Problem with Squid + HTTPS/SSL interception consuming all memory



  • Hi Guys,

    The pfSense of my work is reaching 99% of its memory consumption, at the beginning of the day the memory consumption is 5...6%, the consumption starts to increase during the day, until the half of the day is already at 45...50% and after a few minutes shoot 55...60...70...85...99% in a matter of seconds, if you leave the pfSense collapses and crashes.

    For this problem, the squid is the service that is consuming more memory. I have noticed with the tests that the villain is related with the option "HTTPS/SSL Interception: Enable SSL filtering" + "SSL/MITM Mode: Splice All", I leaved this option disabled for 2 days for testing and the memory consumption was stable between 5...10%.

    One way to avoid the crash is to click "Clear Disk Cache NOW" from the menu Services / Squid Proxy Server / Local Cache / Squid Hard Disk Cache Settings, with that memory consumption returns to its normal.

    I don't know what else to do, i tried several suggestions of cache settings and nothing solves it, also tried to do a new installation of pfSense and did not solve the problem.

    SETTINGS:

    pfSense 2.4.4-RELEASE (amd64)
    squid 0.4.44_6
    squidGuard 1.16.18_1
    Lightsquid 3.0.6_4

    CPU Type:
    Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
    Current: 3000 MHz, Max: 3001 MHz
    4 CPUs: 1 package(s) x 4 core(s)
    AES-NI CPU Crypto: Yes (inactive)

    Memory: 16GB
    Hard Disk: 1TB

    SQUID PROXY SERVER
    Transparent HTTP Proxy: Enable
    HTTPS/SSL Interception: Enable SSL filtering
    SSL/MITM Mode: Splice All

    LOCAL CACHE
    == Squid Cache General Settings ==
    Cache Replacement Policy: Heap LFUDA
    Low-Water Mark in %: 60
    High-Water Mark in %: 65

    == Squid Hard Disk Cache Settings ==
    Hard Disk Cache Size: 100
    Hard Disk Cache System: ufs
    Level 1 Directories: 16
    Minimum Object Size: 0
    Maximum Object Size: 4

    == Squid Memory Cache Settings ==
    Memory Cache Size: 64
    Maximum Object Size in RAM: 256
    Memory Replacement Policy: Heap GDSF

    Can anyone help me, please?



  • same issue, its solved?



  • Unfortunately no, we are thinking of replacing pfSense.
    An interim solution was to install the Cron package and set up to restart the Squid service 5 times during the day:

    /usr/local/etc/rc.d/squid.sh restart



  • i see, im try to disable access.log on webconfig and its helped for decreasing ram for this issue.



  • I disabled the log of Squid and Squidguard by Webconfig and in my case I noticed little difference in memory consumption.



  • I have the same problem as this problem and I have no chance to help



  • @atom1983 lets pray togther 😭