, install
                    ports/security/cyrus-sasl2-ldapdb.
              Message from squid-3.5.19:
              o You can find the configuration files for this package in the
                     directory /usr/local/etc/squid.
              
                   o The default cache directory is /var/squid/cache/.
                     The default log directory is /var/log/squid/.
              
                     Note:
                     You must initialize new cache directories before you can start
                     squid.  Do this by running "squid -z" as 'root' or 'squid'.
                     If your cache directories are already initialized (e.g. after an
                     upgrade of squid) you do not need to initialize them again.
              
                   o When using DiskD storage scheme remember to read documentation:
                       http://wiki.squid-cache.org/Features/DiskDaemon
                     and alter your kern.ipc defaults in /boot/loader.conf. DiskD will not
                     work reliably without this. Last recomendations were:
              
                       kern.ipc.msgmnb=8192
                       kern.ipc.msgssz=64
                       kern.ipc.msgtql=2048
              
                   o The default configuration will deny everyone but the local host and
                     local networks as defined in RFC 1918 for IPv4 and RFCs 4193 and
                     4291 for IPv6 access to the proxy service.  Edit the "http_access
                     allow/deny" directives in /usr/local/etc/squid/squid.conf
                     to suit your needs.
              
                   o If AUTH_SQL option is set, please, don't forget to install one of
                     following perl modules depending on database you like:
                       databases/p5-DBD-mysql
                       databases/p5-DBD-Pg
                       databases/p5-DBD-SQLite
              
                   To enable Squid, set squid_enable=yes in either
                   /etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/squid
                   Please see /usr/local/etc/rc.d/squid for further details.
              
                   Note:
                   If you just updated your Squid installation from an earlier version,
                   make sure to check your Squid configuration against the 3.4 default
                   configuration file /usr/local/etc/squid/squid.conf.sample.
              
                   /usr/local/etc/squid/squid.conf.documented is a fully annotated
                   configuration file you can consult for further reference.
              
                   Additionally, you should check your configuration by calling
                   'squid -f /path/to/squid.conf -k parse' before starting Squid.
              Message from pfSense-pkg-squid-0.4.18:
              Please visit Services - Squid Proxy Server menu to configure the package and enable the proxy.
              >>> Cleaning up cache... done.
              Success
              

              В логах (отобрано по метке squid):

              Jul 4 07:59:14 	php-fpm 	79040 	/pkg_edit.php: [squid] - squid_resync function call pr:1 bp: rpc:no
              Jul 4 07:59:17 	php-fpm 	79040 	/pkg_edit.php: [squid] Adding cronjobs ...
              Jul 4 07:59:17 	php-fpm 	79040 	/pkg_edit.php: Checked cron job for /usr/local/sbin/squid -k rotate -f /usr/local/etc/squid/squid.conf, no change needed
              Jul 4 07:59:17 	php-fpm 	79040 	/pkg_edit.php: [squid] Antivirus features disabled.
              Jul 4 07:59:17 	php-fpm 	79040 	/pkg_edit.php: [squid] Removing freshclam cronjob.
              Jul 4 07:59:17 	php-fpm 	79040 	/pkg_edit.php: [squid] Stopping any running proxy monitors
              Jul 4 07:59:18 	php-fpm 	79040 	/pkg_edit.php: [squid] Reloading for configuration sync...
              Jul 4 07:59:19 	php-fpm 	79040 	/pkg_edit.php: The command '/usr/local/sbin/squid -k reconfigure -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
              Jul 4 07:59:19 	php-fpm 	79040 	/pkg_edit.php: [squid] Starting a proxy monitor script
              Jul 4 07:59:20 	internetservermal.medteh-com 		nginx: 2016/07/04 07:59:20 [crit] 31003#0: *2592 SSL_write() failed (SSL:) (1: Operation not permitted) while sending to client, client: 172.20.20.51, server: , request: "POST /pkg_edit.php?xml=squid.xml&id=0 HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.socket", host: "172.20.20.10:441", referrer: "https://172.20.20.10:441/pkg_edit.php?xml=squid.xml&id=0"
              Jul 4 08:00:05 	php-fpm 	67178 	/pkg_edit.php: [squid] - squid_resync function call pr: bp: rpc:no
              Jul 4 08:00:08 	php-fpm 	67178 	/pkg_edit.php: [squid] Adding cronjobs ...
              Jul 4 08:00:08 	php-fpm 	67178 	/pkg_edit.php: Checked cron job for /usr/local/sbin/squid -k rotate -f /usr/local/etc/squid/squid.conf, no change needed
              Jul 4 08:00:08 	php-fpm 	67178 	/pkg_edit.php: [squid] Antivirus features disabled.
              Jul 4 08:00:08 	php-fpm 	67178 	/pkg_edit.php: [squid] Removing freshclam cronjob.
              Jul 4 08:00:08 	php-fpm 	67178 	/pkg_edit.php: [squid] Stopping any running proxy monitors
              Jul 4 08:00:09 	php-fpm 	67178 	/pkg_edit.php: [squid] Starting service...
              Jul 4 08:00:09 	php-fpm 	67178 	/pkg_edit.php: [squid] Starting a proxy monitor script
              Jul 4 08:00:11 	php-fpm 	67178 	/pkg_edit.php: [squid] - squid_resync function call pr:1 bp: rpc:no
              Jul 4 08:00:14 	php-fpm 	67178 	/pkg_edit.php: [squid] Adding cronjobs ...
              Jul 4 08:00:14 	php-fpm 	67178 	/pkg_edit.php: Checked cron job for /usr/local/sbin/squid -k rotate -f /usr/local/etc/squid/squid.conf, no change needed
              Jul 4 08:00:14 	php-fpm 	67178 	/pkg_edit.php: [squid] Antivirus features disabled.
              Jul 4 08:00:14 	php-fpm 	67178 	/pkg_edit.php: [squid] Removing freshclam cronjob.
              Jul 4 08:00:14 	php-fpm 	67178 	/pkg_edit.php: [squid] Stopping any running proxy monitors
              Jul 4 08:00:15 	php-fpm 	67178 	/pkg_edit.php: [squid] Reloading for configuration sync...
              Jul 4 08:00:15 	php-fpm 	67178 	/pkg_edit.php: The command '/usr/local/sbin/squid -k reconfigure -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
              Jul 4 08:00:15 	php-fpm 	67178 	/pkg_edit.php: [squid] Starting a proxy monitor script
              Jul 4 08:00:16 	internetservermal.medteh-com 		nginx: 2016/07/04 08:00:16 [crit] 31003#0: *2594 SSL_write() failed (SSL:) (1: Operation not permitted) while sending to client, client: 172.20.20.51, server: , request: "POST /pkg_edit.php?xml=squid.xml&id=0 HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.socket", host: "172.20.20.10:441", referrer: "https://172.20.20.10:441/pkg_edit.php?xml=squid.xml&id=0"
              Jul 4 08:00:25 	php-fpm 	80340 	/pkg_edit.php: [squid] - squid_resync function call pr: bp: rpc:no
              Jul 4 08:00:28 	php-fpm 	80340 	/pkg_edit.php: [squid] Adding cronjobs ...
              Jul 4 08:00:28 	php-fpm 	80340 	/pkg_edit.php: Checked cron job for /usr/local/sbin/squid -k rotate -f /usr/local/etc/squid/squid.conf, no change needed
              Jul 4 08:00:28 	php-fpm 	80340 	/pkg_edit.php: [squid] Antivirus features disabled.
              Jul 4 08:00:28 	php-fpm 	80340 	/pkg_edit.php: [squid] Removing freshclam cronjob.
              Jul 4 08:00:28 	php-fpm 	80340 	/pkg_edit.php: [squid] Stopping any running proxy monitors
              Jul 4 08:00:29 	php-fpm 	80340 	/pkg_edit.php: [squid] Starting service...
              Jul 4 08:00:29 	php-fpm 	80340 	/pkg_edit.php: [squid] Starting a proxy monitor script
              Jul 4 08:00:31 	php-fpm 	80340 	/pkg_edit.php: [squid] - squid_resync function call pr:1 bp: rpc:no
              Jul 4 08:00:34 	php-fpm 	80340 	/pkg_edit.php: [squid] Adding cronjobs ...
              Jul 4 08:00:34 	php-fpm 	80340 	/pkg_edit.php: Checked cron job for /usr/local/sbin/squid -k rotate -f /usr/local/etc/squid/squid.conf, no change needed
              Jul 4 08:00:34 	php-fpm 	80340 	/pkg_edit.php: [squid] Antivirus features disabled.
              Jul 4 08:00:34 	php-fpm 	80340 	/pkg_edit.php: [squid] Removing freshclam cronjob.
              Jul 4 08:00:34 	php-fpm 	80340 	/pkg_edit.php: [squid] Stopping any running proxy monitors
              Jul 4 08:00:35 	php-fpm 	80340 	/pkg_edit.php: [squid] Reloading for configuration sync...
              Jul 4 08:00:35 	php-fpm 	80340 	/pkg_edit.php: The command '/usr/local/sbin/squid -k reconfigure -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
              Jul 4 08:00:35 	php-fpm 	80340 	/pkg_edit.php: [squid] Starting a proxy monitor script
              Jul 4 08:00:36 	internetservermal.medteh-com 		nginx: 2016/07/04 08:00:36 [crit] 30904#0: *2600 SSL_write() failed (SSL:) (1: Operation not permitted) while sending to client, client: 172.20.20.51, server: , request: "POST /pkg_edit.php?xml=squid.xml&id=0 HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.socket", host: "172.20.20.10:441", referrer: "https://172.20.20.10:441/pkg_edit.php?xml=squid.xml&id=0"
              Jul 4 08:01:36 	Squid_Alarm 	95052 	Squid has exited. Reconfiguring filter.
              Jul 4 08:01:39 	Squid_Alarm 	882 	Squid has resumed. Reconfiguring filter.
              Jul 4 08:02:35 	Squid_Alarm 	40723 	Squid has exited. Reconfiguring filter.
              Jul 4 08:02:39 	Squid_Alarm 	62899 	Squid has resumed. Reconfiguring filter. 
              

              Это в additional config squid:

              redirect_children 3;redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf;redirector_bypass off;url_rewrite_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf;url_rewrite_bypass off;url_rewrite_children 16 startup=8 idle=4 concurrency=0
              

              Спасибо огромное за помощь.

              1 Reply Last reply Reply Quote 0
              • werterW
                werter
                last edited by

                Что выдает  squid -f /path/to/squid.conf -k parse ?

                P.s. Еще команда была, что-то типа squid -z . Чистила кеш вроде (?)

                1 Reply Last reply Reply Quote 0
                • ?
                  A Former User
                  last edited by

                  @werter:

                  Что выдает  squid -f /path/to/squid.conf -k parse ?

                  P.s. Еще команда была, что-то типа squid -z . Чистила кеш вроде (?)

                  Извеняйте за невежество, команды вводить непосредственно в консоли напрямую?

                  1 Reply Last reply Reply Quote 0
                  • P
                    pigbrother
                    last edited by

                    Можно через SSH, предварительно его разрешив.
                    Клиент SSH - putty, например.

                    1 Reply Last reply Reply Quote 0
                    • ?
                      A Former User
                      last edited by

                      вобщем перепробовал все.
                      Результаты такие:
                      при вводе команды
                      /root: squid -f /usr/local/etc/squid/squid.conf -k parse

                      
                      2016/07/14 16:27:21| Startup: Initializing Authentication Schemes ...
                      2016/07/14 16:27:21| Startup: Initialized Authentication Scheme 'basic'
                      2016/07/14 16:27:21| Startup: Initialized Authentication Scheme 'digest'
                      2016/07/14 16:27:21| Startup: Initialized Authentication Scheme 'negotiate'
                      2016/07/14 16:27:21| Startup: Initialized Authentication Scheme 'ntlm'
                      2016/07/14 16:27:21| Startup: Initialized Authentication.
                      2016/07/14 16:27:21| Processing Configuration File: /usr/local/etc/squid/squid.conf (depth 0)
                      2016/07/14 16:27:21| Processing: http_port 172.20.20.10:3128
                      2016/07/14 16:27:21| Processing: http_port 10.0.8.1:3128
                      2016/07/14 16:27:21| Processing: http_port 127.0.0.1:3128 intercept
                      2016/07/14 16:27:21| Starting Authentication on port 127.0.0.1:3128
                      2016/07/14 16:27:21| Disabling Authentication on port 127.0.0.1:3128 (interception enabled)
                      2016/07/14 16:27:21| Processing: icp_port 0
                      2016/07/14 16:27:21| Processing: dns_v4_first off
                      2016/07/14 16:27:21| Processing: pid_filename /var/run/squid/squid.pid
                      2016/07/14 16:27:21| Processing: cache_effective_user squid
                      2016/07/14 16:27:21| Processing: cache_effective_group proxy
                      2016/07/14 16:27:21| Processing: error_default_language af
                      2016/07/14 16:27:21| Processing: icon_directory /usr/local/etc/squid/icons
                      2016/07/14 16:27:21| Processing: visible_hostname InternetServer
                      2016/07/14 16:27:21| Processing: cache_mgr admin@localhost
                      2016/07/14 16:27:21| Processing: access_log /var/squid/logs/access.log
                      2016/07/14 16:27:21| Processing: cache_log /var/squid/logs/cache.log
                      2016/07/14 16:27:21| Processing: cache_store_log none
                      2016/07/14 16:27:21| Processing: netdb_filename /var/squid/logs/netdb.state
                      2016/07/14 16:27:21| Processing: pinger_enable on
                      2016/07/14 16:27:21| Processing: pinger_program /usr/local/libexec/squid/pinger
                      2016/07/14 16:27:21| Processing: logfile_rotate 0
                      2016/07/14 16:27:21| Processing: debug_options rotate=0
                      2016/07/14 16:27:21| Processing: shutdown_lifetime 3 seconds
                      2016/07/14 16:27:21| Processing: acl localnet src  172.20.20.0/24 10.0.8.1/32
                      2016/07/14 16:27:21| Processing: forwarded_for on
                      2016/07/14 16:27:21| Processing: httpd_suppress_version_string on
                      2016/07/14 16:27:21| Processing: uri_whitespace strip
                      2016/07/14 16:27:21| Processing: acl dynamic urlpath_regex cgi-bin \?
                      2016/07/14 16:27:21| Processing: cache deny dynamic
                      2016/07/14 16:27:21| Processing: cache_mem 64 MB
                      2016/07/14 16:27:21| Processing: maximum_object_size_in_memory 256 KB
                      2016/07/14 16:27:21| Processing: memory_replacement_policy heap GDSF
                      2016/07/14 16:27:21| Processing: cache_replacement_policy heap LFUDA
                      2016/07/14 16:27:21| Processing: minimum_object_size 0 KB
                      2016/07/14 16:27:21| Processing: maximum_object_size 4 MB
                      2016/07/14 16:27:21| Processing: cache_dir ufs /var/squid/cache 100 16 256
                      2016/07/14 16:27:21| Processing: offline_mode off
                      2016/07/14 16:27:21| Processing: cache_swap_low 90
                      2016/07/14 16:27:21| Processing: cache_swap_high 95
                      2016/07/14 16:27:21| Processing: cache allow all
                      2016/07/14 16:27:21| Processing: refresh_pattern ^ftp:    1440  20%  10080
                      2016/07/14 16:27:21| Processing: refresh_pattern ^gopher:  1440  0%  1440
                      2016/07/14 16:27:21| Processing: refresh_pattern -i (/cgi-bin/|\?) 0  0%  0
                      2016/07/14 16:27:21| Processing: refresh_pattern .    0  20%  4320
                      2016/07/14 16:27:21| Processing: acl allsrc src all
                      2016/07/14 16:27:21| Processing: acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 441 3128 3129 1025-65535
                      2016/07/14 16:27:21| Processing: acl sslports port 443 563 441
                      2016/07/14 16:27:21| Processing: acl purge method PURGE
                      2016/07/14 16:27:21| Processing: acl connect method CONNECT
                      2016/07/14 16:27:21| Processing: acl HTTP proto HTTP
                      2016/07/14 16:27:21| Processing: acl HTTPS proto HTTPS
                      2016/07/14 16:27:21| Processing: acl allowed_subnets src 192.168.1.0/24 192.168.2.0/24 192.168.3.0/24
                      2016/07/14 16:27:21| Processing: http_access allow manager localhost
                      2016/07/14 16:27:21| Processing: http_access deny manager
                      2016/07/14 16:27:21| Processing: http_access allow purge localhost
                      2016/07/14 16:27:21| Processing: http_access deny purge
                      2016/07/14 16:27:21| Processing: http_access deny !safeports
                      2016/07/14 16:27:21| Processing: http_access deny CONNECT !sslports
                      2016/07/14 16:27:21| Processing: quick_abort_min 0 KB
                      2016/07/14 16:27:21| Processing: quick_abort_max 0 KB
                      2016/07/14 16:27:21| Processing: request_body_max_size 0 KB
                      2016/07/14 16:27:21| Processing: delay_pools 1
                      2016/07/14 16:27:21| Processing: delay_class 1 2
                      2016/07/14 16:27:21| Processing: delay_parameters 1 -1/-1 -1/-1
                      2016/07/14 16:27:21| Processing: delay_initial_bucket_level 100
                      2016/07/14 16:27:21| Processing: delay_access 1 allow allsrc
                      2016/07/14 16:27:21| Processing: http_access allow allowed_subnets
                      2016/07/14 16:27:21| Processing: http_access allow localnet
                      2016/07/14 16:27:21| Processing: http_access deny allsrc
                      2016/07/14 16:27:21| Initializing https proxy context
                      
                      

                      Команда squid -z дает

                      /root: 2016/07/14 16:27:44 kid1| Creating missing swap directories
                      

                      И потом так и висит…если нажать на enter появляется строка ожидания команды...

                      при сохранении стандартных настроек долго ждет и потом
                      Ошибка при установлении защищённого соединения

                      Во время загрузки страницы соединение с сервером было сброшено.

                      Страница, которую вы пытаетесь просмотреть, не может быть отображена, так как достоверность полученных данных не может быть проверена.
                          Пожалуйста, свяжитесь с владельцами веб-сайта и проинформируйте их об этой проблеме.

                      ПРичем если галочка об активации squid снята, то служба летает. Как только галочку поставить и нажать сохранить, получим ошибку выше, НО нажав назад в браузере и обновиви страницу, галочка остается, но служба постоянно падает. Я вот думаю может реинициализировать конфиг?

                      Второе, раньше в сквиде в Integrations были параметры, сейчас их нет
                      SquidGuard пускаться НЕ хочет.

                      В логах
                      nginx: 2016/07/14 16:56:26 [crit] 35624#0: *76 SSL_write() failed (SSL:) (1: Operation not permitted) while sending to client, client: 172.20.20.51, server: , request: "POST /pkg_edit.php?xml=squid.xml&id=0 HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.socket", host: "172.20.20.10:441", referrer: "https://172.20.20.10:441/pkg_edit.php?xml=squid.xml&id=0"

                      1 Reply Last reply Reply Quote 0
                      • werterW
                        werter
                        last edited by

                        Доброе.
                        У вас настроек много на пф ? Вы бы давно уже с нуля 2.3.х подняли и руками бы все перенесли.

                        1 Reply Last reply Reply Quote 0
                        • ?
                          A Former User
                          last edited by

                          Хотелось бы по научному решить вопрос.
                          Как зайти в конфиг через SSH? Там есть параметр "не стирать конфигурацию при переустановке" Я вот думаю сменить его прям в конфиге и инициализировать. А потом удалить. Чтобы конфигурация старая стерлась.

                          1 Reply Last reply Reply Quote 0
                          • P
                            pigbrother
                            last edited by

                            Пару раз наступал на грабли в 2.0.х-2.2.х - после выполнения Reset to factory defaults в меню консоли в системе оставались огрызки старого конфига.

                            1 Reply Last reply Reply Quote 0
                            • ?
                              A Former User
                              last edited by

                              То есть рекомендации спецов, переставить с нуля?

                              1 Reply Last reply Reply Quote 0
                              • P
                                pigbrother
                                last edited by

                                Если позволяет время - поэкспериментируйте.
                                Если настроек не много - чистая установка предпочтительнее.

                                1 Reply Last reply Reply Quote 0
                                • N
                                  NiXeon
                                  last edited by

                                  Столкнулся с той же ерундой. Решил так:

                                  Удалил пакет squid. При этом squidGuard вроде можно не трогать.
                                  Удалил папку squid из директории /var:
                                  cd /var
                                  rm -rf squid

                                  Установил пакет Squid.

                                  UPD.: думаю, что удалять и снова устанавливать кальмара не обязательно, достаточно выполнить все что ниже.

                                  Открыл в веб-интерфейсе файл Diagnostics -> Edit File:  /usr/local/etc/squid/squid.conf и добавил туда строчки:

                                  squidGuard

                                  url_rewrite_program /usr/local/bin/squidGuard -c /usr/local/etc/squid/squidGuard.conf
                                  url_rewrite_children 5

                                  Затем выполнил команды:
                                  squidGuard -d -C all
                                  chown -R squid:squid /var/db/squidGuard
                                  /usr/local/sbin/squid -k reconfigure

                                  Все. Вручную проверил в веб-интерфейсе, чтобы были запущены сервисы squid и squidGuard, и, естественно, стояли галочки на их запуск.

                                  Информация взята из http://jnotes.ru/squid-content-filter.html а так же лога во время установки пакета squidGuard (прежде чем решил проблему, много раз переустанавливал кальмарочные пакеты разными способами).

                                  Но это при условии, что сохранилась предыдущая конфигурация прокси со всеми настройками для вашей сети. В противном случае нужно будет снова настроить с самого начала прокси. Как это сделать можно посмотреть по ссылке, которую дал чуть выше.

                                  1 Reply Last reply Reply Quote 0
                                  • First post
                                    Last post
                                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.