Squidguard
-
On current version - 2.0-BETA5 (i386)
built on Sat Jan 29 23:42:13 EST 2011Noticed that on the upgrade it also "synced" squidguard to their latest version - 1.4_2 pkg v.1.7 - and the button to upload the latest blacklist has vanished - is this a squidguard or a pfsense issue?
A few stange entries in the log when restarting
Jan 31 08:45:05 saslpasswd2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"
Jan 31 08:45:05 saslpasswd2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"
Jan 31 08:45:05 sshlockout[3675]: sshlockout/webConfigurator v3.0 starting up
Jan 31 08:45:05 sasldblistusers2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"
Jan 31 08:45:05 sasldblistusers2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"
Jan 31 08:45:05 saslpasswd2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"
Jan 31 08:45:05 saslpasswd2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"
Jan 31 08:43:05 check_reload_status: syncing firewall
Jan 31 08:43:04 php: : WARNING! Configuration written on bootup. This can cause stray openvpn and load balancing items in config.xml
Jan 31 08:43:04 php: : Beginning package installation for squidGuard. -
Hit the 'x' to remove the package, then reinstall it again.
Looks like you've got a version of the package that was pulling in OpenSSL from ports. None of the current package binaries that are up right now should be doing that.
Look at the output of:
pkg_infoFrom a command prompt, if you see openssl-<something>, then it isn't right.</something>
-
Thanks for the clue - will try later (production problems are stopping testing!)
Output of pkg_info
$ pkg_info
bsdinstaller-2.0.2011.0118 BSD Installer mega-package
cyrus-sasl-2.1.23 RFC 2222 SASL (Simple Authentication and Security Layer)
cyrus-sasl-2.1.23_1 RFC 2222 SASL (Simple Authentication and Security Layer)
db3-3.3.11_3,1 The Berkeley DB package, revision 3.3
db41-4.1.25_4 The Berkeley DB package, revision 4.1
gettext-0.18.1.1 GNU gettext package
grub-0.97_4 GRand Unified Bootloader
libiconv-1.13.1_1 A character set conversion library
libwww-5.4.0_4 The W3C Reference Library
mbmon-205_5 A tty motherboard monitor for LM78/79, W8378x, AS99127F, VT
mysql-client-5.1.53 Multithreaded SQL database (client)
openldap-client-2.4.23 Open source LDAP client implementation
openldap-sasl-client-2.4.23 Open source LDAP client implementation with SASL2 support
openssl-1.0.0_2 SSL and crypto library
openssl-1.0.0_4 SSL and crypto library
perl-5.10.1_2 Practical Extraction and Report Language
perl-5.10.1_3 Practical Extraction and Report Language
squid-2.7.9 HTTP Caching Proxy
squidGuard-1.4_2 A fast redirector for squid
squid_radius_auth-1.10 RADIUS authenticator for squid proxy 2.5 and laterRegards
Andrew
-
Production problems not as bad as first thought…
Removed Squidguard
Installed squidguard
Still no button to upload/update the blacklist
pkg_info still shows openssl
$ pkg_info
bsdinstaller-2.0.2011.0118 BSD Installer mega-package
cyrus-sasl-2.1.23 RFC 2222 SASL (Simple Authentication and Security Layer)
cyrus-sasl-2.1.23_1 RFC 2222 SASL (Simple Authentication and Security Layer)
db3-3.3.11_3,1 The Berkeley DB package, revision 3.3
db41-4.1.25_4 The Berkeley DB package, revision 4.1
gettext-0.18.1.1 GNU gettext package
grub-0.97_4 GRand Unified Bootloader
libiconv-1.13.1_1 A character set conversion library
libwww-5.4.0_4 The W3C Reference Library
mbmon-205_5 A tty motherboard monitor for LM78/79, W8378x, AS99127F, VT
mysql-client-5.1.53 Multithreaded SQL database (client)
openldap-client-2.4.23 Open source LDAP client implementation
openldap-sasl-client-2.4.23 Open source LDAP client implementation with SASL2 support
openssl-1.0.0_2 SSL and crypto library
openssl-1.0.0_4 SSL and crypto library
perl-5.10.1_2 Practical Extraction and Report Language
perl-5.10.1_3 Practical Extraction and Report Language
squid-2.7.9 HTTP Caching Proxy
squidGuard-1.4_2 A fast redirector for squid
squid_radius_auth-1.10 RADIUS authenticator for squid proxy 2.5 and laterRegards
Andrew
-
Meant to include these entries from the log - in the middle of the squidguard install
Feb 2 09:11:32 saslpasswd2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"
Feb 2 09:11:32 saslpasswd2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"
Feb 2 09:11:32 sasldblistusers2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"
Feb 2 09:11:32 sasldblistusers2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"
Feb 2 09:11:32 saslpasswd2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2"
Feb 2 09:11:32 saslpasswd2: unable to dlopen /usr/local/lib/sasl2/libgssapiv2.so.2: Shared object "libgssapi.so.10" not found, required by "libgssapiv2.so.2" -
Well - following a restart I now have a button which claims it will download a black list from http://www.shallalist.de/Downloads/shallalist.tar.gz - press the button and nothing happens - no entries in any log, no activity on the WAN
running out of ideas
Regards
Andrew
-
Very interesting - due to a hardware fail at a remote site I had to dtop/reconfigure and restart an IPSEC VPN - then continued the battle with Squidguard. The button now works as advertsised and it updates correctly!
Still no entries in any log file concerning squidguard, but in the "Portal Auth" tab the following entries have appeared
Feb 2 10:30:38 squid[35770]: Squid Parent: child process 57923 started
Feb 2 10:30:35 squid[35770]: Squid Parent: child process 36437 exited due to signal 6
Feb 2 10:30:35 squid[36437]: The url_rewriter helpers are crashing too rapidly, need help!
Feb 2 10:30:29 squid[35770]: Squid Parent: child process 36437 startedBut we are not using the Portal and have never had any entries in this tab before to-day.
Regards
Andrew
-
Hi,
I have exactly the same problem, except I don't use any IPSEC VPN.
I removed and reinstalled squidguard, but I still can't update the blacklist and I have the same issue in "Portal Auth" log.What to do ?
Regards
-
http://forum.pfsense.org/index.php?topic=31974.0
Need reinstall squid ?
-
I just reinstalled squid and still have the same issue :(
-
I just reinstalled squid and still have the same issue :(
Try uninstal squid/squidGuard from GUI.
Then from console deinstall any from this (if exists) - 'pkg_delete -r pkgname'squid-2.7.9 HTTP Caching Proxy squidGuard-1.4_2 A fast redirector for squid squid_radius_auth-1.10 RADIUS authenticator for squid proxy 2.5 and laterThen install squid/squidGuard new from GUI
-
It would be a good idea to remove all packages, then check the pkg_info as dvserg suggests, and pkg_delete -f each of the remaining items.
When that is done, you can reinstall your packages to make sure everything you have is current.
-
I removed all packages as suggested, renstalled squid and squiguard, and I still can't update the list
-
Just for information I just rebooted pfsense and the problem is still here
-
May be irrelevant - but including the reboot for the IPSEC VPN (wanted to make sure all caches were clear) - it started working for after the third reboot.
Regards
Andrew
-
I might have been a bit quick saying it was working. It certainly appears to be working but a look at the system log shows
Feb 2 14:48:11 php: : The command 'cp -f -p /usr/local/etc/squidGuard/blacklist.files /usr/local/etc/squidGuard' returned exit code '1', the output was 'cp: /usr/local/etc/squidGuard/blacklist.files and /usr/local/etc/squidGuard/blacklist.files are identical (not copied).'
Feb 2 14:46:35 php: : The command 'rm -R . /tmp/squidGuard/arcdb' returned exit code '1', the output was 'rm: "." and ".." may not be removed'
Feb 2 14:46:31 php: : The command 'rm -R . /tmp/squidGuard/unpack' returned exit code '1', the output was 'rm: "." and ".." may not be removed'More checking!
Andrew
-
I might have been a bit quick saying it was working. It certainly appears to be working but a look at the system log shows
Feb 2 14:48:11 php: : The command 'cp -f -p /usr/local/etc/squidGuard/blacklist.files /usr/local/etc/squidGuard' returned exit code '1', the output was 'cp: /usr/local/etc/squidGuard/blacklist.files and /usr/local/etc/squidGuard/blacklist.files are identical (not copied).'
Feb 2 14:46:35 php: : The command 'rm -R . /tmp/squidGuard/arcdb' returned exit code '1', the output was 'rm: "." and ".." may not be removed'
Feb 2 14:46:31 php: : The command 'rm -R . /tmp/squidGuard/unpack' returned exit code '1', the output was 'rm: "." and ".." may not be removed'More checking!
Andrew
It is a bug. Thanks.
-
Just to confirm, I did the following:
- removed all packages with GUI
- removed all packages with pkg_delete
- upgraded to latest snapshot
- installed squid and then squidguard
Result: the "Download" button makes nothing. No error in "Portal Auth"
-
I've recently updated the same package on pfsense 1.2.3.
The "download" button has moved to a new tab called "Blacklist" next to the "log" tab.
You can see a progress bar during update of the blacklist.
Maybe that the 2.0 version also moved there? -
Yes but in version 2.0 the progress bar stays at 0%
