Squidguard working, but squid not? Is it possible?



  • I have this "weird" experience or maybe I just don't know what to do.

    My squidguard is just working fine, and it can block certain catergories in the blacklist so I know it is working.
    Lightsquid is also reporting so it's okay.
    But I feel like my squid is not doing its job because everytime I check my speedtest, it doesn't give me my LAN's 100Mbps download speed, only the ISP's download speed which is <1Mbps.

    I can view the cachemanager but I don't know what to look at. This is a fresh install box,
    2.0-RELEASE (i386)
    built on Tue Sep 13 17:28:43 EDT 2011

    Installed packages are squid, squidguard, lightsquid and imspector only.
    Squid is running in transparent mode.

    I "think" I configured the squid correctly. I've done it many times already. But this time is different, I feel that there is still something lacking in the configuration and if someone can point me to it, I am very grateful.

    This is my squid settings:
    Interface: LAN
    Allow users: checked
    Transparent: checked
    Enabled logging: checked
    Log store directory: /var/squid/log
    Proxy port: 3128

    Custom options: acl ITGroup1 src  x.x.x.x /32 x.x.x.x /31  x.x.x.x /29  x.x.x.x /27  x.x.x.x /28  x.x.x.x /29 ;acl Monsters src  x.x.x.x /32 x.x.x.x /32  x.x.x.x /32;acl Managers src 1 x.x.x.x /24;acl Staffs src  x.x.x.x /24; acl Staffpersonal src  x.x.x.x /26  x.x.x.x /26  x.x.x.x /26;acl SubconsAndGuests src  x.x.x.x /26;tcp_outgoing_address x.x.x.x ITGroup1;tcp_outgoing_address x.x.x.x Monsters; tcp_outgoing_address x.x.x.x Managers;tcp_outgoing_address x.x.x.x Staffs;tcp_outgoing_address x.x.x.x Staffpersonal;tcp_outgoing_address x.x.x.x SubconsAndGuests; redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf;redirector_bypass on;redirect_children 3

    Hard disk cache size: 200000 MB
    Hard disk cache system: ufs
    Hard disk cache location: /var/squid/cache
    Memory cache size: 1024 MB
    Minimum object size: 0
    Maximum object size: 10000 KB
    Maximum object size in RAM: 32 KB
    Memory replacement policy: Heap LFUDA
    Cache replacement policy: LRU
    Low: 90
    High: 95
    External Cache-Managers: my lan ip

    Maximum download size: 0
    Maximum upload size: 0
    Overall bandwidth throttling: 0
    Per-host throttling: 0
    Throttle only specific extensions: unchecked

    Any help is highly appreciated. Thanks!



  • In addition, i tried reinstalling the squid package but some errors were logged:

    Nov 22 10:30:12 check_reload_status: Syncing firewall
    Nov 22 10:30:12 php: /pkg_mgr_install.php: The command '/usr/local/sbin/squid -k reconfigure' returned exit code '1', the output was 'squid: ERROR: No running copy'
    Nov 22 10:30:12 php: /pkg_mgr_install.php: Reloading Squid for configuration sync
    Nov 22 10:30:12 check_reload_status: Reloading filter
    Nov 22 10:30:12 php: /pkg_mgr_install.php: The command '/usr/local/sbin/squid -k reconfigure' returned exit code '1', the output was 'squid: ERROR: No running copy'
    Nov 22 10:30:12 php: /pkg_mgr_install.php: Reloading Squid for configuration sync
    Nov 22 10:30:12 squid[60846]: Squid Parent: child process 61490 started
    Nov 22 10:30:12 check_reload_status: Reloading filter
    Nov 22 10:30:12 php: /pkg_mgr_install.php: Starting a proxy monitor script
    Nov 22 10:30:12 php: /pkg_mgr_install.php: Starting Squid
    Nov 22 10:30:11 dhcpd: DHCPDISCOVER from xx:xx:xx:xx:xx:xx via bge0: network xxx.xxx.xxx.xxx/22: no free leases
    Nov 22 10:30:11 php: /pkg_mgr_install.php: Stopping any running proxy monitors
    Nov 22 10:30:11 check_reload_status: Syncing firewall

    another one, after I reinstall all the packages.

    Nov 22 11:40:36 php: /pkg_edit.php: Reloading Squid for configuration sync
    Nov 22 11:40:36 check_reload_status: Reloading filter
    Nov 22 11:40:36 check_reload_status: Syncing firewall
    Nov 22 11:40:36 check_reload_status: Reloading filter
    Nov 22 11:40:36 php: /pkg_edit.php: Reloading Squid for configuration sync
    Nov 22 11:40:05 check_reload_status: Syncing firewall
    Nov 22 11:40:05 php: /pkg_mgr_install.php: The command '/usr/local/sbin/squid -k reconfigure' returned exit code '1', the output was 'squid: ERROR: Could not send signal 1 to process 63338: (3) No such process'
    Nov 22 11:40:05 php: /pkg_mgr_install.php: Reloading Squid for configuration sync
    Nov 22 11:40:05 check_reload_status: Reloading filter
    Nov 22 11:40:05 php: /pkg_mgr_install.php: The command '/usr/local/sbin/squid -k reconfigure' returned exit code '1', the output was 'squid: ERROR: Could not send signal 1 to process 63338: (3) No such process'
    Nov 22 11:40:05 php: /pkg_mgr_install.php: Reloading Squid for configuration sync
    Nov 22 11:40:05 squid[22486]: Squid Parent: child process 23120 started
    Nov 22 11:40:05 check_reload_status: Reloading filter
    Nov 22 11:40:05 php: /pkg_mgr_install.php: Starting a proxy monitor script
    Nov 22 11:40:05 php: /pkg_mgr_install.php: Starting Squid
    Nov 22 11:40:04 php: /pkg_mgr_install.php: Stopping any running proxy monitors
    Nov 22 11:40:04 check_reload_status: Syncing firewall
    Nov 22 11:38:44 php: /pkg_mgr_install.php: Beginning package installation for squid.
    Nov 22 11:38:42 php: /pkg_mgr_install.php: SQUID is installed but not started. Not installing "filter" rules.
    Nov 22 11:38:42 php: /pkg_mgr_install.php: SQUID is installed but not started. Not installing "pfearly" rules.
    Nov 22 11:38:42 php: /pkg_mgr_install.php: SQUID is installed but not started. Not installing "nat" rules.
    Nov 22 11:38:42 check_reload_status: Syncing firewall
    Nov 22 11:38:40 check_reload_status: Syncing firewall



  • I do not understand what you want to tell with this line:

    But I feel like my squid is not doing its job because everytime I check my speedtest, it doesn't give me my LAN's 100Mbps download speed, only the ISP's download speed which is <1Mbps.
    


  • Hi Nachtfalke,

    Before, with my previous pfsense box, when I do a speed test, it always shows a 100Mbps in the download because it gets from the cache. But with my current box, it always shows my WAN's speed only. So I was thinking that my squid doesn't work. Don't bother with the different ISPs.

    My previous box:

    My current box:

    I tried a fresh install of my pfsense in my vostro 220 with 3 NICs, and installed squid only. But I always get this "No running copy" error.

    php: /pkg_mgr_install.php: Creating squid cache subdirs in /var/squid/cache
    Nov 22 23:21:47 php: /pkg_mgr_install.php: The command '/usr/local/sbin/squid -k shutdown' returned exit code '1', the output was 'squid: ERROR: No running copy'
    Nov 22 23:21:52 php: /pkg_mgr_install.php: The command '/usr/local/sbin/squid -k kill' returned exit code '1', the output was 'squid: ERROR: No running copy'
    Nov 22 23:21:52 squid[55108]: Failed to make swap directory /var/squid/cache/00: (13) Permission denied
    Nov 22 23:21:52 kernel: pid 55108 (squid), uid 100: exited on signal 6
    Nov 22 23:21:52 php: /pkg_mgr_install.php: Stopping any running proxy monitors
    Nov 22 23:21:53 php: /pkg_mgr_install.php: Creating squid cache subdirs in /var/squid/cache
    Nov 22 23:21:53 php: /pkg_mgr_install.php: The command '/usr/local/sbin/squid -k shutdown' returned exit code '1', the output was 'squid: ERROR: Could not read pid file /var/squid/logs/squid.pid: (13) Permission denied'
    Nov 22 23:21:58 php: /pkg_mgr_install.php: The command '/usr/local/sbin/squid -k kill' returned exit code '1', the output was 'squid: ERROR: Could not read pid file /var/squid/logs/squid.pid: (13) Permission denied'
    Nov 22 23:21:58 squid[59133]: Failed to make swap directory /var/squid/cache/00: (13) Permission denied
    Nov 22 23:21:58 kernel: pid 59133 (squid), uid 100: exited on signal 6
    Nov 22 23:21:58 php: /pkg_mgr_install.php: Starting Squid
    Nov 22 23:21:58 php: /pkg_mgr_install.php: Starting a proxy monitor script
    Nov 22 23:21:58 check_reload_status: Reloading filter
    Nov 22 23:21:58 squid[61658]: Squid Parent: child process 62078 started
    Nov 22 23:21:58 squid[62078]: Cannot open '/var/squid/logs/access.log' for writing. The parent directory must be writeable by the user 'squid', which is the cache_effective_user set in squid.conf.
    Nov 22 23:21:58 squid[61658]: Squid Parent: child process 62078 exited due to signal 6
    Nov 22 23:21:58 kernel: pid 62078 (squid), uid 100: exited on signal 6
    Nov 22 23:21:58 php: /pkg_mgr_install.php: Creating squid cache subdirs in /var/squid/cache
    Nov 22 23:21:58 php: /pkg_mgr_install.php: The command '/usr/local/sbin/squid -k shutdown' returned exit code '1', the output was 'squid: ERROR: No running copy'
    Nov 22 23:22:01 squid[61658]: Squid Parent: child process 62511 started
    Nov 22 23:22:01 squid[62511]: Failed to verify one of the swap directories, Check cache.log for details. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time.
    Nov 22 23:22:01 kernel: pid 62511 (squid), uid 62: exited on signal 6
    Nov 22 23:22:01 squid[61658]: Squid Parent: child process 62511 exited due to signal 6
    Nov 22 23:22:03 php: /pkg_mgr_install.php: The command '/usr/local/sbin/squid -k kill' returned exit code '1', the output was 'squid: ERROR: No running copy'
    Nov 22 23:22:04 squid[61658]: Squid Parent: child process 8506 started
    Nov 22 23:22:04 squid[8506]: Failed to verify one of the swap directories, Check cache.log for details. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time.
    Nov 22 23:22:04 kernel: pid 8506 (squid), uid 62: exited on signal 6
    Nov 22 23:22:04 squid[61658]: Squid Parent: child process 8506 exited due to signal 6
    Nov 22 23:22:07 php: /pkg_mgr_install.php: Reloading Squid for configuration sync
    Nov 22 23:22:07 php: /pkg_mgr_install.php: The command '/usr/local/sbin/squid -k reconfigure' returned exit code '1', the output was 'squid: ERROR: No running copy' Nov 22 23:22:07 check_reload_status: Reloading filter
    Nov 22 23:22:07 squid[61658]: Squid Parent: child process 12101 started
    Nov 22 23:22:07 php: /pkg_mgr_install.php: Reloading Squid for configuration sync
    Nov 22 23:22:07 php: /pkg_mgr_install.php: The command '/usr/local/sbin/squid -k reconfigure' returned exit code '1', the output was 'squid: ERROR: No running copy'
    Nov 22 23:22:07 check_reload_status: Reloading filter
    Nov 22 23:22:08 check_reload_status: Syncing firewall
    Nov 22 23:22:10 check_reload_status: Syncing firewall
    Nov 22 23:22:26 php: /pkg_edit.php: Reloading Squid for configuration sync
    Nov 22 23:22:26 check_reload_status: Reloading filter
    Nov 22 23:22:26 check_reload_status: Syncing firewall
    Nov 22 23:22:26 check_reload_status: Reloading filter
    Nov 22 23:22:26 php: /pkg_edit.php: Reloading Squid for configuration sync Nov 22 23:23:09 check_reload_status: Syncing firewall

    I read some clues here (http://www.comfsm.fm/computing/squid/FAQ-11.html#ss11.43) but I don't know what command to enter in the shell. I am not familiar with FreeBSD/squid commands. I read the command last night but now I forgot where I've seen it. It looks like ps -f | ….
    I really don't know if this is the right solution to my problem. Or worse, if there really exists a problem.  ???



  • Hoping that there is still hope, I installed the lusca-cache.

    And viola!!!

    It seems that squid was able to save it to cache but not able to pull/get the cached file.

    Or maybe with the squid installation. I don't know how to find the problem. Here's the syslog of lusca-cache installation. "ERROR: No running copy" is absent in the log.

    Nov 23 16:38:04 php: /pkg_edit.php: squid config synchronized and squid reconfigured
    Nov 23 16:38:04 check_reload_status: Reloading filter
    Nov 23 16:38:04 php: /pkg_edit.php: process "squid -D" running at "24836 /usr/local/sbin/squid -D "
    Nov 23 16:38:04 php: /pkg_edit.php: process "proxy_monitor.sh" running at "133 /bin/sh /usr/local/etc/rc.d/proxy_monitor.sh "
    Nov 23 16:38:04 check_reload_status: Syncing firewall
    Nov 23 16:37:26 php: /pkg_edit.php: squid config synchronized and squid reconfigured
    Nov 23 16:37:26 check_reload_status: Reloading filter
    Nov 23 16:37:26 php: /pkg_edit.php: process "squid -D" running at "24836 /usr/local/sbin/squid -D "
    Nov 23 16:37:26 php: /pkg_edit.php: process "proxy_monitor.sh" running at "133 /bin/sh /usr/local/etc/rc.d/proxy_monitor.sh "
    Nov 23 16:37:26 check_reload_status: Syncing firewall
    Nov 23 16:37:19 squid[24836]: Squid Parent: child process 25334 started
    Nov 23 16:37:18 php: /pkg_edit.php: Creating squid cache dir and files
    Nov 23 16:37:18 php: /pkg_edit.php: process "squid -D" running at ""
    Nov 23 16:37:18 squid[52946]: Squid Parent: child process 53381 exited with status 0
    Nov 23 16:37:17 php: /pkg_edit.php: Waiting squid to shutdown before creating squid cache dir
    Nov 23 16:37:17 php: /pkg_edit.php: process "squid -D" running at "52946 /usr/local/sbin/squid -D "
    Nov 23 16:37:17 php: /pkg_edit.php: squid config synchronized
    Nov 23 16:37:17 php: /pkg_edit.php: process "proxy_monitor.sh" running at ""
    Nov 23 16:37:17 check_reload_status: Syncing firewall
    Nov 23 16:34:48 check_reload_status: Reloading filter
    Nov 23 16:34:48 check_reload_status: Syncing firewall
    Nov 23 16:34:47 php: /pkg_mgr_install.php: squid config synchronized and squid reconfigured
    Nov 23 16:34:47 check_reload_status: Reloading filter
    Nov 23 16:34:47 php: /pkg_mgr_install.php: process "squid -D" running at "52946 /usr/local/sbin/squid -D "
    Nov 23 16:34:47 php: /pkg_mgr_install.php: process "proxy_monitor.sh" running at "56876 /bin/sh /usr/local/etc/rc.d/proxy_monitor.sh start "
    Nov 23 16:34:47 php: /pkg_mgr_install.php: squid.xml install_command done
    Nov 23 16:34:46 check_reload_status: Syncing firewall
    Nov 23 16:34:46 php: /pkg_mgr_install.php: squid.xml install_command
    Nov 23 16:31:59 check_reload_status: Syncing firewall
    Nov 23 16:31:58 php: /pkg_mgr_install.php: Beginning package installation for lusca-cache.
    Nov 23 16:31:55 check_reload_status: Syncing firewall



  • My squid isn't caching anything on speedtest.net but it is caching other files like it should.
    So I don't think it is an "error".



  • I see. Maybe I am used to caching videos and the speedtest.net.
    How to check if squid is running? I read about the cachemgr and the Monitoring Squid Status in the sticky note, but I can't understand a thing.

    But I am more curios about the No running copy error. Is that a common error?

    Is there is an easier way to check if squid is running/functioning correctly without doing additional installation or configurations?



  • If i remember right there might also be situation, where site send don't cache instructions to proxy. so some sites wont work in cached mode no matter what



  • Thanks for that info. I removed lusca-cache and return to the original squid. I don't care now about speedtest as long as squid is running. It makes my system "faster".

    I forgot about lightsquid to check if squid is running or not. :D



  • anybody can help i a have formated my pfsense server 2-3 times still my problem is not solved.

    This is my squid settings:
    Interface: LAN
    Allow users: checked
    Transparent: checked
    Enabled logging: checked
    Log store directory: /var/squid/log
    Proxy port: 3128

    when i checked Allow users on interface to all user's Internet was not working and there browser message is "THE CONNECTION WAS RESET"
    then when i uncheck this option Allow users on interface internet was working fine.

    what i do any idea.

    really its very tipical problem..

    my mail id is mohanrao83@gmail.com

    i waiting for positive response from any body.

    its very helpful for me.

    Thanks

    A Mohan Rao



  • @mohanrao83 : do you have other packages installed aside from squid?



  • yes first in install package squid , squid guard then light squid.
    then reboot server then check user's have same message.

    Thnx

    Mohan



  • maybe you don't put a pass rule in your squidguard.

    try searching the forum for squid+squidguard config.
    you can also refer to this: http://forum.pfsense.org/index.php/topic,40233.msg212828.html#msg212828


Log in to reply