Squid errors
-
This may have already been covered in the lists, but I'm recording them here for posterity as well. After installing the squid package to my 0.93.2 box I had to make the following changes:
mkdir /var/squid/cache
chown squid: /var/squid/cache
chown squid: /var/squid/logs
squid -z -f /usr/local/etc/squid/squid.confin squid.conf, you have to make the following changes to the ACLs ( I believe this to be a bug in the WebGUI but I haven't looked at the code yet ):
ensure that acl all's src is set to 0.0.0.0/255.255.255.0
ensure that acl localnet's src is set to your local network (or whatever networks you want to traverse your squid proxy)
add the line: http_access allow localnetat this point you can start squid and you should be off and running.
-
The code is actually in there to do the chmod's and such during the install, but it is not executing properly. I've been working with colin on this. Due to the complexity with all of the GUI and integration with other items such as SquidGuard, it may come down to where I have to write this in full-fledged PHP and use the packaging system for the install portion, but I'd like to make this version as stable as possible in the meantime. Thanks for your help!
Mike
-
Mike,
There's a big bug in the ACL section of the WebGUI. When adding networks to the allow, section, only one network is captured, and its appended to the "all" ACL rather than the "localnet" ACL. Any additional networks added are ignored, although they're slumped together one on top of the next in the WebGUI display. It might be better to either create a file and write networks to that file and have squid.conf point to that file. Alternatively, you might have the localnet ACL get the networks bound to whichever NIC squid should be bound to.
-
@submicron:
Mike,
There's a big bug in the ACL section of the WebGUI. When adding networks to the allow, section, only one network is captured, and its appended to the "all" ACL rather than the "localnet" ACL. Any additional networks added are ignored, although they're slumped together one on top of the next in the WebGUI display. It might be better to either create a file and write networks to that file and have squid.conf point to that file. Alternatively, you might have the localnet ACL get the networks bound to whichever NIC squid should be bound to.
Also, i have found that if you add "unrestricted IPs" in the ACL of the WebGUI, the are stored in the acl file just as they were writed down in the WebGUI, this means, separated by a semi-colon, insted of one IP address per line, which generate errors when you start the service. If you edit the acl_unrestricted_ip.acl file, and put one IP address per line, it shows funny in the WebGUI page.
Thanks again for this great piece of software!
-
Mike,
I know you'll work on these issues when you get time. Is it better for us to keep posting to this thread or would you rather we file bug reports as we come across issues?
-
@submicron:
Mike,
I know you'll work on these issues when you get time. Is it better for us to keep posting to this thread or would you rather we file bug reports as we come across issues?
I think the this thread for now will work best for me. Thanks!
Mike
-
I just installed Squid 2.5.11_3 on 0.90 - I know, there's a newer release… ;-)
After install, I did this:
chgrp squid /dev/pf
chmod g+rw /dev/pf
/usr/local/sbin/squid -z -f /usr/local/etc/squid/squid.conf
Navigated to: Services->Squid
Proxy Listening Interface: LAN
Transparent Proxy: CHECKED
Log Enabled: CHECKED
Visible Hostname: XXX.com
Cache Administrator Email: support@XXX.com
Error Message Language: English
And then pressed save:
Warning: fopen(/usr/local/etc/squid/advanced/acls/src_subnets.acl): failed to open stream: No such file or directory in /usr/local/pkg/squid_ng.inc on line 487 Warning: fwrite(): supplied argument is not a valid stream resource in /usr/local/pkg/squid_ng.inc on line 488 Warning: fclose(): supplied argument is not a valid stream resource in /usr/local/pkg/squid_ng.inc on line 489 Warning: Cannot modify header information - headers already sent by (output started at /usr/local/pkg/squid_ng.inc:487) in /usr/local/www/pkg_edit.php on line 183Are the missing files (I checked) not a part of the package?
I have set squid up on an older version before - no problems there - did I miss something or is it in a state of flux at the moment?Thanks!
-
I just installed .94 I havn't had a chance to get .94.4 yet but I got pretty much the same thing. I changed some options and clicked save and an error similar to that appeared. I was on the first tab of the setup page. I got similar errors from the second tab after changing an option or two and perhaps from the third tab also. On the tab you enter ip and domain ips etc after hitting save I got no errors.
I refreshed all the pages I changed settings on and they seemed to be set to what I changed them too.
I didn't bother posting it here because I'm not on the most current version.
-
Interesting. The last commit was a few weeks ago and while quite a bit was changed, I was under the impression that the default install worked. The package is definitely in a state of flux at the moment. In speaking with Colin, it seems that the best way to design a flexible Squid package and allow the integration with SquidGuard, HAVP, ClamAV, or whatever is to code in pure PHP while using the packaging system simply for the install/deinstall and such. This would allow much more flexibility. I've started the process and don't expect to have a commit for little while, but am plugging away and trying to support both packages now. I'll check into this issue and see if I can fix it and commit a new version. I'll let everyone know if I do. Thanks!
-
This actually was a server error. Or package sync script stopped copying changes from CVS.
At any rate, everything is fixed now and the squid stuff should be on the latest version on the server now.
-
I'm guessing that the correct answer is to uninstall and then re-install the squid package?
-
@submicron:
I'm guessing that the correct answer is to uninstall and then re-install the squid package?
Yep.
-
Just did a remove and install…
At the bottom of the package install screen in black on the grey background was this text:
Parse error: parse error, unexpected T_STRING in /etc/inc/pkg-utils.inc(426) : eval()'d code on line 1Tried the same task again, got the same message about missing includes etc. when I pressed save on the first page of the config... perhaps the cause was the error above?
Thanks!
Still running 0.90 on that box - will upgrade to 94.4 today -
@submicron:
I'm guessing that the correct answer is to uninstall and then re-install the squid package?
My install was 100% fresh. The first thing I did was install squid and start to configure it.
I am thinking I havn't seen these errors before or not I remember, is because I have just used the upgrade option each time (except this time). And it keeps all my settings even when you get the error.
-
Hi all!
Likewise, all references to "GSDF" should also be changed to "GDSF".
;)
-
Hi all!
Likewise, all references to "GSDF" should also be changed to "GDSF".
;)
Already fixed.
-
have pfsense .95a installed and just installed squid.
first time it's installed, i got misconfigured it and got lots of error.
so i removed it and install again.
this time it works fine.but after reboot, it wont start up automatically.
i have to go to shell and type squid to start itwhat to do to make it startup on every boot?
-
have pfsense .95a installed and just installed squid.
This version is not supported. Upgrade to receive support.
-
fresh installed pfsense 1 beta
then directly install squid package only.squid doesnt run at all.
i try see from shell, no /var/squid folder
there's a squid folder on /etc/local
but it's only contain 2 folders (logs and cache) and both folders are empty.so, no log i can see.
the cache folder also not created yet.i try squid -z but it gives out error: failed to create folder…
-
these steps you need to take to get squid 2.5.12 from the pfsense packages working with pfsense beta 1
pfSense console setup 8) Shell mkdir /var/squid chown squid:squid /var/squid mkdir /var/squid/logs chown squid:squid /var/squid/logs mkdir /var/squid/cache chown squid:squid /var/squid/cache mkdir /usr/local/etc/squid/advanced chown squid:squid /usr/local/etc/squid/advanced mkdir /usr/local/etc/squid/advanced/acls chown squid:squid /usr/local/etc/squid/advanced/acls touch /usr/local/etc/squid/advanced/acls/src_subnets.acl chown squid:squid /usr/local/etc/squid/advanced/acls/src_subnets.acl touch /usr/local/etc/squid/advanced/acls/src_unrestricted_ip.acl chown squid:squid /usr/local/etc/squid/advanced/acls/src_unrestricted_ip.acl squid -z exit pfSense console setup 11) Restart webConfigurator now config in pfsense browser http://ipadress/pkg_edit.php?xml=squid_ng.xml&id=0 go back to consul pfSense console setup 8) Shell squid ps -ax | grep squid if you see somving like this : 4683 ?? Ss 0:00.00 squid 4685 ?? S 0:00.19 (squid) (squid) 4695 p0 S+ 0:00.01 grep squid squid is running