Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Access.log won't update until I …

    Scheduled Pinned Locked Moved pfSense Packages
    3 Posts 2 Posters 2.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kopbeen
      last edited by

      Background - Packages/Versions:
      =========================

      Pfsense 1.2.3 RELEASE
      Lightsquid 1.7.1 pkg 1.2
      Squid 2.7.9_4 (Transparent proxy mode)

      –

      Hi There,
      When my PFSENSE box reboots. Users can browse to their heart content but my access.log does not get updated. (Cache.log does though)

      ls -la /var/squid/log

      total 280
      drwxr-xr-x  2 proxy  proxy    512 Mar 30 22:00 .
      drwxr-xr-x  6 proxy  proxy    512 Nov 24 23:00 ..
      -rw-r–---  1 proxy  proxy  29316 Mar 31 11:00 access.log
      -rw-r-----  1 proxy  proxy      0 Mar 30 21:42 access.log.0
      -rw-r-----  1 proxy  proxy  221926 Mar 31 11:00 cache.log
      -rw-r-----  1 proxy  proxy    5162 Mar 30 22:00 cache.log.0
      The only way I get to access.log to 'wake up' is to do the following;

      1. In PFSENSE, Status, Sevices -> Restart the squid service
      2. In PFSENSE, Services, Proxy Server, General tab -> Untick 'enabled logging' , Save and re-tick 'enabled logging' , Save.

      AS soon as I did one of the above tricks – surf around a bit, I can see Access.log’s datestamp correlates correctly.

      I'm baffled a why this is happening!  ???

      Other things I tried:

      1. Reinstalled squid + squidlight. still does the same.

      2. Trying to stop/start from cli also does not work:

      /usr/local/sbin/squid -k shutdown
      /usr/local/sbin/squid -D

      any ideas?

      1 Reply Last reply Reply Quote 0
      • W
        wagonza
        last edited by

        Sounds like squid is not started in time on boot. There is a process that checks to see if squid is running before the firewall adds the transparent rule. If squid is not running then it does not add the transparent redirect for port 80 fw rule. Thats why if you click save it then starts working.
        You will probably find this in your log entries "SQUID is installed but not started.  Not installing redirect rules.".

        Follow me on twitter http://twitter.com/wagonza
        http://www.thepackethub.co.za

        1 Reply Last reply Reply Quote 0
        • K
          kopbeen
          last edited by

          thx wagonza - your reply nudged me into the right direction.

          if I do a pfctl -sn | grep http - I am suppose to see the redirect rule :
          rdr on re0 inet proto tcp from any to ! (re0) port = http -> 127.0.0.1 port 80

          After browsing I found the solution in the http://forum.pfsense.org/index.php/topic,20690.15.html discussion… in a nutshell, it looks like there is some sort of race condition in rc.  so by commenting out the 'rm -f /tmp/filter_dirty' line fixes the problem!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.