Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Squidguard

    2.0-RC Snapshot Feedback and Problems - RETIRED
    6
    36
    11973
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      andrew0401 last edited by

      On current version - 2.0-BETA5 (i386)
      built on Sat Jan 29 23:42:13 EST 2011

      Noticed that on the upgrade it also "synced" squidguard to their latest version - 1.4_2 pkg v.1.7 - and the button to upload the latest blacklist has vanished - is this a squidguard or a pfsense issue?

      A few stange entries in the log when restarting

      Jan 31 08:45:05 saslpasswd2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"
      Jan 31 08:45:05 saslpasswd2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"
      Jan 31 08:45:05 sshlockout[3675]: sshlockout/webConfigurator v3.0 starting up
      Jan 31 08:45:05 sasldblistusers2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"
      Jan 31 08:45:05 sasldblistusers2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"
      Jan 31 08:45:05 saslpasswd2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"
      Jan 31 08:45:05 saslpasswd2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"
      Jan 31 08:43:05 check_reload_status: syncing firewall
      Jan 31 08:43:04 php: : WARNING! Configuration written on bootup. This can cause stray openvpn and load balancing items in config.xml
      Jan 31 08:43:04 php: : Beginning package installation for squidGuard.

      1 Reply Last reply Reply Quote 0
      • jimp
        jimp Rebel Alliance Developer Netgate last edited by

        Hit the 'x' to remove the package, then reinstall it again.

        Looks like you've got a version of the package that was pulling in OpenSSL from ports. None of the current package binaries that are up right now should be doing that.

        Look at the output of:

        pkg_info
        

        From a command prompt, if you see openssl-<something>, then it isn't right.</something>

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • A
          andrew0401 last edited by

          Thanks for the clue - will try later (production problems are stopping testing!)

          Output of pkg_info

          $ pkg_info
          bsdinstaller-2.0.2011.0118 BSD Installer mega-package
          cyrus-sasl-2.1.23  RFC 2222 SASL (Simple Authentication and Security Layer)
          cyrus-sasl-2.1.23_1 RFC 2222 SASL (Simple Authentication and Security Layer)
          db3-3.3.11_3,1      The Berkeley DB package, revision 3.3
          db41-4.1.25_4      The Berkeley DB package, revision 4.1
          gettext-0.18.1.1    GNU gettext package
          grub-0.97_4        GRand Unified Bootloader
          libiconv-1.13.1_1  A character set conversion library
          libwww-5.4.0_4      The W3C Reference Library
          mbmon-205_5        A tty motherboard monitor for LM78/79, W8378x, AS99127F, VT
          mysql-client-5.1.53 Multithreaded SQL database (client)
          openldap-client-2.4.23 Open source LDAP client implementation
          openldap-sasl-client-2.4.23 Open source LDAP client implementation with SASL2 support
          openssl-1.0.0_2    SSL and crypto library
          openssl-1.0.0_4    SSL and crypto library
          perl-5.10.1_2      Practical Extraction and Report Language
          perl-5.10.1_3      Practical Extraction and Report Language
          squid-2.7.9        HTTP Caching Proxy
          squidGuard-1.4_2    A fast redirector for squid
          squid_radius_auth-1.10 RADIUS authenticator for squid proxy 2.5 and later

          Regards

          Andrew

          1 Reply Last reply Reply Quote 0
          • A
            andrew0401 last edited by

            Production problems not as bad as first thought…

            Removed Squidguard

            Installed squidguard

            Still no button to upload/update the blacklist

            pkg_info still shows openssl

            $ pkg_info
            bsdinstaller-2.0.2011.0118 BSD Installer mega-package
            cyrus-sasl-2.1.23  RFC 2222 SASL (Simple Authentication and Security Layer)
            cyrus-sasl-2.1.23_1 RFC 2222 SASL (Simple Authentication and Security Layer)
            db3-3.3.11_3,1      The Berkeley DB package, revision 3.3
            db41-4.1.25_4      The Berkeley DB package, revision 4.1
            gettext-0.18.1.1    GNU gettext package
            grub-0.97_4        GRand Unified Bootloader
            libiconv-1.13.1_1  A character set conversion library
            libwww-5.4.0_4      The W3C Reference Library
            mbmon-205_5        A tty motherboard monitor for LM78/79, W8378x, AS99127F, VT
            mysql-client-5.1.53 Multithreaded SQL database (client)
            openldap-client-2.4.23 Open source LDAP client implementation
            openldap-sasl-client-2.4.23 Open source LDAP client implementation with SASL2 support
            openssl-1.0.0_2    SSL and crypto library
            openssl-1.0.0_4    SSL and crypto library
            perl-5.10.1_2      Practical Extraction and Report Language
            perl-5.10.1_3      Practical Extraction and Report Language
            squid-2.7.9        HTTP Caching Proxy
            squidGuard-1.4_2    A fast redirector for squid
            squid_radius_auth-1.10 RADIUS authenticator for squid proxy 2.5 and later

            Regards

            Andrew

            1 Reply Last reply Reply Quote 0
            • A
              andrew0401 last edited by

              Meant to include these entries from the log - in the middle of the squidguard install

              Feb 2 09:11:32 saslpasswd2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"
              Feb 2 09:11:32 saslpasswd2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"
              Feb 2 09:11:32 sasldblistusers2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"
              Feb 2 09:11:32 sasldblistusers2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"
              Feb 2 09:11:32 saslpasswd2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"
              Feb 2 09:11:32 saslpasswd2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"

              1 Reply Last reply Reply Quote 0
              • A
                andrew0401 last edited by

                Well - following a restart I now have a button which claims it will download a black list from http://www.shallalist.de/Downloads/shallalist.tar.gz - press the button and nothing happens - no entries in any log, no activity on the WAN

                running out of ideas

                Regards

                Andrew

                1 Reply Last reply Reply Quote 0
                • A
                  andrew0401 last edited by

                  Very interesting - due to a hardware fail at a remote site I had to dtop/reconfigure and restart an IPSEC VPN - then continued the battle with Squidguard.  The button now works as advertsised and it updates correctly!

                  Still no entries in any log file concerning squidguard, but in the "Portal Auth" tab the following entries have appeared

                  Feb 2 10:30:38 squid[35770]: Squid Parent: child process 57923 started
                  Feb 2 10:30:35 squid[35770]: Squid Parent: child process 36437 exited due to signal 6
                  Feb 2 10:30:35 squid[36437]: The url_rewriter helpers are crashing too rapidly, need help!
                  Feb 2 10:30:29 squid[35770]: Squid Parent: child process 36437 started

                  But we are not using the Portal and have never had any entries in this tab before to-day.

                  Regards

                  Andrew

                  1 Reply Last reply Reply Quote 0
                  • O
                    OyyoDams last edited by

                    Hi,

                    I have exactly the same problem, except I don't use any IPSEC VPN.
                    I removed and reinstalled squidguard, but I still can't update the blacklist and I have the same issue in "Portal Auth" log.

                    What to do ?

                    Regards

                    1 Reply Last reply Reply Quote 0
                    • D
                      dvserg last edited by

                      http://forum.pfsense.org/index.php?topic=31974.0

                      Need reinstall squid ?

                      SquidGuardDoc EN  RU Tutorial
                      Localization ru_PFSense

                      1 Reply Last reply Reply Quote 0
                      • O
                        OyyoDams last edited by

                        I just reinstalled squid and still have the same issue :(

                        1 Reply Last reply Reply Quote 0
                        • D
                          dvserg last edited by

                          @OyyoDams:

                          I just reinstalled squid and still have the same issue :(

                          Try uninstal squid/squidGuard from GUI.
                          Then from console deinstall any from this (if exists) - 'pkg_delete -r pkgname'

                          
                          squid-2.7.9         HTTP Caching Proxy
                          squidGuard-1.4_2    A fast redirector for squid
                          squid_radius_auth-1.10 RADIUS authenticator for squid proxy 2.5 and later
                          
                          

                          Then install squid/squidGuard new from GUI

                          SquidGuardDoc EN  RU Tutorial
                          Localization ru_PFSense

                          1 Reply Last reply Reply Quote 0
                          • jimp
                            jimp Rebel Alliance Developer Netgate last edited by

                            It would be a good idea to remove all packages, then check the pkg_info as dvserg suggests, and pkg_delete -f each of the remaining items.

                            When that is done, you can reinstall your packages to make sure everything you have is current.

                            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                            Need help fast? Netgate Global Support!

                            Do not Chat/PM for help!

                            1 Reply Last reply Reply Quote 0
                            • O
                              OyyoDams last edited by

                              I removed all packages as suggested, renstalled squid and squiguard, and I still can't update the list

                              1 Reply Last reply Reply Quote 0
                              • O
                                OyyoDams last edited by

                                Just for information I just rebooted pfsense and the problem is still here

                                1 Reply Last reply Reply Quote 0
                                • A
                                  andrew0401 last edited by

                                  May be irrelevant - but including the reboot for the IPSEC VPN (wanted to make sure all caches were clear) - it started working for after the third reboot.

                                  Regards

                                  Andrew

                                  1 Reply Last reply Reply Quote 0
                                  • A
                                    andrew0401 last edited by

                                    I might have been a bit quick saying it was working.  It certainly appears to be working but a look at the system log shows

                                    Feb 2 14:48:11 php: : The command 'cp -f -p /usr/local/etc/squidGuard/blacklist.files /usr/local/etc/squidGuard' returned exit code '1', the output was 'cp: /usr/local/etc/squidGuard/blacklist.files and /usr/local/etc/squidGuard/blacklist.files are identical (not copied).'
                                    Feb 2 14:46:35 php: : The command 'rm -R . /tmp/squidGuard/arcdb' returned exit code '1', the output was 'rm: "." and ".." may not be removed'
                                    Feb 2 14:46:31 php: : The command 'rm -R . /tmp/squidGuard/unpack' returned exit code '1', the output was 'rm: "." and ".." may not be removed'

                                    More checking!

                                    Andrew

                                    1 Reply Last reply Reply Quote 0
                                    • D
                                      dvserg last edited by

                                      @andrew0401:

                                      I might have been a bit quick saying it was working.  It certainly appears to be working but a look at the system log shows

                                      Feb 2 14:48:11 php: : The command 'cp -f -p /usr/local/etc/squidGuard/blacklist.files /usr/local/etc/squidGuard' returned exit code '1', the output was 'cp: /usr/local/etc/squidGuard/blacklist.files and /usr/local/etc/squidGuard/blacklist.files are identical (not copied).'
                                      Feb 2 14:46:35 php: : The command 'rm -R . /tmp/squidGuard/arcdb' returned exit code '1', the output was 'rm: "." and ".." may not be removed'
                                      Feb 2 14:46:31 php: : The command 'rm -R . /tmp/squidGuard/unpack' returned exit code '1', the output was 'rm: "." and ".." may not be removed'

                                      More checking!

                                      Andrew

                                      It is a bug. Thanks.

                                      SquidGuardDoc EN  RU Tutorial
                                      Localization ru_PFSense

                                      1 Reply Last reply Reply Quote 0
                                      • O
                                        OyyoDams last edited by

                                        Just to confirm, I did the following:

                                        • removed all packages with GUI
                                        • removed all packages with pkg_delete
                                        • upgraded to latest snapshot
                                        • installed squid and then squidguard

                                        Result: the "Download" button makes nothing. No error in "Portal Auth"

                                        1 Reply Last reply Reply Quote 0
                                        • T
                                          Tikimotel last edited by

                                          I've recently updated the same package on pfsense 1.2.3.
                                          The "download" button has moved to a new tab called "Blacklist" next to the "log" tab.
                                          You can see a progress bar during update of the blacklist.
                                          Maybe that the 2.0 version also moved there?

                                          1 Reply Last reply Reply Quote 0
                                          • O
                                            OyyoDams last edited by

                                            Yes but in version 2.0 the progress bar stays at 0%

                                            1 Reply Last reply Reply Quote 0
                                            • D
                                              dvserg last edited by

                                              @OyyoDams:

                                              Yes but in version 2.0 the progress bar stays at 0%

                                              What browser you use? I test this version on IE(8)/FF/Chrome

                                              SquidGuardDoc EN  RU Tutorial
                                              Localization ru_PFSense

                                              1 Reply Last reply Reply Quote 0
                                              • O
                                                OyyoDams last edited by

                                                Firefox and IE

                                                But the problem is not on the progress bar itself, i.e. the progress bar for packages installation works sucessfully.

                                                When I click on "Download" button, nothing happens at all.

                                                1 Reply Last reply Reply Quote 0
                                                • O
                                                  OyyoDams last edited by

                                                  Update: tried again, I don't know why, this time it worked, I got that message:

                                                  Begin blacklist update
                                                  Start download.
                                                  Download archive http://urlblacklist.com/cgi-bin/commercialdownload.pl?type=download
                                                  Download complete
                                                  Unpack archive
                                                  Scan blacklist categories.
                                                  Start rebuild DB.
                                                  Copy DB to workdir.
                                                  Reconfigure Squid proxy.
                                                  Blacklist update complete.
                                                  

                                                  But the progress bar has never moved from 0%, and now the message above is not cleared.

                                                  1 Reply Last reply Reply Quote 0
                                                  • D
                                                    dvserg last edited by

                                                    @OyyoDams:

                                                    Update: tried again, I don't know why, this time it worked, I got that message:
                                                    But the progress bar has never moved from 0%, and now the message above is not cleared.

                                                    I'm working on it as time allows. A lot had to change, so mistakes are inevitable

                                                    SquidGuardDoc EN  RU Tutorial
                                                    Localization ru_PFSense

                                                    1 Reply Last reply Reply Quote 0
                                                    • O
                                                      OyyoDams last edited by

                                                      No problem take your time. Thanks :)

                                                      1 Reply Last reply Reply Quote 0
                                                      • A
                                                        andrew0401 last edited by

                                                        Stranger & stranger,

                                                        Running on version  Tue Feb  1 19:36:32 - Squidguard is working fine, updates when asked, progress bar works.

                                                        Only thing missing would be an automated update of the script.

                                                        Regards

                                                        Andrew

                                                        1 Reply Last reply Reply Quote 0
                                                        • D
                                                          dvserg last edited by

                                                          On pfSense 2.0 with IE8 not work for me.
                                                          And pfSense 1.2 with IE8 work fine.

                                                          This task does not require frequent updates

                                                          SquidGuardDoc EN  RU Tutorial
                                                          Localization ru_PFSense

                                                          1 Reply Last reply Reply Quote 0
                                                          • A
                                                            andrew0401 last edited by

                                                            Should have mentioned running on Firefox 3.6.13

                                                            Just the ability to run the update script once a month?

                                                            Andrew

                                                            1 Reply Last reply Reply Quote 0
                                                            • D
                                                              dvserg last edited by

                                                              @andrew0401:

                                                              Should have mentioned running on Firefox 3.6.13

                                                              Just the ability to run the update script once a month?

                                                              Andrew

                                                              Well, maybe, but later - after editing bugs.

                                                              SquidGuardDoc EN  RU Tutorial
                                                              Localization ru_PFSense

                                                              1 Reply Last reply Reply Quote 0
                                                              • A
                                                                andrew0401 last edited by

                                                                Totally agree - fix bugs first (though I have found very, very few)

                                                                Just updated to latest snapshot - squidguard works fine

                                                                Regards

                                                                Andrew

                                                                1 Reply Last reply Reply Quote 0
                                                                • A
                                                                  andrew0401 last edited by

                                                                  Everything seems to be working fine after the upgrade to RC1 - but still these same message in syslog

                                                                  Mar 2 07:38:59 saslpasswd2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"
                                                                  Mar 2 07:38:59 saslpasswd2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"
                                                                  Mar 2 07:38:59 sshlockout[31715]: sshlockout/webConfigurator v3.0 starting up
                                                                  Mar 2 07:38:59 sasldblistusers2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"
                                                                  Mar 2 07:38:59 sasldblistusers2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"
                                                                  Mar 2 07:38:59 saslpasswd2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"
                                                                  Mar 2 07:38:59 saslpasswd2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"

                                                                  Mar 2 08:51:16 php: : The command 'umount -f /tmp/squidGuard' returned exit code '1', the output was 'umount: /tmp/squidGuard: not a file system root directory'
                                                                  Mar 2 08:48:52 php: : The command 'chmod 1777 /tmp/squidGuard' returned exit code '1', the output was 'chmod: /tmp/squidGuard: No such file or directory'
                                                                  Mar 2 08:48:52 php: : The command '/sbin/mdmfs -s 200M md15 /tmp/squidGuard' returned exit code '1', the output was 'mdmfs: mount exited with error code 64'

                                                                  Tried the deinstall and reinstall approach - not a scrap of difference - do I need to be woried or just ignore them?  As I say everything seems to work.

                                                                  Regards

                                                                  Andrew

                                                                  1 Reply Last reply Reply Quote 0
                                                                  • K
                                                                    kbleeker last edited by

                                                                    This may be unrelated to this thread, but after installing SquidGuard on 1.2.3 twice(tried completely removing both SquidGuard and Squid) neither service will start. The log gives me this error:

                                                                    squid[28794]: The url_rewriter helpers are crashing too rapidly, need help!

                                                                    Followed shortly by:

                                                                    squid[27741]: Exiting due to repeated, frequent failures.

                                                                    I haven't gotten around to adding any blacklists, just wanted to see how much config I have beforehand.

                                                                    Any clues what I should do?

                                                                    [Edit] -
                                                                    I am using transparent proxy, will that prevent SquidGuard from working?

                                                                    1 Reply Last reply Reply Quote 0
                                                                    • jimp
                                                                      jimp Rebel Alliance Developer Netgate last edited by

                                                                      No, it's probably the squidguard update I did last night on the server. It's trying to use a newer version of the ldap library, and failing because it isn't there. I'm looking into it.

                                                                      Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                                                                      Need help fast? Netgate Global Support!

                                                                      Do not Chat/PM for help!

                                                                      1 Reply Last reply Reply Quote 0
                                                                      • K
                                                                        kbleeker last edited by

                                                                        Awesome, thanks for the reply!  :)

                                                                        I'm heading home for the day but I'll check back in tonight and tomorrow, in case you've found the glitch. Thanks a stack!

                                                                        1 Reply Last reply Reply Quote 0
                                                                        • jimp
                                                                          jimp Rebel Alliance Developer Netgate last edited by

                                                                          squidGuard should be OK on 1.2.3 again, you might have to uninstall squid/squidguard, pkg_delete openldap*, then reinstall squid and then squidguard.

                                                                          New installs of squid should be fine.

                                                                          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                                                                          Need help fast? Netgate Global Support!

                                                                          Do not Chat/PM for help!

                                                                          1 Reply Last reply Reply Quote 0
                                                                          • K
                                                                            kbleeker last edited by

                                                                            Thanks again, the package installed and works now :-)

                                                                            1 Reply Last reply Reply Quote 0
                                                                            • First post
                                                                              Last post