PfSense 2.0.1-RELEASE with Squid & HAVP = major problems
-
Forgot to mention this: if there are really problems in the packages, the devs NEED to know about it.
-
@lpallard:
Forgot to mention this: if there are really problems in the packages, the devs NEED to know about it.
It could also be havp current version and not package gui.
Did you tried to rum havp on any Linux/unix server other then pfsense.Some times is better having firewall appart of proxy.
Packages are almost contributions to pfsense project sent by community, maybe havp is currently outdated because there is nobody with free time to maintain it.
-
@lpallard:
Forgot to mention this: if there are really problems in the packages, the devs NEED to know about it.
It could also be havp current version and not package gui.
Did you tried to rum havp on any Linux/unix server other then pfsense.Some times is better having firewall appart of proxy.
Packages are almost contributions to pfsense project sent by community, maybe havp is currently outdated because there is nobody with free time to maintain it.
Im gonna deactivate HAVP and see if it helps, but I think I already tried that.. Anyways, I have discovered in the last few days/weeks that most of my problems were from Snort or SquidGuard blocking stuff up, which I deactivated the rules and it helped. When that happened, I was getting a Connection failed error from HAVP, not a DNS error
what can cause a DNS error?
-
what can cause a DNS error?
As I saw in some posts, could be snort
http://forum.pfsense.org/index.php/topic,43628.0.htmlsome extra info about havp I got from package description:
maintainer: dvserg
pfsense package version: 0.91_1
latest version : 0.9.2a
latest havp update: 07.11.2010This package looks like really stable or few used as last release was more then a year ago.
I think the best configuration for this package is squid + havp as parent for squid.
-
OK Ive done some testing…
At first,
suppress gen_id 122, sig_id 22 ``` seemed to have fixed it. It worked for about 5 or 10 minutes,. Then, suddenly everything stopped to work. Now **every** sites (except google) gives the DNS error thing.. Every website! Until further notice, or a solution is found, pfsense is out of order… EDIT: Unplugging my laptop from the pfsense box, and re-plugging it to the pfsense box seems to help, now all seems to work. **Also Snort is deactivated.,** Snort might be the problem… It was until I added these rules:suppress gen_id 120, sig_id 3
suppress gen_id 122, sig_id 22Any DNS experts out there? -
this morning, not working. Unless a burglar or a ghost played with my router while I was sleeping, I dont see why it would have worked yesterday and not this morning.
forum.xbmc.org is not accessible.
The frustrating part is that pfsense with NO packages works PERFECTLY. So I wont blame pfsense devs because I have used it for more than a year now and it was flawless until I installed the snort/squid/squidguard/havp >:( stuff..
-
@lpallard:
The frustrating part is that pfsense with NO packages works PERFECTLY. So I wont blame pfsense devs because I have used it for more than a year now and it was flawless until I installed the snort/squid/squidguard/havp >:( stuff..
Just like I said, packages are contributions, some are maintained by core team, but not all.
Uncheck block ofenders from snort, so it will not block false positives and not deny your dns resolution.
