Squid and lightSquid (and squidGuard if I am lucky)



  • Hi,

    I am new to pfSense. I was using m0n0wall and decided that it was time that I implement a proxy to help keep my kids out of trouble. squidGuard looked to be what I needed.

    Getting pfSense up and running was straight forward however I can't seem to get squidGuard to work so I uninstalled it with the package manager and started just trying to get Squid working as I think thats where my real problem is.

    I read through the "Setup Squid as a Transparent Proxy  http://doc.pfsense.org/index.php/Setup_Squid_as_a_Transparent_Proxy" a bunch of times and to make sure I followed the correct steps.

    I don't think any http requests from my lan are being cached. I installed lightSquid so I could check it out however I got the error " report folder '/var/lightsquid/report' not contain any valid data! Please run lightparser.pl (and check 'report' folder content)" when I tried to look at the lightSquid report. I found a post from 3 years ago that said to click the refresh button, which I have a number of times. I tried to run lightparser.pl as suggested by the error message however I get "Command not found.".

    Any help would be much appreciated, thanks.

    Here is a clip of the log from \var\squid\log\cache.log

    2010/12/22 05:45:01| Loaded Icons.
    2010/12/22 05:45:01| Ready to serve requests.
    2010/12/22 05:45:03| Reconfiguring Squid Cache (version 2.7.STABLE9)…
    2010/12/22 05:45:03| FD 9 Closing HTTP connection
    2010/12/22 05:45:03| FD 10 Closing HTTP connection
    2010/12/22 05:45:03| FD 12 Closing HTCP socket
    2010/12/22 05:45:03| FD 13 Closing SNMP socket
    2010/12/22 05:45:03| logfileClose: closing log /var/squid/log/access.log
    2010/12/22 05:45:03| Including Configuration File: /usr/local/etc/squid/squid.conf (depth 0)
    2010/12/22 05:45:03| Cache dir '/var/squid/cache' size remains unchanged at 5120000 KB
    2010/12/22 05:45:03| Initialising SSL.
    2010/12/22 05:45:03| logfileOpen: opening log /var/squid/log/access.log
    2010/12/22 05:45:03| Store logging disabled
    2010/12/22 05:45:03| Referer logging is disabled.
    2010/12/22 05:45:03| DNS Socket created at 0.0.0.0, port 41436, FD 7
    2010/12/22 05:45:03| Adding domain solar.local from /etc/resolv.conf
    2010/12/22 05:45:03| Adding nameserver 64.59.184.13 from /etc/resolv.conf
    2010/12/22 05:45:03| Adding nameserver 64.59.184.15 from /etc/resolv.conf
    2010/12/22 05:45:03| Adding nameserver 64.59.190.242 from /etc/resolv.conf
    2010/12/22 05:45:03| Accepting proxy HTTP connections at 192.168.189.10, port 3128, FD 9.
    2010/12/22 05:45:03| Accepting transparently proxied HTTP connections at 127.0.0.1, port 80, FD 10.
    2010/12/22 05:45:03| Accepting HTCP messages on port 4827, FD 12.
    2010/12/22 05:45:03| Accepting SNMP messages on port 3401, FD 13.
    2010/12/22 05:45:03| WCCP Disabled.
    2010/12/22 05:45:03| Loaded Icons.
    2010/12/22 05:45:03| Ready to serve requests.
    (END)



  • Look at the access.log. Here you see what squid caches.



  • the access.log file in /var/squid/log is empty.


  • Rebel Alliance Developer Netgate

    Is logging enabled in squid?
    What happens when you go to a proxy check site such as http://www.lagado.com/proxy-test ?



  • Thanks for the reply.

    Yes logging is enabled. I attached a screen capture of it enable to make sure I enabled the correct thing.

    I went to the proxy check site you suggested and the results are: "This request appears NOT to have come via a proxy." I tried the cache test as well and it indicates that I don't have a "stealthed transparent proxy" functioning either.



  • Rebel Alliance Developer Netgate

    Check "allow users on interface".



  • Squid is working now. Thanks! I feel like an idiot…

    I installed squidGuard and I got some error messages on install. squidGuard is blocking porn sites now with out any issues. Should I be concerned about the error messages that were generated on install? They are below:

    Warning: fopen(/usr/local/etc/squidGuard/squidguard_conf.xml): failed to open stream: No such file or directory in /etc/inc/pfsense-utils.inc on line 1160 Warning: fwrite(): supplied argument is not a valid stream resource in /etc/inc/pfsense-utils.inc on line 1161 Warning: fclose(): supplied argument is not a valid stream resource in /etc/inc/pfsense-utils.inc on line 1162 Warning: fopen(/usr/local/etc/squidGuard/squidguard_conf.xml): failed to open stream: No such file or directory in /etc/inc/pfsense-utils.inc on line 1160 Warning: fwrite(): supplied argument is not a valid stream resource in /etc/inc/pfsense-utils.inc on line 1161 Warning: fclose(): supplied argument is not a valid stream resource in /etc/inc/pfsense-utils.inc on line 1162


  • Rebel Alliance Developer Netgate

    You may want to remove and reinstall squidGuard to see if the errors happen again, but it's basically saying that it tried to run some code, but couldn't, because the .xml file it wanted wasn't found – that normally could only happen if a package was uninstalled but still had some reference in the config.

    If you can reinstall it now without error it should be OK.



  • Thanks for your help. Everything except the log function seems to work. I attached a screen cap of the error.




  • @Cutha:

    Thanks for your help. Everything except the log function seems to work. I attached a screen cap of the error.

    Look this for resolve.
    http://forum.pfsense.org/index.php/topic,31171.msg161135.html#msg161135

    Bug will fixed after N/Y.



  • Thanks for that, now the logs work as well.

    Thanks for your time guys :)


Locked