Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    ICAP Protocol Error

    Scheduled Pinned Locked Moved Cache/Proxy
    9 Posts 8 Posters 4.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      eligiable
      last edited by

      Hi There
      I'm running pfSense since very long time, and now the subjected issue started since a month.

      I've tried multiple options, but no luck, the following is my configuration:

      pfSense Version 2.3.4-RELEASE-p1
      Intel Core i5 - 3 GHz
      4 GB RAM (and it's not even crossing 50%)
      500 GB HDD

      Squid 0.4.37 with C-ICAP and CalmAV enabled

      • Transparent Proxy (only on HTTP)
      • No Remote Cache

      Kindly help me in this regard.
      Thanx in Advance.

      1 Reply Last reply Reply Quote 0
      • BismarckB
        Bismarck
        last edited by

        Same problem here, the issue started since a month as well.

        Nothing to find in the logs, it just happens at random times.

        2.3.4-RELEASE-p1 (amd64)
        built on Fri Jul 14 14:52:43 CDT 2017
        FreeBSD 10.3-RELEASE-p19

        Squid Version 3.5.26, ClamAV 0.99.2_3, C-ICAP 0.4.4,2 +  SquidClamav 6.16

        2x Intel(R) Xeon(R) CPU X5570 @ 2.93GHz
        32 GB ECC RAM
        600 GB HDD Raid 10

        Temporary workaround is to set bypass=on, so at least the users don't get annoyed by the "ICAP Protocol Error" message.

        1 Reply Last reply Reply Quote 0
        • C
          CheesePatrol
          last edited by

          Same here, randomly happened to me tonight.  Updating SquidAV seemed to have resolved the issue.  From some quick Googling, it looks like a number of people have experienced this issue but there isn't a real solution nor a reason why this occurs.

          1 Reply Last reply Reply Quote 0
          • C
            ccdmas
            last edited by

            Here's a "me too".

            However, I can sort of duplicate the problem or pinpoint at least one cause of it. I recently changed the proxy configuration of our email security gateway from our previous proxy to squid on PfSense, and since then the issue happens at least every second day, and apparently when the email gateway updates it's AV definition files via the proxy.

            Interestingly, restarting clamav or ICAP doesn't help solving the issue, the only way to get it up again is to restart squid as a whole.

            1 Reply Last reply Reply Quote 0
            • D
              doktornotor Banned
              last edited by

              @ccdmas:

              and apparently when the email gateway updates it's AV definition files via the proxy.

              Ugh. You should NOT download antivirus defs via the proxy with ClamAV in the first place. It will trigger false positives and cause other issues.

              1 Reply Last reply Reply Quote 0
              • C
                ccdmas
                last edited by

                Quite seriously: You need to see more of the real world out there. LOading AV defs through a http proxy is absolutely normal every day business everywhere. Are you saying to die until restart is acceptable behaviour? ::)

                1 Reply Last reply Reply Quote 0
                • K
                  kuberan
                  last edited by

                  I also have the same issue, where do you turn on ByPass?

                  1 Reply Last reply Reply Quote 0
                  • L
                    lutel
                    last edited by

                    Same issue here, squid at random times can no longer connect to ICAP. Any ideas what could it be?

                    1 Reply Last reply Reply Quote 0
                    • I
                      imp
                      last edited by

                      Same here, re-appearing in 2.4.3-RELEASE-p1 on a Netgate SG-3100. Looks to me too high i/o(???)

                      • PFSense installed on 'thrid party' pc hardware works normally.
                      • Restarting ClamAV works for some hours and then protocol errors appear again.
                      • Updating ClamAV once a day lowered to once a week -> no difference
                      • Bypassing will prevent this ICAP protocol error but is not really a solution.

                      Thanks,
                      Imp

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.