• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

ICAP Protocol Error

Scheduled Pinned Locked Moved Cache/Proxy
9 Posts 8 Posters 4.3k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • E
    eligiable
    last edited by Jul 26, 2017, 7:11 AM

    Hi There
    I'm running pfSense since very long time, and now the subjected issue started since a month.

    I've tried multiple options, but no luck, the following is my configuration:

    pfSense Version 2.3.4-RELEASE-p1
    Intel Core i5 - 3 GHz
    4 GB RAM (and it's not even crossing 50%)
    500 GB HDD

    Squid 0.4.37 with C-ICAP and CalmAV enabled

    • Transparent Proxy (only on HTTP)
    • No Remote Cache

    Kindly help me in this regard.
    Thanx in Advance.

    1 Reply Last reply Reply Quote 0
    • B
      Bismarck
      last edited by Aug 1, 2017, 5:16 AM

      Same problem here, the issue started since a month as well.

      Nothing to find in the logs, it just happens at random times.

      2.3.4-RELEASE-p1 (amd64)
      built on Fri Jul 14 14:52:43 CDT 2017
      FreeBSD 10.3-RELEASE-p19

      Squid Version 3.5.26, ClamAV 0.99.2_3, C-ICAP 0.4.4,2 +  SquidClamav 6.16

      2x Intel(R) Xeon(R) CPU X5570 @ 2.93GHz
      32 GB ECC RAM
      600 GB HDD Raid 10

      Temporary workaround is to set bypass=on, so at least the users don't get annoyed by the "ICAP Protocol Error" message.

      1 Reply Last reply Reply Quote 0
      • C
        CheesePatrol
        last edited by Aug 30, 2017, 4:09 AM

        Same here, randomly happened to me tonight.  Updating SquidAV seemed to have resolved the issue.  From some quick Googling, it looks like a number of people have experienced this issue but there isn't a real solution nor a reason why this occurs.

        1 Reply Last reply Reply Quote 0
        • C
          ccdmas
          last edited by Sep 4, 2017, 9:43 AM

          Here's a "me too".

          However, I can sort of duplicate the problem or pinpoint at least one cause of it. I recently changed the proxy configuration of our email security gateway from our previous proxy to squid on PfSense, and since then the issue happens at least every second day, and apparently when the email gateway updates it's AV definition files via the proxy.

          Interestingly, restarting clamav or ICAP doesn't help solving the issue, the only way to get it up again is to restart squid as a whole.

          1 Reply Last reply Reply Quote 0
          • D
            doktornotor Banned
            last edited by Sep 4, 2017, 10:46 AM

            @ccdmas:

            and apparently when the email gateway updates it's AV definition files via the proxy.

            Ugh. You should NOT download antivirus defs via the proxy with ClamAV in the first place. It will trigger false positives and cause other issues.

            1 Reply Last reply Reply Quote 0
            • C
              ccdmas
              last edited by Sep 4, 2017, 2:51 PM

              Quite seriously: You need to see more of the real world out there. LOading AV defs through a http proxy is absolutely normal every day business everywhere. Are you saying to die until restart is acceptable behaviour? ::)

              1 Reply Last reply Reply Quote 0
              • K
                kuberan
                last edited by Nov 28, 2017, 3:48 PM

                I also have the same issue, where do you turn on ByPass?

                1 Reply Last reply Reply Quote 0
                • L
                  lutel
                  last edited by Jan 31, 2018, 7:40 AM

                  Same issue here, squid at random times can no longer connect to ICAP. Any ideas what could it be?

                  1 Reply Last reply Reply Quote 0
                  • I
                    imp
                    last edited by Jul 24, 2018, 8:15 PM

                    Same here, re-appearing in 2.4.3-RELEASE-p1 on a Netgate SG-3100. Looks to me too high i/o(???)

                    • PFSense installed on 'thrid party' pc hardware works normally.
                    • Restarting ClamAV works for some hours and then protocol errors appear again.
                    • Updating ClamAV once a day lowered to once a week -> no difference
                    • Bypassing will prevent this ICAP protocol error but is not really a solution.

                    Thanks,
                    Imp

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                      This community forum collects and processes your personal information.
                      consent.not_received