SquidGuard doesn't start on restart



  • Hi to all,

    i got a strange problem! When i restart the machine squidguard doesn't filter anything! The much stranger thing is that if i click on APPLY and after on SAVE all start to works perfectly.

    I've installed pfsense 1.2.2, my configuration is the following:

    • WebGUI over HTTPS
    • FreeRadius
    • Captive Portal with FreeRadius (configured as client with own shared secret)
    • Squid as Trasparent Proxy
    • SquidGuard with blacklists

    After the configuration all worked perfetcly! After restart … squidguard doesn't filter anymore.

    Looking to squid configuration file doesn't show anything of strange

    
    # Custom options
    redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf
    redirector_bypass on
    redirect_children 3
    
    

    These are the standard redirect options for squidguard

    Looking to processes, using ps, shows that squidguard is correctly started and logs doesn't shows anything.

    The strangest thing is that if i go on squidguard page and press before APPLY and after SAVE all start to work correctly

    Do you have any idea?



  • After a lot of retries i got it working on restart too, but i really didn't understand why it doesn't work on restart

    However i put all not working stuff on a virtual machine (vmware) if someone wants i can do some other test or check logs



  • @daniele_dll:

    After a lot of retries i got it working on restart too, but i really didn't understand why it doesn't work on restart

    However i put all not working stuff on a virtual machine (vmware) if someone wants i can do some other test or check logs

    Possible look /usr/local/etc/squidGuard/squidGuard.conf after restart ?



  • It seems to be correct

    
    # cat /usr/local/etc/squidGuard/squidGuard.conf
    
    
    
    # ============================================================
    # SquidGuard configuration file
    # This file generated automaticly with SquidGuard configurator
    # (C)2006 Serg Dvoriancev
    # email: dv_serg@mail.ru
    # ============================================================
    
    logdir /var/squidGuard/log
    dbhome /var/db/squidGuard
    
    #
    dest blk_blacklists_ads {
            domainlist blk_blacklists_ads/domains
            urllist blk_blacklists_ads/urls
            log block.log
    }
    
    #
    dest blk_blacklists_aggressive {
            domainlist blk_blacklists_aggressive/domains
            urllist blk_blacklists_aggressive/urls
            log block.log
    }
    
    #
    dest blk_blacklists_audio-video {
            domainlist blk_blacklists_audio-video/domains
            urllist blk_blacklists_audio-video/urls
            log block.log
    }
    
    #
    dest blk_blacklists_drugs {
            domainlist blk_blacklists_drugs/domains
            urllist blk_blacklists_drugs/urls
            log block.log
    }
    
    #
    dest blk_blacklists_gambling {
            domainlist blk_blacklists_gambling/domains
            urllist blk_blacklists_gambling/urls
            log block.log
    }
    
    #
    dest blk_blacklists_hacking {
            domainlist blk_blacklists_hacking/domains
            urllist blk_blacklists_hacking/urls
            log block.log
    }
    
    #
    dest blk_blacklists_mail {
            domainlist blk_blacklists_mail/domains
            log block.log
    }
    
    #
    dest blk_blacklists_porn {
            domainlist blk_blacklists_porn/domains
            expressionlist blk_blacklists_porn/expressions
            urllist blk_blacklists_porn/urls
            log block.log
    }
    
    #
    dest blk_blacklists_proxy {
            domainlist blk_blacklists_proxy/domains
            urllist blk_blacklists_proxy/urls
            log block.log
    }
    
    #
    dest blk_blacklists_redirector {
            domainlist blk_blacklists_redirector/domains
            urllist blk_blacklists_redirector/urls
            log block.log
    }
    
    #
    dest blk_blacklists_spyware {
            domainlist blk_blacklists_spyware/domains
            urllist blk_blacklists_spyware/urls
            log block.log
    }
    
    #
    dest blk_blacklists_suspect {
            domainlist blk_blacklists_suspect/domains
            urllist blk_blacklists_suspect/urls
            log block.log
    }
    
    #
    dest blk_blacklists_violence {
            domainlist blk_blacklists_violence/domains
            expressionlist blk_blacklists_violence/expressions
            urllist blk_blacklists_violence/urls
            log block.log
    }
    
    #
    dest blk_blacklists_warez {
            domainlist blk_blacklists_warez/domains
            urllist blk_blacklists_warez/urls
            log block.log
    }
    
    #
    acl  {
            #
            default  {
                    pass !blk_blacklists_ads !blk_blacklists_aggressive !blk_blacklists_audio-video !blk_blacklists_drugs !blk_blacklists_gambling !blk_blacklists_hacking !blk_blacklists_mail !blk_blacklists_porn !blk_blacklists_proxy !blk_blacklists_redirector !blk_blacklists_spyware !blk_blacklists_suspect !blk_blacklists_violence !blk_blacklists_warez all
                    redirect http://10.0.0.254:8000/captiveportal-error.php?url=&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
                    log block.log
            }
    }
    
    


  • Hi, I have this issue too, my configuration - WebGUI over HTTPS



  • @rafael.cardoso:

    Hi, I have this issue too, my configuration - WebGUI over HTTPS

    pfSense 1.2.2 too? I will test this.



  • Same problem without https :\

    The thing i noticed is that there are five instances of squidguard started

    
    [root@gateway /var/log]# ps -A | grep squid
      969  ??  Is     0:00.00 /usr/local/sbin/squid -D
      972  ??  I      0:00.10 (squid) -D (squid)
      979  ??  Is     0:00.01 (squidGuard) -c /usr/local/etc/squidGuard/squidGuard.conf (squidGuard)
      980  ??  Is     0:00.01 (squidGuard) -c /usr/local/etc/squidGuard/squidGuard.conf (squidGuard)
      981  ??  Is     0:00.01 (squidGuard) -c /usr/local/etc/squidGuard/squidGuard.conf (squidGuard)
      982  ??  Is     0:00.01 (squidGuard) -c /usr/local/etc/squidGuard/squidGuard.conf (squidGuard)
      983  ??  Is     0:00.01 (squidGuard) -c /usr/local/etc/squidGuard/squidGuard.conf (squidGuard)
     3782  p0  R+     0:00.00 grep squid
    
    

    Instead of three, as setted in configuration (this is the list of instances after a APPLY/SAVE on SquidGuard interface)

    
    [root@gateway /var/log]# ps -A | grep squid
      969  ??  Is     0:00.00 /usr/local/sbin/squid -D
      972  ??  I      0:00.68 (squid) -D (squid)
     4293  ??  Is     0:00.09 (squidGuard) -c /usr/local/etc/squidGuard/squidGuard.conf (squidGuard)
     4294  ??  Is     0:00.02 (squidGuard) -c /usr/local/etc/squidGuard/squidGuard.conf (squidGuard)
     4295  ??  Is     0:00.01 (squidGuard) -c /usr/local/etc/squidGuard/squidGuard.conf (squidGuard)
     5492  p0  R+     0:00.00 grep squid
    
    

    On another reboot, instead, the correct number of instances is started

    
    [root@gateway ~]# ps -A | grep squid
      963  ??  Is     0:00.00 /usr/local/sbin/squid -D
      965  ??  I      0:00.04 (squid) -D (squid)
      980  ??  Is     0:00.01 (squidGuard) -c /usr/local/etc/squidGuard/squidGuard.conf (squidGuard)
      981  ??  Is     0:00.01 (squidGuard) -c /usr/local/etc/squidGuard/squidGuard.conf (squidGuard)
      983  ??  Is     0:00.01 (squidGuard) -c /usr/local/etc/squidGuard/squidGuard.conf (squidGuard)
     1174  p0  R+     0:00.00 grep squid
    
    

    Log output of squidguard is this

    
    2009-01-23 09:57:59 [980] squidGuard 1.3 started (1232701079.208)
    2009-01-23 09:57:59 [980] squidGuard ready for requests (1232701079.395)
    2009-01-23 09:57:59 [983] squidGuard 1.3 started (1232701079.208)
    2009-01-23 09:57:59 [983] squidGuard ready for requests (1232701079.395)
    2009-01-23 09:57:59 [981] squidGuard 1.3 started (1232701079.208)
    2009-01-23 09:57:59 [981] squidGuard ready for requests (1232701079.395)
    
    

    and it seems to be ok

    This is the log output of squid

    
    2009/01/23 09:56:55| Squid Cache (Version 2.6.STABLE21): Exiting normally.
    2009/01/23 09:57:58| Starting Squid Cache version 2.6.STABLE21 for i386-portbld-freebsd7.0...
    2009/01/23 09:57:58| Process ID 965
    2009/01/23 09:57:58| With 11072 file descriptors available
    2009/01/23 09:57:58| Using kqueue for the IO loop
    2009/01/23 09:57:58| helperOpenServers: Starting 5 'dnsserver' processes
    2009/01/23 09:57:59| helperOpenServers: Starting 3 'squidGuard' processes
    2009/01/23 09:57:59| User-Agent logging is disabled.
    2009/01/23 09:57:59| Referer logging is disabled.
    2009-01-23 09:57:59 [980] (squidGuard): can't write to logfile /var/log/squidGuard.log
    2009-01-23 09:57:59 [983] (squidGuard): can't write to logfile /var/log/squidGuard.log
    2009-01-23 09:57:59 [981] (squidGuard): can't write to logfile /var/log/squidGuard.log
    2009-01-23 09:57:59 [983] New setting: logdir: /var/squidGuard/log
    2009-01-23 09:57:59 [983] New setting: dbhome: /var/db/squidGuard
    2009-01-23 09:57:59 [983] init domainlist /var/db/squidGuard/blk_blacklists_ads/domains
    2009-01-23 09:57:59 [980] New setting: logdir: /var/squidGuard/log
    2009-01-23 09:57:59 [980] New setting: dbhome: /var/db/squidGuard
    2009-01-23 09:57:59 [980] init domainlist /var/db/squidGuard/blk_blacklists_ads/domains
    2009-01-23 09:57:59 [981] New setting: logdir: /var/squidGuard/log
    2009-01-23 09:57:59 [981] New setting: dbhome: /var/db/squidGuard
    2009-01-23 09:57:59 [981] init domainlist /var/db/squidGuard/blk_blacklists_ads/domains
    2009-01-23 09:57:59 [983] loading dbfile /var/db/squidGuard/blk_blacklists_ads/domains.db
    2009-01-23 09:57:59 [980] loading dbfile /var/db/squidGuard/blk_blacklists_ads/domains.db
    2009-01-23 09:57:59 [981] loading dbfile /var/db/squidGuard/blk_blacklists_ads/domains.db
    2009-01-23 09:57:59 [981] init urllist /var/db/squidGuard/blk_blacklists_ads/urls
    2009-01-23 09:57:59 [981] loading dbfile /var/db/squidGuard/blk_blacklists_ads/urls.db
    2009-01-23 09:57:59 [983] init urllist /var/db/squidGuard/blk_blacklists_ads/urls
    2009-01-23 09:57:59 [983] loading dbfile /var/db/squidGuard/blk_blacklists_ads/urls.db
    2009-01-23 09:57:59 [980] init urllist /var/db/squidGuard/blk_blacklists_ads/urls
    2009-01-23 09:57:59 [980] loading dbfile /var/db/squidGuard/blk_blacklists_ads/urls.db
    2009-01-23 09:57:59 [983] init domainlist /var/db/squidGuard/blk_blacklists_aggressive/domains
    2009-01-23 09:57:59 [981] init domainlist /var/db/squidGuard/blk_blacklists_aggressive/domains
    2009-01-23 09:57:59 [980] init domainlist /var/db/squidGuard/blk_blacklists_aggressive/domains
    .
    .
    . a tons of logs about blaclists
    .
    .
    2009-01-23 09:57:59 [980] init urllist /var/db/squidGuard/blk_blacklists_warez/urls
    2009-01-23 09:57:59 [980] loading dbfile /var/db/squidGuard/blk_blacklists_warez/urls.db
    2009-01-23 09:57:59 [981] init urllist /var/db/squidGuard/blk_blacklists_warez/urls
    2009-01-23 09:57:59 [981] loading dbfile /var/db/squidGuard/blk_blacklists_warez/urls.db
    2009-01-23 09:57:59 [983] init urllist /var/db/squidGuard/blk_blacklists_warez/urls
    2009-01-23 09:57:59 [983] loading dbfile /var/db/squidGuard/blk_blacklists_warez/urls.db
    2009/01/23 09:57:59| Unlinkd pipe opened on FD 18
    2009/01/23 09:57:59| Swap maxSize 33554432 + 524288 KB, estimated 0 objects
    2009/01/23 09:57:59| Target number of buckets: 131072
    2009/01/23 09:57:59| Using 131072 Store buckets
    2009/01/23 09:57:59| Max Mem  size: 524288 KB
    2009/01/23 09:57:59| Max Swap size: 33554432 KB
    2009/01/23 09:57:59| Store logging disabled
    2009/01/23 09:57:59| Rebuilding storage in /var/squid/cache (CLEAN)
    2009/01/23 09:57:59| Using Least Load store dir selection
    2009/01/23 09:57:59| Current Directory is /tmp
    2009/01/23 09:57:59| Loaded Icons.
    2009/01/23 09:57:59| Accepting proxy HTTP connections at 192.168.0.74, port 8080, FD 21.
    2009/01/23 09:57:59| Accepting transparently proxied HTTP connections at 127.0.0.1, port 80, FD 22.
    2009/01/23 09:57:59| Accepting HTCP messages on port 4827, FD 23.
    2009/01/23 09:57:59| WCCP Disabled.
    2009/01/23 09:57:59| Pinger socket opened on FD 25
    2009/01/23 09:57:59| NETDB state reloaded; 26 entries, 10 msec
    2009/01/23 09:57:59| Configuring Parent localhost/8081/0
    2009/01/23 09:57:59| Ready to serve requests.
    2009/01/23 09:57:59| Done reading /var/squid/cache swaplog (755 entries)
    2009/01/23 09:57:59| Finished rebuilding storage from disk.
    2009/01/23 09:57:59|       755 Entries scanned
    2009/01/23 09:57:59|         0 Invalid entries.
    2009/01/23 09:57:59|         0 With invalid flags.
    2009/01/23 09:57:59|       755 Objects loaded.
    2009/01/23 09:57:59|         0 Objects expired.
    2009/01/23 09:57:59|         0 Objects cancelled.
    2009/01/23 09:57:59|         0 Duplicate URLs purged.
    2009/01/23 09:57:59|         0 Swapfile clashes avoided.
    2009/01/23 09:57:59|   Took 0.8 seconds ( 991.6 objects/sec).
    2009/01/23 09:57:59| Beginning Validation Procedure
    2009/01/23 09:57:59|   Completed Validation Procedure
    2009/01/23 09:57:59|   Validated 755 Entries
    2009/01/23 09:57:59|   store_swap_size = 4274k
    2009/01/23 09:58:00| storeLateRelease: released 0 objects
    
    

    note:

    2009/01/23 09:57:59| Configuring Parent localhost/8081/0

    refer to the HAVP setted as cache parent … squid is configured to never do direct requestes



  • just to advise that i downgraded all the stuff to pfSense 1.2.0 (using freebsd 6.2) and all works perfectly



  • i discovered the problem!!!

    Trasparent proxying doesn't start :)

    After some tests i noticed that pages weren't filtered by the machine, it seems to me working because i used it, in these days, directly as proxy and effectively it works. If i set it as trasparent proxy and i set my gateway as needed pages doesn't get filtered!


Locked