23.01 Squid issue

hugoeyng

@stephenw10 Yes. A clean installation of squidGuard will fail showing the same errors.

stephenw10

Is that with those patches applied still?

I can't replicate this. It installs fine in 23.01 on a test box here:

>>> Installing pfSense-pkg-squidGuard... 
Updating pfSense-core repository catalogue...
pfSense-core repository is up to date.
Updating pfSense repository catalogue...
pfSense repository is up to date.
All repositories are up to date.
The following 16 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	arc: 5.21p [pfSense]
	arj: 3.10.22_9 [pfSense]
	brotli: 1.0.9,1 [pfSense]
	c-icap: 0.5.10,2 [pfSense]
	c-icap-modules: 0.5.5 [pfSense]
	clamav: 0.105.1_1,1 [pfSense]
	db5: 5.3.28_8 [pfSense]
	krb5: 1.20 [pfSense]
	libmspack: 0.10.1 [pfSense]
	pfSense-pkg-squid: 0.4.45_10 [pfSense]
	pfSense-pkg-squidGuard: 1.16.18_20 [pfSense]
	squid: 5.7 [pfSense]
	squidGuard: 1.4_15 [pfSense]
	squid_radius_auth: 1.10 [pfSense]
	squidclamav: 7.2 [pfSense]
	unzoo: 4.4_2 [pfSense]

Number of packages to be installed: 16

The process will require 47 MiB more space.
10 MiB to be downloaded.
[1/16] Fetching libmspack-0.10.1.pkg: .......... done
[2/16] Fetching pfSense-pkg-squidGuard-1.16.18_20.pkg: ...... done
[3/16] Fetching krb5-1.20.pkg: .......... done
[4/16] Fetching db5-5.3.28_8.pkg: .......... done
[5/16] Fetching squidGuard-1.4_15.pkg: ...... done
[6/16] Fetching squidclamav-7.2.pkg: .......... done
[7/16] Fetching clamav-0.105.1_1,1.pkg: .......... done
[8/16] Fetching arj-3.10.22_9.pkg: .......... done
[9/16] Fetching arc-5.21p.pkg: ..... done
[10/16] Fetching c-icap-0.5.10,2.pkg: .......... done
[11/16] Fetching brotli-1.0.9,1.pkg: .......... done
[12/16] Fetching squid_radius_auth-1.10.pkg: .. done
[13/16] Fetching c-icap-modules-0.5.5.pkg: .......... done
[14/16] Fetching pfSense-pkg-squid-0.4.45_10.pkg: ......... done
[15/16] Fetching squid-5.7.pkg: .......... done
[16/16] Fetching unzoo-4.4_2.pkg: ... done
Checking integrity... done (0 conflicting)
[1/16] Installing libmspack-0.10.1...
[1/16] Extracting libmspack-0.10.1: ......... done
[2/16] Installing arj-3.10.22_9...
[2/16] Extracting arj-3.10.22_9: .......... done
[3/16] Installing arc-5.21p...
[3/16] Extracting arc-5.21p: ...... done
[4/16] Installing brotli-1.0.9,1...
[4/16] Extracting brotli-1.0.9,1: .......... done
[5/16] Installing unzoo-4.4_2...
[5/16] Extracting unzoo-4.4_2: ..... done
[6/16] Installing krb5-1.20...
[6/16] Extracting krb5-1.20: .......... done
[7/16] Installing clamav-0.105.1_1,1...
===> Creating groups.
Creating group 'clamav' with gid '106'.
Using existing group 'mail'.
===> Creating users
Creating user 'clamav' with uid '106'.
Adding user 'clamav' to group 'mail'.
[7/16] Extracting clamav-0.105.1_1,1: .......... done
[8/16] Installing c-icap-0.5.10,2...
===> Creating groups.
Creating group 'c_icap' with gid '959'.
===> Creating users
Creating user 'c_icap' with uid '959'.
[8/16] Extracting c-icap-0.5.10,2: .......... done
[9/16] Installing db5-5.3.28_8...
[9/16] Extracting db5-5.3.28_8: .......... done
[10/16] Installing squidclamav-7.2...
[10/16] Extracting squidclamav-7.2: .......... done
[11/16] Installing squid_radius_auth-1.10...
[11/16] Extracting squid_radius_auth-1.10: .... done
[12/16] Installing c-icap-modules-0.5.5...
[12/16] Extracting c-icap-modules-0.5.5: .......... done
[13/16] Installing squid-5.7...
===> Creating groups.
Creating group 'squid' with gid '100'.
===> Creating users
Creating user 'squid' with uid '100'.
===> Creating homedir(s)
===> Pre-installation configuration for squid-5.7
[13/16] Extracting squid-5.7: .......... done
[14/16] Installing squidGuard-1.4_15...
[14/16] Extracting squidGuard-1.4_15: ...... done
[15/16] Installing pfSense-pkg-squid-0.4.45_10...
[15/16] Extracting pfSense-pkg-squid-0.4.45_10: .......... done
Saving updated package information...
done.
Loading package configuration... done.
Configuring package components...
Loading package instructions...
Custom commands...
Executing custom_php_install_command()...done.
Executing custom_php_resync_config_command()...done.
Menu items... done.
Services... done.
Writing configuration... done.
[16/16] Installing pfSense-pkg-squidGuard-1.16.18_20...
[16/16] Extracting pfSense-pkg-squidGuard-1.16.18_20: .......... done
Saving updated package information...
done.
Loading package configuration... done.
Configuring package components...
Loading package instructions...
Custom commands...
Executing custom_php_install_command()...done.
Executing custom_php_resync_config_command()...done.
Menu items... done.
Services... done.
Writing configuration... done.
Please visit Services - SquidGuard Proxy Filter - Target Categories and set up at least one category there before enabling SquidGuard. See https://docs.netgate.com/pfsense/en/latest/packages/cache-proxy/squidguard.html for details.=====
Message from db5-5.3.28_8:

--
===>   NOTICE:

The db5 port currently does not have a maintainer. As a result, it is
more likely to have unresolved issues, not be up-to-date, or even be removed in
the future. To volunteer to maintain this port, please create an issue at:

https://bugs.freebsd.org/bugzilla

More information about port maintainership is available at:

https://docs.freebsd.org/en/articles/contributing/#ports-contributing
--
===>   NOTICE:

This port is deprecated; you may wish to reconsider installing it:

EOLd, potential security issues, maybe use db18 instead.

It is scheduled to be removed on or after 2022-06-30.
=====
Message from squid_radius_auth-1.10:

--
===>   NOTICE:

The squid_radius_auth port currently does not have a maintainer. As a result, it is
more likely to have unresolved issues, not be up-to-date, or even be removed in
the future. To volunteer to maintain this port, please create an issue at:

https://bugs.freebsd.org/bugzilla

More information about port maintainership is available at:

https://docs.freebsd.org/en/articles/contributing/#ports-contributing
=====
Message from squid-5.7:

--
o You can find the configuration files for this package in the
       directory /usr/local/etc/squid.

     o The default cache directory is /var/squid/cache/.
       The default log directory is /var/log/squid/.

       Note:
       You must initialize new cache directories before you can start
       squid.  Do this by running "squid -z" as 'root' or 'squid'.
       If your cache directories are already initialized (e.g. after an
       upgrade of squid) you do not need to initialize them again.

     o When using DiskD storage scheme remember to read documentation:
         http://wiki.squid-cache.org/Features/DiskDaemon
       and alter your kern.ipc defaults in /boot/loader.conf. DiskD will not
       work reliably without this. Last recomendations were:

         kern.ipc.msgmnb=8192
         kern.ipc.msgssz=64
         kern.ipc.msgtql=2048

     o The default configuration will deny everyone but the local host and
       local networks as defined in RFC 1918 for IPv4 and RFCs 4193 and
       4291 for IPv6 access to the proxy service.  Edit the "http_access
       allow/deny" directives in /usr/local/etc/squid/squid.conf
       to suit your needs.

     o If AUTH_SQL option is set, please, don't forget to install one of
       following perl modules depending on database you like:
         databases/p5-DBD-mysql
         databases/p5-DBD-Pg
         databases/p5-DBD-SQLite

     To enable Squid, set squid_enable=yes in either
     /etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/squid
     Please see /usr/local/etc/rc.d/squid for further details.

     Note:
     If you just updated your Squid installation from an earlier version,
     make sure to check your Squid configuration against the 3.4 default
     configuration file /usr/local/etc/squid/squid.conf.sample.

     /usr/local/etc/squid/squid.conf.documented is a fully annotated
     configuration file you can consult for further reference.

     Additionally, you should check your configuration by calling
     'squid -f /path/to/squid.conf -k parse' before starting Squid.
=====
Message from squidGuard-1.4_15:

--
In order to activate squidGuard you have to edit squid.conf
 To the contain "url_rewrite_program /usr/local/bin/squidGuard"
 and create a configuration file for squidGuard.

 Sample blacklists have been installed in /usr/local/share/examples/squidGuard.

 A sample configuration file has beeen installed in
 /usr/local/etc/squid/squidGuard.conf.sample.

 You need to edit the configuration and compile the blacklist
 you choose to use with:
 squidGuard -d -C all

 Please bear in mind that this is just a sample configuration file
 and for any real world usage you need to download or create your
 own updated blacklists and create your own configuration file.

 Check documentation here:

 http://www.squidguard.org/Doc/

 To activate the changes do a /usr/local/sbin/squid -k reconfigure
=====
Message from pfSense-pkg-squid-0.4.45_10:

--
Please visit Services - Squid Proxy Server menu to configure the package and enable the proxy.
=====
Message from pfSense-pkg-squidGuard-1.16.18_20:

--
Please visit Services - SquidGuard Proxy Filter - Target Categories and set up at least one category there before enabling SquidGuard. See https://docs.netgate.com/pfsense/en/latest/packages/cache-proxy/squidguard.html for details.
>>> Cleaning up cache... done.
Success

hugoeyng

@stephenw10 @stephenw10 I upgraded from 22.05 to 23.01.

22.05 was working fine.

After upgrading Squid was running e squidGuard was not.

SquidGuard was appearing in "installed packages" but not in the menu options and neither in the services runnig, and a notification about the mentioned error started to be shown.

I applied the patch and the error has gone. But squidGuard did no appear in the menu options and neither in services running.

I removed squidGuard package and reinstalled. The error was back and squidGuard appears in the installed packages but not in the menu options and neither in services running.

Then I applied the patch and the error has gone, but squidGuard did not appears in the menu options and neither in the services running.

And so on, as many times as I can uninstall and reinstall.

The way I can see to solve this issue is the suidguard.conf to be corrected in the installion package.

The error in the squidguard.conf occurs because a ")" is not present in a line of the code.

stephenw10

@hugoeyng said in 23.01 Squid issue:

The error in the squidguard.conf occurs because a ")" is not present in a line of the code.

I'm not sure where you're seeing that. It looks like the errors you're seeing are in the squidguard pkg install script. It fails before it's able to add the menu and service items.
It doesn't fail on a clean install to 23.01 that never had squidguard so it pretty much has to be something in your existing config that's tripping it up. To be clear this is a bug. It should handle existing squidguard config.

If you remove the existing squidguard entris fromn your config file it will probably install fine.

What squidguard values do you have in the config? My test box basic config does not hit this:

		<squidguardgeneral>
			<config>
				<squidguard_enable>on</squidguard_enable>
				<ldap_enable></ldap_enable>
				<ldapbinddn></ldapbinddn>
				<ldapbindpass></ldapbindpass>
				<ldapcachetime>0</ldapcachetime>
				<stripntdomain></stripntdomain>
				<striprealm></striprealm>
				<ldapversion>3</ldapversion>
				<rewrite_children>16</rewrite_children>
				<rewrite_children_startup>8</rewrite_children_startup>
				<rewrite_children_idle>4</rewrite_children_idle>
				<enable_guilog>on</enable_guilog>
				<enable_log>on</enable_log>
				<log_rotation>on</log_rotation>
				<adv_blankimg>on</adv_blankimg>
				<blacklist></blacklist>
				<blacklist_proxy></blacklist_proxy>
				<blacklist_url></blacklist_url>
			</config>
		</squidguardgeneral>

hugoeyng

@stephenw10 /usr/local/pkg/squidguard.xml

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
<copyright>
<![CDATA[
/*

squidguard.xml
part of pfSense (https://www.pfsense.org)
Copyright (c) 2015-2023 Rubicon Communications, LLC (Netgate)
Copyright (C) 2006-2013 Sergey Dvoriancev dv_serg@mail.ru
All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
]]>
</copyright>
<name>squidguardgeneral</name>
<title>Proxy filter SquidGuard: General settings</title>
<include_file>/usr/local/pkg/squidguard.inc</include_file>

<menu>
<name>SquidGuard Proxy Filter</name>
<tooltiptext>Modify the proxy server's filter settings</tooltiptext>
<section>Services</section>
<url>/pkg_edit.php?xml=squidguard.xml&id=0</url>
</menu>
<tabs>
<tab>
<text>General settings</text>
<url>/pkg_edit.php?xml=squidguard.xml&id=0</url>
<active/>
</tab>
<tab>
<text>Common ACL</text>
<url>/pkg_edit.php?xml=squidguard_default.xml&id=0</url>
</tab>
<tab>
<text>Groups ACL</text>
<url>/pkg.php?xml=squidguard_acl.xml</url>
</tab>
<tab>
<text>Target categories</text>
<url>/pkg.php?xml=squidguard_dest.xml</url>
</tab>
<tab>
<text>Times</text>
<url>/pkg.php?xml=squidguard_time.xml</url>
</tab>
<tab>
<text>Rewrites</text>
<url>/pkg.php?xml=squidguard_rewr.xml</url>
</tab>
<tab>
<text>Blacklist</text>
<url>/squidGuard/squidguard_blacklist.php</url>
</tab>
<tab>
<text>Log</text>
<url>/squidGuard/squidguard_log.php</url>
</tab>
<tab>
<text>XMLRPC Sync</text>
<url>/pkg_edit.php?xml=squidguard_sync.xml</url>
</tab>
</tabs>
<service>
<name>squidGuard</name>
<description><![CDATA[Proxy server filter Service]]></description>
<executable>squidGuard</executable>
<starts_on_sync></starts_on_sync>
</service>
<fields>
<field>
<fielddescr>Enable</fielddescr>
<fieldname>squidguard_enable</fieldname>
<description>Check this option to enable squidGuard.</description>
<sethelp>
<![CDATA[
<strong><span class="errmsg">Important: </span></strong>Please set up at least one category on the 'Target Categories' tab before enabling.
See <a href="https://docs.netgate.com/pfsense/en/latest/packages/cache-proxy/squidguard.html">this link for details</a>.
]]>
</sethelp>
<type>checkbox</type>
</field>
<field>
<name>LDAP Options</name>
<type>listtopic</type>
</field>
<field>
<fielddescr>Enable LDAP Filter</fielddescr>
<fieldname>ldap_enable</fieldname>
<description><![CDATA[Enable options for setup ldap connection to create filters with ldap search]]></description>
<type>checkbox</type>
<enablefields>ldapbinddn,ldapbindpass,stripntdomain,striprealm,ldapversion</enablefields>
</field>
<field>
<fielddescr>LDAP DN</fielddescr>
<fieldname>ldapbinddn</fieldname>
<description><![CDATA[Configure your LDAP DN (ex: cn=Administrator,cn=Users,dc=domain)]]></description>
<type>input</type>
<size>60</size>
</field>
<field>
<fielddescr>LDAP DN Password</fielddescr>
<fieldname>ldapbindpass</fieldname>
<description><![CDATA[Password must be initialize with letters (Ex: Change123), valid format: [a-zA-Z/][a-zA-Z0-9/_-./:%+?=&]]]></description>
<type>password</type>
</field>
<field>
<fielddescr>LDAP Cache Time</fielddescr>
<fieldname>ldapcachetime</fieldname>
<description><![CDATA[Number of seconds to cache LDAP Results (recommended value: 300)]]></description>
<default_value>0</default_value>
<type>input</type>
</field>
<field>
<fielddescr>Strip NT domain name</fielddescr>
<fieldname>stripntdomain</fieldname>
<description><![CDATA[Strip NT domain name component from user names (/ or \ separated).]]></description>
<type>checkbox</type>
<default_value>on</default_value>
</field>
<field>
<fielddescr>Strip Kerberos Realm</fielddescr>
<fieldname>striprealm</fieldname>
<description><![CDATA[Strip Kerberos Realm component from user names (@ separated).]]></description>
<type>checkbox</type>
<default_value>on</default_value>
</field>
<field>
<fielddescr>LDAP Version</fielddescr>
<fieldname>ldapversion</fieldname>
<type>select</type>
<default_value>3</default_value>
<options>
<option>
<name>Version 2</name>
<value>2</value>
</option>
<option>
<name>Version 3</name>
<value>3</value>
</option>
</options>
</field>
<field>
<name>Service options</name>
<type>listtopic</type>
</field>
<field>
<fielddescr>Rewrite process children</fielddescr>
<fieldname>rewrite_children</fieldname>
<description>Maximum number of SquidGuard redirector processes that Squid may spawn. Using too few of these helper processes (a.k.a. "helpers") creates request queues. Using too many helpers wastes your system resources. (Default: 16)</description>
<default_value>16</default_value>
<type>input</type>
</field>
<field>
<fielddescr>Rewrite process children startup</fielddescr>
<fieldname>rewrite_children_startup</fieldname>
<description>Sets a minimum of how many SquidGuard processes are to be spawned when Squid starts or reconfigures. (Default: 8)</description>
<default_value>8</default_value>
<type>input</type>
</field>
<field>
<fielddescr>Rewrite process children idle</fielddescr>
<fieldname>rewrite_children_idle</fieldname>
<description>Sets a minimum of how many SquidGuard processes Squid is to try and keep available at all times. (Default: 4)</description>
<default_value>4</default_value>
<type>input</type>
</field>
<field>
<name>Logging options</name>
<type>listtopic</type>
</field>
<field>
<fielddescr>Enable GUI log</fielddescr>
<fieldname>enable_guilog</fieldname>
<description><![CDATA[Check this option to log the access to the Proxy Filter GUI.]]></description>
<type>checkbox</type>
</field>
<field>
<fielddescr>Enable log</fielddescr>
<fieldname>enable_log</fieldname>
<description><![CDATA[Check this option to log the proxy filter settings like blocked websites in Common ACL, Group ACL and Target Categories. This option is usually used to check the filter settings.]]></description>
<type>checkbox</type>
</field>
<field>
<fielddescr>Enable log rotation</fielddescr>
<fieldname>log_rotation</fieldname>
<description><![CDATA[Check this option to rotate the logs every day. This is recommended if you enable any kind of logging to limit file size and do not run out of disk space.]]></description>
<type>checkbox</type>
</field>
<field>
<name>Miscellaneous</name>
<type>listtopic</type>
</field>
<field>
<fielddescr>Clean Advertising</fielddescr>
<fieldname>adv_blankimg</fieldname>
<description><![CDATA[Check this option to display a blank gif image instead of the default block page. With this option the user gets a cleaner webpage.]]></description>
<type>checkbox</type>
</field>
<field>
<name>Blacklist options</name>
<type>listtopic</type>
</field>
<field>
<fielddescr>Blacklist</fielddescr>
<fieldname>blacklist</fieldname>
<description>Check this option to enable blacklist</description>
<type>checkbox</type>
<enablefields>blacklist_proxy,blacklist_url</enablefields>
</field>
<field>
<fielddescr>Blacklist proxy</fielddescr>
<fieldname>blacklist_proxy</fieldname>
<description>
<![CDATA[<br>
Blacklist upload proxy - enter here, or leave blank.<br>
Format: host:[port login:pass] . Default proxy port 1080.<br>
Example: '192.168.0.1:8080 user:pass'
]]>
</description>
<type>input</type>
<size>100</size>
</field>
<field>
<fielddescr>Blacklist URL</fielddescr>
<fieldname>blacklist_url</fieldname>
<description>
<![CDATA[Enter the path to the blacklist (blacklist.tar.gz) here. You can use FTP, HTTP or LOCAL URL blacklist archive or leave blank. The LOCAL path could be your pfsense (/tmp/blacklist.tar.gz).]]>
</description>
<type>input</type>
<size>100</size>
</field>
</fields>
<custom_add_php_command/>
<custom_php_validation_command>
squidguard_validate($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_command_before_form>
squidguard_before_form($pkg);
</custom_php_command_before_form>
<custom_php_after_form_command>
squidGuard_print_javascript();
</custom_php_after_form_command>
<custom_php_resync_config_command>
squidguard_resync();
</custom_php_resync_config_command>
<custom_php_install_command>
squidguard_install_command();
squidguard_resync();
</custom_php_install_command>
<custom_php_deinstall_command>
squidguard_deinstall_command();
</custom_php_deinstall_command>
</packagegui>

stephenw10

That's the standard package xml. What matters is the squidguard config lines inside the main pfSense config (/cf/conf/config.xml).
The install script is choking on something there when it tries to create the required tags. Usually when we see those php errors it's because there is something missing from the config that it assumed was there or something already present that it assumed was not. The older version of php was much more forgiving.

hugoeyng

@stephenw10 cf/conf/config.xml

	<squidguardgeneral>
		<config>
			<squidguard_enable>on</squidguard_enable>
			<ldap_enable></ldap_enable>
			<ldapbinddn></ldapbinddn>
			<ldapbindpass></ldapbindpass>
			<ldapcachetime>0</ldapcachetime>
			<stripntdomain></stripntdomain>
			<striprealm></striprealm>
			<ldapversion>2</ldapversion>
			<rewrite_children>16</rewrite_children>
			<rewrite_children_startup>8</rewrite_children_startup>
			<rewrite_children_idle>4</rewrite_children_idle>
			<enable_guilog>on</enable_guilog>
			<enable_log>on</enable_log>
			<log_rotation>on</log_rotation>
			<adv_blankimg></adv_blankimg>
			<blacklist>on</blacklist>
			<blacklist_proxy></blacklist_proxy>
			<blacklist_url>http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense.tar.gz</blacklist_url>
		</config>
	</squidguardgeneral>
	<squidguarddefault>
		<config>
			<dest>PADRAO !blk_blacklists_child !blk_blacklists_malware all</dest>
			<notallowingip></notallowingip>
			<deniedmessage></deniedmessage>
			<redirect_mode>rmod_int</redirect_mode>
			<redirect>Erro de acesso na ACL!</redirect>
			<safesearch>on</safesearch>
			<rewrite>safesearch</rewrite>
			<enablelog>on</enablelog>
		</config>
	</squidguarddefault>

JonathanLee

@hugoeyng Have you tried this yet?

Ref:
https://docs.netgate.com/pfsense/en/latest/troubleshooting/upgrades.html

hugoeyng

@jonathanlee I did not try this because in my point of view this will not solve the root question that is: th squidGuard installation package has a bug in it.

JonathanLee

@hugoeyng I understand I just keep thinking that something within your configuration is bonked up. You know how when you reinstall a package all your settings stay, if that config is bonked up it will make it appear that the package is messed up. I just keep thinking back to how my configuration was missing a section and kept doing the same thing until I found out that reverse proxy needed to be saved again, it was showing as missing, did not matter how many times I reinstalled the package it would fail until I fixed the configuration.

hugoeyng

@jonathanlee said in 23.01 Squid issue:

I understand I just keep thinking that something within your configuration is bonked up. You know how when you reinstall a package all your settings stay, if that config is bonked up it will make it appear that the package is messed up. I just keep thinking back to how my configuration was missing a section and kept doing the same thing until I found out that reverse proxy needed to be saved again, it was showing as missing, did not matter how many times I reinstalled the package it would fail until I fixed the configuration.

So, how I can completly remove SquidGuard in a way to make a clean install (without old configurations)?
I already tried some instructions, but did not work.

JonathanLee

@hugoeyng (/cf/conf/config.xml) rename with a .old after add patches and than rename it back to .xml maybe, if not revert it back. @stephenw10 would that work?

hugoeyng

@jonathanlee I am sorry, but I can not agree your suggestion. I did waht you sugested , but did not work.
Could you send a config.xml that is working with squidGuard? I will replace it in my installation.

JonathanLee

@hugoeyng sure I can I will have to delete my password as it shows in clear text on the config file. How can I send it to you

hugoeyng

@jonathanlee you can paste here or send to my e-mail

JonathanLee

@hugoeyng what is your email?

hugoeyng

@jonathanlee [removed]

michmoor

@hugoeyng security !!!
I would recommend you guys private message each other your contact emails

JonathanLee

@hugoeyng I sent you a copy of my config file. I hope that helps please don't share it with anyone else. I hope that helps you secure your system and get your URL blocker working again. Use it with a dif checker to see what is bonked up. I was somewhat worried to share this as it's everything, but then I thought, what is the goal? Well, it's to help secure systems with cyber security as the end result. I am 1. just running this at my home it's not really a super secure environment, so no big deal if I share it. I hope that helps you in some way as people are generally good.

JonathanLee

@hugoeyng

https://redmine.pfsense.org/issues/13984

Someone else has found a solution while researching this issue