Squidguard / squid getting default access
-
i think this is the problem , and how can i check how many redirectors are used by squid.???
-
http://forum.pfsense.org/index.php/topic,14609.0.html
Post 1 and in this post points 1,2 and 3 will help you how to enable cachemgr.cgi.
There are many threads about that in the search function.With cachemgr.cgi you could check your squid utilization etc.
-
Change in squid
redirector_bypass off;redirect_children 10
and SaveThis is solve you problem/
Also need squid/squidGuard logs -
Change in squid
redirector_bypass off;redirect_children 10
and SaveCould this be changed in SquidGuard ?
It would be nice because then it wouldn't be resetted after changing something in squidguard.Further there is a "problem" in Proxy Server because redirect_children 10 does not end with a ";".
So if you just change these parameters and click save, squid will not start.Nevertheless, great job!!
-
/usr/local/pkg/squidGuard_configurator.inc
function squid_reconfigure($remove_only = '')
Change$conf[] = REDIRECT_BYPASS_OPT . " on"; $conf[] = REDIRECT_CHILDREN_OPT . " " . REDIRECTOR_PROCESS_COUNT;
To
$conf[] = REDIRECT_BYPASS_OPT . " off"; $conf[] = REDIRECT_CHILDREN_OPT . " 10";
-
/usr/local/pkg/squidGuard_configurator.inc
function squid_reconfigure($remove_only = '')
Change$conf[] = REDIRECT_BYPASS_OPT . " on"; $conf[] = REDIRECT_CHILDREN_OPT . " " . REDIRECTOR_PROCESS_COUNT;
To
$conf[] = REDIRECT_BYPASS_OPT . " off"; $conf[] = REDIRECT_CHILDREN_OPT . " 10";
I have change this:
To$conf[] = REDIRECT_BYPASS_OPT . " off"; $conf[] = REDIRECT_CHILDREN_OPT . " 10";
to this:
To$conf[] = REDIRECT_BYPASS_OPT . " off"; $conf[] = REDIRECT_CHILDREN_OPT . " 10;";
So there is a "semicolon" at the end of the line.
@dvserg
Could this "fix" find a way into this/your package or did you intend something else with these options and this is just a workaround ? -
This is work around
Possible this issue will be fixed by one next updates -
i have changed the same but today i checked my squidguard log file i found my squidguard is stopped due to some bypass attempt, my log file shows,
2011-07-13 20:03:51 [33349] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://i.i.com.com/cnwk.1d/i/tim//2009/12/10/fmimg7057826075603831996.png
2011-07-13 20:03:51 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://i.i.com.com/cnwk.1d/i/tim//2009/08/11/fmimg4816987111104018507.png
2011-07-13 20:03:51 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://i.i.com.com/cnwk.1d/i/tim//2009/11/14/fmimg631194890240589824.png
2011-07-13 20:03:51 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://i.i.com.com/cnwk.1d/i/tim//2010/09/03/fmimg7018928402934970340_32x32.png
2011-07-13 20:03:51 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://i.i.com.com/cnwk.1d/i/tim//2010/03/25/fmimg4808689534763265321.png
2011-07-13 20:03:51 [33349] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://i.i.com.com/cnwk.1d/i/tim//2010/04/29/fmimg1657085450203353602.png
2011-07-13 20:03:51 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://i.i.com.com/cnwk.1d/i/tim//2010/05/30/fmimg7126535568390505567.png
2011-07-13 20:19:29 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://ds.serving-sys.com/BurstingRes///Site-19462/Type-0/2a4601c7-0ff0-43fd-b256-db
dfd620cc0c.gif
2011-07-13 20:37:15 [33347] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://jineshpaloor.wordpress.com/wp-content/mu-plugins/grunion-contact-form-2.0//im
ages/grunion-menu.png
2011-07-13 20:37:15 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://jineshpaloor.wordpress.com/wp-content/mu-plugins/grunion-contact-form-2.0//im
ages/grunion-form.png
2011-07-13 20:39:56 [33347] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://jineshpaloor.wordpress.com/wp-content/mu-plugins/grunion-contact-form-2.0//im
ages/grunion-menu.png
2011-07-13 20:39:58 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://jineshpaloor.wordpress.com/wp-content/mu-plugins/grunion-contact-form-2.0//im
ages/grunion-form.png
2011-07-13 20:42:14 [33352] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://jineshpaloor.wordpress.com/wp-content/mu-plugins/grunion-contact-form-2.0//im
ages/grunion-menu.png
2011-07-13 20:42:15 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://jineshpaloor.wordpress.com/wp-content/mu-plugins/grunion-contact-form-2.0//im
ages/grunion-form.png
2011-07-13 20:42:58 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://jineshpaloor.wordpress.com/wp-content/mu-plugins/grunion-contact-form-2.0//im
ages/grunion-menu.png
2011-07-13 20:42:59 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://jineshpaloor.wordpress.com/wp-content/mu-plugins/grunion-contact-form-2.0//im
ages/grunion-form.png
2011-07-13 21:22:12 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://jineshpaloor.wordpress.com/wp-content/mu-plugins/grunion-contact-form-2.0//im
ages/grunion-menu.png
2011-07-13 21:22:13 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://jineshpaloor.wordpress.com/wp-content/mu-plugins/grunion-contact-form-2.0//im
ages/grunion-form.png
2011-07-13 21:28:31 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://ocsp.godaddy.com//MEgwRjBEMEIwQDAJBgUrDgMCGgUABBRwKSJ2U38avI/VPJSE6RTLdioFKgQ
U/axhMpNsRdbi7oVfmrrndplozOcCBwfwPGwIHj8=
2011-07-13 21:30:54 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://ocsp.godaddy.com//MEgwRjBEMEIwQDAJBgUrDgMCGgUABBRwKSJ2U38avI/VPJSE6RTLdioFKgQ
U/axhMpNsRdbi7oVfmrrndplozOcCB0tSfAeDMk8=
2011-07-13 21:32:45 [33346] Info: recalculating alarm in 5235 seconds
2011-07-13 21:32:45 [33354] Info: recalculating alarm in 5235 seconds
2011-07-13 21:32:45 [33356] Info: recalculating alarm in 5235 seconds
2011-07-13 21:32:45 [33355] Info: recalculating alarm in 5235 seconds
2011-07-13 21:32:45 [33352] Info: recalculating alarm in 5235 seconds
2011-07-13 21:32:45 [33347] Info: recalculating alarm in 5235 seconds
2011-07-13 21:32:45 [33349] Info: recalculating alarm in 5235 seconds
2011-07-13 21:32:45 [33358] Info: recalculating alarm in 5235 seconds
2011-07-13 21:32:45 [33353] Info: recalculating alarm in 5235 seconds
2011-07-13 21:32:45 [33357] Info: recalculating alarm in 5235 seconds
2011-07-13 21:52:13 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://www.dell.com//
2011-07-13 22:07:29 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://static.websimages.com/JS/Punymce//css/editor.css
2011-07-13 22:07:31 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://static.websimages.com/JS/Punymce//plugins/image/css/editor.css
2011-07-13 22:07:31 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://static.websimages.com/JS/Punymce//plugins/fwimage/css/editor.css
2011-07-13 22:07:31 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://static.websimages.com/JS/Punymce//plugins/video/css/editor.css
2011-07-13 22:07:31 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://static.websimages.com/JS/Punymce//plugins/link/css/editor.css
2011-07-13 22:07:31 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://static.websimages.com/JS/Punymce//plugins/textcolor/css/editor.css
2011-07-13 22:07:31 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://static.websimages.com/JS/Punymce//plugins/editsource/css/editor.css
2011-07-13 22:07:31 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://static.websimages.com/JS/Punymce//plugins/emoticons/css/editor.css
2011-07-13 22:07:31 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://static.websimages.com/JS/Punymce//img/icons.gif
2011-07-13 22:07:31 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://static.websimages.com/JS/Punymce//css/content.css
2011-07-13 22:07:31 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://static.websimages.com/JS/Punymce//plugins/emoticons/css/content.css
2011-07-13 22:07:31 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://static.websimages.com/JS/Punymce//plugins/textcolor/img/icons.gif
2011-07-13 22:07:31 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://static.websimages.com/JS/Punymce//plugins/fwimage/img/icons.gif
2011-07-13 22:07:31 [33347] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://static.websimages.com/JS/Punymce//plugins/video/img/film.png
2011-07-13 22:07:31 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://static.websimages.com/JS/Punymce//plugins/emoticons/img/emoticons.gif
2011-07-13 22:07:31 [33347] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://static.websimages.com/JS/Punymce//plugins/editsource/img/icons.gif
2011-07-13 22:07:31 [33346] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://static.websimages.com/JS/Punymce//plugins/link/img/icons.gif
2011-07-13 22:20:23 [33346] overflow in vsprintf (sgLogError): Unknown error: 0
2011-07-13 22:20:23 [33346] going into emergency mode
2011-07-13 22:28:00 [33347] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://d13.zedo.com//OzoDB/0/0/0/blank.gif
2011-07-13 23:02:45 [33346] Info: recalculating alarm in 3435 seconds
2011-07-13 23:02:45 [33354] Info: recalculating alarm in 3435 seconds
2011-07-13 23:02:45 [33356] Info: recalculating alarm in 3435 seconds
2011-07-13 23:02:45 [33355] Info: recalculating alarm in 3435 seconds
2011-07-13 23:02:45 [33352] Info: recalculating alarm in 3435 seconds
2011-07-13 23:02:45 [33347] Info: recalculating alarm in 3435 seconds
2011-07-13 23:02:45 [33349] Info: recalculating alarm in 3435 seconds
2011-07-13 23:02:45 [33358] Info: recalculating alarm in 3435 seconds
2011-07-13 23:02:45 [33353] Info: recalculating alarm in 3435 seconds
2011-07-13 23:02:45 [33357] Info: recalculating alarm in 3435 seconds
2011-07-14 00:00:02 [33346] ending emergency mode, stdin empty
2011-07-14 00:00:02 [33347] squidGuard stopped (1310581802.440)
2011-07-14 00:00:02 [33349] squidGuard stopped (1310581802.441)
2011-07-14 00:00:02 [33352] squidGuard stopped (1310581802.443)
2011-07-14 00:00:02 [33353] squidGuard stopped (1310581802.444)
2011-07-14 00:00:02 [33354] squidGuard stopped (1310581802.446)
2011-07-14 00:00:02 [33355] squidGuard stopped (1310581802.448)
2011-07-14 00:00:02 [33356] squidGuard stopped (1310581802.449)
2011-07-14 00:00:02 [33357] squidGuard stopped (1310581802.451)
2011-07-14 00:00:02 [33358] squidGuard stopped (1310581802.453)
2011-07-14 00:00:02 [14870] squidGuard 1.3 started (1310581802.690)
2011-07-14 00:00:02 [14870] Info: recalculating alarm in 25198 seconds
2011-07-14 00:00:02 [14870] squidGuard ready for requests (1310581802.750)
2011-07-14 00:00:02 [14872] squidGuard 1.3 started (1310581802.767)
2011-07-14 00:00:02 [14872] Info: recalculating alarm in 25198 seconds
2011-07-14 00:00:02 [14872] squidGuard ready for requests (1310581802.824)
2011-07-14 00:00:03 [14877] squidGuard 1.3 started (1310581803.014)
2011-07-14 00:00:03 [14877] Info: recalculating alarm in 25197 seconds
2011-07-14 00:00:03 [14877] squidGuard ready for requests (1310581803.207)
2011-07-14 00:00:03 [14878] squidGuard 1.3 started (1310581803.034)
2011-07-14 00:00:03 [14878] Info: recalculating alarm in 25197 seconds
2011-07-14 00:00:03 [14878] squidGuard ready for requests (1310581803.276)
2011-07-14 00:00:03 [14875] squidGuard 1.3 started (1310581802.982)
2011-07-14 00:00:03 [14875] Info: recalculating alarm in 25197 seconds
2011-07-14 00:00:03 [14875] squidGuard ready for requests (1310581803.281)
2011-07-14 00:00:03 [14874] squidGuard 1.3 started (1310581803.001)
2011-07-14 00:00:03 [14874] Info: recalculating alarm in 25197 seconds
2011-07-14 00:00:03 [14874] squidGuard ready for requests (1310581803.293)
2011-07-14 07:13:17 [14873] Info: recalculating alarm in 2803 seconds
2011-07-14 07:13:17 [14876] Info: recalculating alarm in 2803 seconds
2011-07-14 07:13:17 [14877] Info: recalculating alarm in 2803 seconds
2011-07-14 07:13:17 [14878] Info: recalculating alarm in 2803 seconds
2011-07-14 07:13:17 [14875] Info: recalculating alarm in 2803 seconds
2011-07-14 07:13:17 [14874] Info: recalculating alarm in 2803 seconds
2011-07-14 07:13:18 [14870] Info: recalculating alarm in 2802 seconds
2011-07-14 07:13:18 [14872] Info: recalculating alarm in 2802 seconds
2011-07-14 07:13:18 [14869] Info: recalculating alarm in 2802 seconds
2011-07-14 07:13:18 [14871] Info: recalculating alarm in 2802 seconds
2011-07-14 08:01:28 [14870] Info: recalculating alarm in 1712 seconds
2011-07-14 08:01:29 [14872] Info: recalculating alarm in 1711 seconds
2011-07-14 08:01:29 [14869] Info: recalculating alarm in 1711 seconds
2011-07-14 08:01:29 [14871] Info: recalculating alarm in 1711 seconds
2011-07-14 08:01:29 [14873] Info: recalculating alarm in 1711 seconds
2011-07-14 08:01:29 [14876] Info: recalculating alarm in 1711 seconds
2011-07-14 08:01:29 [14877] Info: recalculating alarm in 1711 seconds
2011-07-14 08:01:29 [14878] Info: recalculating alarm in 1711 seconds
2011-07-14 08:01:29 [14875] Info: recalculating alarm in 1711 seconds
2011-07-14 08:01:29 [14874] Info: recalculating alarm in 1711 seconds
2011-07-14 08:15:10 [14875] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://jineshpaloor.wordpress.com/wp-content/mu-plugins/grunion-contact-form-2.0//im
ages/grunion-menu.png
2011-07-14 08:15:11 [14869] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://jineshpaloor.wordpress.com/wp-content/mu-plugins/grunion-contact-form-2.0//im
ages/grunion-form.png
2011-07-14 08:15:44 [14873] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://jineshpaloor.wordpress.com/wp-content/mu-plugins/grunion-contact-form-2.0//im
ages/grunion-menu.png
2011-07-14 08:15:44 [14869] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://jineshpaloor.wordpress.com/wp-content/mu-plugins/grunion-contact-form-2.0//im
ages/grunion-form.png
2011-07-14 08:17:03 [14876] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://jineshpaloor.wordpress.com/wp-content/mu-plugins/grunion-contact-form-2.0//im
ages/grunion-menu.png
2011-07-14 08:17:04 [14869] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://jineshpaloor.wordpress.com/wp-content/mu-plugins/grunion-contact-form-2.0//im
ages/grunion-form.png
2011-07-14 08:22:36 [14869] overflow in vsprintf (sgLogError): Unknown error: 0
2011-07-14 08:22:36 [14869] going into emergency mode
2011-07-14 08:30:54 [14872] Info: recalculating alarm in 30 seconds
2011-07-14 08:30:54 [14869] Info: recalculating alarm in 30 seconds
2011-07-14 08:30:54 [14871] Info: recalculating alarm in 30 seconds
2011-07-14 08:30:54 [14873] Info: recalculating alarm in 30 seconds
2011-07-14 08:30:55 [14876] Info: recalculating alarm in 30 seconds
2011-07-14 08:30:55 [14877] Info: recalculating alarm in 30 seconds
2011-07-14 08:30:55 [14878] Info: recalculating alarm in 30 seconds
2011-07-14 08:30:55 [14875] Info: recalculating alarm in 30 seconds
2011-07-14 08:30:55 [14874] Info: recalculating alarm in 30 seconds
2011-07-14 08:30:55 [14870] Info: recalculating alarm in 30 seconds
2011-07-14 08:31:25 [14872] Info: recalculating alarm in 29615 seconds
2011-07-14 08:31:25 [14869] Info: recalculating alarm in 29615 seconds
2011-07-14 08:31:25 [14871] Info: recalculating alarm in 29615 seconds
2011-07-14 08:31:25 [14873] Info: recalculating alarm in 29615 seconds
2011-07-14 08:31:25 [14876] Info: recalculating alarm in 29615 seconds
2011-07-14 08:31:26 [14877] Info: recalculating alarm in 29614 seconds
2011-07-14 08:31:26 [14878] Info: recalculating alarm in 29614 seconds
2011-07-14 08:31:26 [14875] Info: recalculating alarm in 29614 seconds
2011-07-14 08:31:26 [14874] Info: recalculating alarm in 29614 seconds
2011-07-14 08:31:26 [14870] Info: recalculating alarm in 29614 seconds
2011-07-14 09:00:10 [14870] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://c1.zedo.com//ads3/k/1405/982122/1793/1000002/i.js
2011-07-14 09:25:23 [14870] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://c1.zedo.com//ads3/k/1405/972127/1809/1000002/i.js
2011-07-14 09:25:46 [14870] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://c1.zedo.com//ads3/k/1405/986758/2321/1000002/i.js
2011-07-14 09:25:50 [14870] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://c1.zedo.com//ads3/k/1405/986758/2321/1000002/i.js
2011-07-14 09:25:50 [14870] Warning: Possible bypass attempt. Found multiple slashes where only one is expected: http://c1.zedo.com//ads3/k/1405/981135/4369/1000002/i.js
2011-07-14 09:33:49 [10338] squidGuard 1.3 started (1310616229.615)in the morning 2011-07-14 09:33:49 i stared squidguard its working fine.any idea sir???
-
The actual problem is squid+squidguard randomly stop filtering and pass all traffic.
(pfsense 1.2.3, squid 2.7.9_4, squidGuard 1.4_3 pkg v.1.9)I find in filter log this message:
2011-07-14 08:22:36 [14869] overflow in vsprintf (sgLogError): Unknown error: 0
2011-07-14 08:22:36 [14869] going into emergency modePlease help me sir….
-
Same issue
http://forum.pfsense.org/index.php?topic=26462.25 -
-