Squid Returned to Packages *** PLEASE TEST ***
-
The following input errors were detected: You can not run squid on the same port as the webgui
Change the webGUI port to: HTTP:81, save it and set it back to https:443
This cured it over here on 2 installsMaybe it's just the unused reference to HTTP:80 that squid doesn't like, but I don't know.
I have set squid to transparent mode on port 80, FWIW -
found it!
i had to activate and deactivate the upstream-proxy! no idea why that but it solved it!! p15 running!!
-
I gave it a test run, p15 seems to be working great for me, I will update you if I find out anything new in my logs!
-
Setting the WebGUI-Port solved it.
No need to set it to http:81 and back to https:443.Just specifying a port in the WebGUI-Field does the trick (even if it's the default https port of 443).
Which gives me the suspicion that the "WebGUI-Port-Field is used for a RegEx - and an empty RegEx matches all … I'll test if a WebGui-Port of 80 prevents a Proxy-Port of 8080 or 8000 ...
-
Woot! I'm going to give this a try in the next week or two on the big iron box I've been running squid on since before it got b0rken'd. I have a 60+ day uptime on that box, squid hasn't been restarted once.
-
Hi, can you recompile squid with –enable-arp-acl option, because, arp acls not working.
thank you very much :)
-
Any luck yet with white list only or any kind of wild card in the black list field? Just tried with a clean install of snapshot 1-24 and I'm still making it to any site. Maybe we'll have to do something like ipCop and create a whitelist only check box. I suspect in their implementation it removes the blacklist_acl completely and leaves only the whitelist in squid.conf. Just a thought, my programming / text edit skills in FreeBSD are marginal at best.
Any ideas data?
-
what kind of wildcard are you looking for in the blocked domains? trying to be able to block domains like sex ? cuz that WOULD be nice.
currently though it can block all subdomains of a domain. wonder if it will work on top domains. would be neat if i could block, say, all of .ru (havent tried so it may already do it). course i could do the same thing by running an internal DNS. -
There is also some difficulties if i setup my proxy without transparent proxy and Allow users on interfase, with Allowed subnets, then squid.inc create
acl allowed_subnets src XXX.XXX.XXX.XXX/XX
but there is no
http_access allow allowed_subnets
also waiting for recompiled squid binaries with –arp
-
Blacklisting TLDs does work as reported in this post some time ago. I want to be able to block all sites not explicitly named in my whitelist.
-
for whitelisting and blacklisting use wildcard "."
example for blacklist:
.sex.
.xxx.
.ch
.net
.123456.if you leave only "." dot in list then your users can access only sites listed in Whitelist
Best regards
Ju5t4s -
The period worked!!!! Thank you so much ju5t4s.
-
what kind of wildcard are you looking for in the blocked domains? trying to be able to block domains like sex ? cuz that WOULD be nice.
currently though it can block all subdomains of a domain. wonder if it will work on top domains. would be neat if i could block, say, all of .ru (havent tried so it may already do it). course i could do the same thing by running an internal DNS.I tried (as a matter of interest) to block all .ru domains, but using .ru in the blocked area blocks sites like this forum :lol: I'm not sure it should though.
It shouldn't block forum should it? I can understand it blocking foru, as there's nothing after the ru and it would match the wildcard pattern, but not forum
-
edit manualy file /usr/local/pkg/squid.inc
and change "dstdom_regex -i" to "dstdomain"
you can change it for you filtering needs
more about acl types you can read http://wiki.squid-cache.org/SquidFaq/SquidAcl#head-021f45033c4ee1b1fc5bdd4f5c49ddcd08f45bd1
*sorry for my poor english
-
I have been working on getting squid to start and stop propery. I am using 1.0.1-SNAPSHOT-02-08-2007.
I have some suggestions for changes to improve the situation:- in /etc/rc.newwanip, insert:
exec("/etc/rc.stop_packages");
before
exec("/etc/rc.start_packages"); - in /etc/rc.stop_packages, is package synching necessary?
- in /usr/local/etc/rc.d/proxy_monitor.sh, it is necessary to examine the parameter to determine if start, stop or restart should be performed. I have attached the updated file proxy_monitor.sh.txt. As package sync overwrites this file, I have been able to test only by commenting out package sync in start_packages and stop_packages.
It would certainly help to have these changes released in a snapshot.
- in /etc/rc.newwanip, insert:
-
Any ideas why in the services tab I have ~30 instances of squid running?
I've rebooted and it still shows them all when I reboot
-
no idea yet.
I am sorely out of time at work to work on squid this month.
-
First I had 5 instances of NTPserver running. De- and re-install helped this service but then it were 4 or 5 squid services.
Deinstalled squid and reinstall cured this finally.All of this was after upgrading to 1.0.1 snapshot Feb 09 OR Feb 06 - don't know exactly anymore.
-
Yeah, I find from time to time a package goes a bit mental and starts running multiple instances of itself, but squid, even after an uninstall / reinstall cycle was exactly the same, I was running literally 30 instances!
-
Just upgraded to 2/14 snapshot. Squid had lots of instances here too. I uninstalled Squid (via GUI), rebooted, reisntalled (via GUI), and rebooted and all was well. On a side note, the 2/14 snapshot upgrade deactivated all my firewall rules (the little green triangle was unclicked).
