Problem with Squid + HTTPS/SSL interception consuming all memory
alesilvam last edited by alesilvam
The pfSense of my work is reaching 99% of its memory consumption, at the beginning of the day the memory consumption is 5...6%, the consumption starts to increase during the day, until the half of the day is already at 45...50% and after a few minutes shoot 55...60...70...85...99% in a matter of seconds, if you leave the pfSense collapses and crashes.
For this problem, the squid is the service that is consuming more memory. I have noticed with the tests that the villain is related with the option "HTTPS/SSL Interception: Enable SSL filtering" + "SSL/MITM Mode: Splice All", I leaved this option disabled for 2 days for testing and the memory consumption was stable between 5...10%.
One way to avoid the crash is to click "Clear Disk Cache NOW" from the menu Services / Squid Proxy Server / Local Cache / Squid Hard Disk Cache Settings, with that memory consumption returns to its normal.
I don't know what else to do, i tried several suggestions of cache settings and nothing solves it, also tried to do a new installation of pfSense and did not solve the problem.
pfSense 2.4.4-RELEASE (amd64)
Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
Current: 3000 MHz, Max: 3001 MHz
4 CPUs: 1 package(s) x 4 core(s)
AES-NI CPU Crypto: Yes (inactive)
Hard Disk: 1TB
SQUID PROXY SERVER
Transparent HTTP Proxy: Enable
HTTPS/SSL Interception: Enable SSL filtering
SSL/MITM Mode: Splice All
== Squid Cache General Settings ==
Cache Replacement Policy: Heap LFUDA
Low-Water Mark in %: 60
High-Water Mark in %: 65
== Squid Hard Disk Cache Settings ==
Hard Disk Cache Size: 100
Hard Disk Cache System: ufs
Level 1 Directories: 16
Minimum Object Size: 0
Maximum Object Size: 4
== Squid Memory Cache Settings ==
Memory Cache Size: 64
Maximum Object Size in RAM: 256
Memory Replacement Policy: Heap GDSF
Can anyone help me, please?
same issue, its solved?
alesilvam last edited by
Unfortunately no, we are thinking of replacing pfSense.
An interim solution was to install the Cron package and set up to restart the Squid service 5 times during the day:
i see, im try to disable access.log on webconfig and its helped for decreasing ram for this issue.
alesilvam last edited by
I disabled the log of Squid and Squidguard by Webconfig and in my case I noticed little difference in memory consumption.
atom1983 last edited by
I have the same problem as this problem and I have no chance to help
@atom1983 lets pray togther