ICAP protocol error.



  • Hello everyone,
    I am experimenting, since I've updated to pfsense 2.4.4, an error on the antivirus as this:
    ICAP protocol error
    It happens randomly, and obviously, all websites are unreachable.
    After a few tens of seconds, the problem disappears and everything starts working again.
    My squid configuration is quite unusual because i like to have big cache:
    Hard Disk Cache Size: 20480
    Hard Disk Cache System: aufs
    Maximum Object Size: 2048
    Memory Cache Size: 8192
    Maximum Object Size in RAM: 8192
    Memory Replacement Policy: Heap GDSF

    Someone has some suggestion where to investigate for a solution ?
    Thanks.



  • I really don't see the logic in having a large disk cache and a large memory cache.
    What ssl directive have you selected?
    What ICAP error?
    What hardware?



  • Hi Impatient, thanks for your answer, here more informations:

    1. just because i have memory and disk space to do so, and then i wanted to use it in order to save bandwidth, above all when windows and macos updates are available.
    2. ssl filtering is set as MITM Mode: Splice All; Compatibility mode: Modern; DHParams Key: 2048; Remote Cert Checks and Certificate Adap: all unselected.
    3. error: ICAP protocol error .... nothing else. When the error occours and i take a look on services windows, all antivirus and icap services looks turned down.
    4. hardware: pc custom: motherboard SuperMicro x10sdv-tp9f; Cpu: Xeon D-1518 2.2 ghz 4c/8th; Ram 32gb DDR4; disk: 2 ssd Trascend TS64SSD360S (64gb) as zfs raidz1; 6 nic 1gb copper; 2 nic 10g fiber;

    Anyway, from a week i decrease a couple of values, and i am testing squid memory cache size: 1024 and Maximum Object Size in ram: 512., and looks to work, because the error is not occured yet.
    I will keep you informed if continues to remain stable.
    Thanks.



  • From my understanding memory cache amount is the minimum squid will use for cache plus you also have to allow for antivirus scan's, in transit object's, etc.
    For instance on my home network I use 1024mb and 256kb and when I check System Activity squid is using 2646mb. and Clam is using another 948mb.plus you have to provide memory for any other package's you install and the firewall itself.