PfSense 2.5 not squid start



  • Good afternoon, someone who could help me, I'm testing version 2.5 of pfsense and in the squid part, I have two problems:
    one.-
    Jul 23, 2019 5:36:32 AM America / Mexico_City] PHP Warning: chown (): No such file or directory in /usr/local/pkg/squid.inc on line 104
    [Jul 23, 2019 5:36:32 AM America / Mexico_City] PHP Warning: chgrp (): No such file or directory in /usr/local/pkg/squid.inc on line 105
    [Jul 23, 2019 5:36:32 AM America / Mexico_City] PHP Warning: opendir (/ var / squid / lib / ssl_db): failed to open dir: No such file or directory in / usr / local / pkg / squid. inc on line 106
    two.-
    This only appears when I enable ssl / filtering, but if I disable it, you cannot filter https pages.

    When pacerecer is an error in the code, how could I solve it or how to report it for follow-up.



  • This is my case. I found that the main problem is libcrypto.so.8 no found.
    Here the mentioned solution in:
    https://www.vuydak.com/threads/pfsense-2-5-squid-https-transparent-sorunu.123/
    After translate, we need either do that:
    Bash:
    cp /usr/local/lib/libcrypto.so.9 /usr/local/lib/libcrypto.so.8

    cp /usr/local/libexec/squid/security_file_certgen /usr/local/libexec/squid/ssl_crtd

    or:

    Bash:
    ln /usr/local/lib/libcrypto.so.9 /usr/local/lib/libcrypto.so.8

    ln /usr/local/libexec/squid/security_file_certgen /usr/local/libexec/squid/ssl_crtd

    However, In my case, I can´t found libcrypto.so.8
    If anyone can help us with, We will be grateful !



  • As I told you, try the solution proposed in:
    https://forum.netgate.com/topic/121316/answered-solved-libssl-so-8-not-found-i-can-t-update-from-2-34p1
    but nevertheless it did not work, and try another possible one, if it were for the lack of the file as it was commented, so install freeBSD in a virtual machine, install the squid and openssl, and I could copy the missing file.
    However it didn't work out, any ideas?



  • If I test the configuration with
    squid -k parse I get this error:
     ERROR: Directive 'sslproxy_capath' is obsolete.
    2019/07/30 14: 48: 58 | sslproxy_capath: Remove this line. Use tls_outgoing_options capath = instead.
    2019/07/30 14: 48: 58 | Processing: sslproxy_options NO_SSLv2, NO_SSLv3, SINGLE_DH_USE, SINGLE_ECDH_USE
    2019/07/30 14: 48: 58 | ERROR: Directive 'sslproxy_options' is obsolete.
    2019/07/30 14: 48: 58 | sslproxy_options: Remove this line. Use tls_outgoing_options options = instead.
    2019/07/30 14: 48: 58 | BUG: Unknown TLS option NO_SSLv2
    2019/07/30 14: 48: 58 | ERROR: Unknown TLS option SINGLE_DH_USE
    2019/07/30 14: 48: 58 | ERROR: Unknown TLS option SINGLE_ECDH_USE
    2019/07/30 14: 48: 58 | Processing: sslproxy_cipher EECDH + ECDSA + AESGCM: EECDH + aRSA + AESGCM: EECDH + ECDSA + SHA384: EECDH + ECDSA + SHA256: EECDH + aRSA + SHA384: EECDH + aRSA + SHA256: EECDH + aRSA + aRSA + aRSA + aRSA + aRSA + aRSA + aRSA + aRSA + aRSA + aRSA + aRSA + aRSA + aRSA + aRSA + aRSA + aRSA + EECRH + aRSA + EECR : HIGH:! RC4:! ANULL:! ENULL:! LOW:! 3DES:! MD5:! EXP:! PSK:! SRP:! DSS
    2019/07/30 14: 48: 58 | ERROR: Directive 'sslproxy_cipher' is obsolete.
    2019/07/30 14: 48: 58 | sslproxy_cipher: Remove this line. Use tls_outgoing_options cipher = instead.

    Someone who has already configured these three parameters that could indicate that it is going


Log in to reply