Squid3 - New GUI with sync, normal and reverse proxy
-
I have a pfSense 2.0.3 Box Squid3 + SquidGuard was worked nice,
i removed squid3 and installed squid3-dev from package menu i download those 6 lib file to /usr/local/lib it seems squid-dev is running since i dont have any error in system log and service status is running,But nothing can pass via pfsense i have set it up as default gateway in my workstations but not website can browse !
ping is passing without problem.i have this kind of error when trying ro restart the service or change configurations:
php: /status_services.php: The command '/usr/local/etc/rc.d/squid.sh stop' returned exit code '1', the output was 'squid: ERROR: Could not send signal 15 to process 6614: (3) No such process'
- i didnt touch any routing,rule,nat setting they are all like default setting.
thanks
-
Would appreciate it if someone opens a new thread when this version of Squid is up and running as a package with no need to be mucking around with external libs and patches etc. ::)
-
Squid3-dev has it's own forum topic.
-
Hi Marcelloc,
I discovered a bug, i don't know if it IIS8 or the Reverse Proxy. I'm running Exchange 2010 SP3 on Server 2012
1st test:
Im using OWA on Exchange 2010 Through the Reverse Proxy, all working fine, but i can't attach larger files to an Email. I'll get connection reset and in the SQUID Log i see the Line TCP_MISS/401. i Tried Firefox and Chrome.2nd test:
i add a NAT rule to forward Port 4343 to the IIS Server on Port 443. All working fine, i test it with an attachment with 8mb in size.IIS/Exchange is configured for Basic Auth.
if i get this working, i will write a little Howto. all other thinks, like Autodiscover, Outlook Anywhere, etc. are working perfectly…
Best regards
Dave -
2nd test:
i add a NAT rule to forward Port 4343 to the IIS Server on Port 443. All working fine, i test it with an attachment with 8mb in size.This is a known issue caused by IIS… i think default is 2KB upload. can't give u more atm, but google can help you in seconds with somethin like "iis owa attachement size"
-
This is a known issue caused by IIS… i think default is 2KB upload. can't give u more atm, but google can help you in seconds with somethin like "iis owa attachement size"
i dont think so, because the test file has 8MB in size. i uploaded it with chrome on https://internalhostname/owa/ without any problems.
But anyway, i'll try your suggestion.
Edit: OWA's default size Limit is 30MB
-
i dont think so, because the test file has 8MB in size. i uploaded it with chrome on https://internalhostname/owa/ without any problems.
But anyway, i'll try your suggestion.
Edit: OWA's default size Limit is 30MB
Try Google like I said… This is an IIS property which is not controlled by any other Management console or powershell.
-
I need to bring this up again.
Is this package still broken and needing to assemble and download pieces from elsewhere not in the package itself?
When I go to Package Manager Console in my PFSENSE 2.1 RC1 I see Squid 3 BETA and the MORE INFO links direct to this post.
When will we be able to do a normal install of Squid 3 BETA from PFSENSE as with other packages?
-
Try Google like I said… This is an IIS property which is not controlled by any other Management console or powershell.
Hi Hobby-Student.
i tried this this already. Also a coworker has checked the IIS configuration. Nothing found. The problem only occur if the connection is forwared through the proxy. a direct-connection to the iis enabeld site works.
Best regards
Dave -
Hi Hobby-Student.
i tried this this already. Also a coworker has checked the IIS configuration. Nothing found. The problem only occur if the connection is forwared through the proxy. a direct-connection to the iis enabeld site works.
Best regards
DaveI do have a similar Setups. Exchange-Server (2007, 2010) behind pfsense with squid as reverse proxy. For me the only thing breaking attachments was the IIS default configuration.
Am I reading right, that attachments work through squid, except larger files? (you mentioned 8MB)
It's working from the outside,if squid is not active? (direct connection from the outside to the Exchange) -
Hi hobby-student,
thats right, if i create a nat rule for webmail.contoso.com, port 443 and forward it to the target address 192.168.0.10, owa works with large attachement
if i enable the reverse proxy (all enabled) i can only attach 1-2kb filesim using iis7 and iis8 in different setups.
-
Hi hobby-student,
thats right, if i create a nat rule for webmail.contoso.com, port 443 and forward it to the target address 192.168.0.10, owa works with large attachement
if i enable the reverse proxy (all enabled) i can only attach 1-2kb filesim using iis7 and iis8 in different setups.
that sounds weird… did you use something like
With the following command you can change the value (in this case 10MB): C:\Windows\System32\inetsrv\appcmd.exe set config -section:system.webServer/serverRuntime /uploadReadAheadSize:"10485760" /commit:apphost C:\Windows\System32\inetsrv\appcmd.exe set config "Default Web Site" -section:system.webServer/serverRuntime /uploadReadAheadSize:"10485760" /commit:apphost
-
No, hobby-student, but i did some future investigations and my conclusion is: maybe a bug in IIS 8
i did the following tests
pfsense reverse proxy, behind an iis7 (server 2008r2) with exchange 2010 sp3 UR2: It works
pfsense reverse proxy, behind an iis8 (server 2012) with exchange 2010 sp3 UR2: It doesn't work with safari/firefox/chrome. No problems wih IE…. grrrso i think its not the pfsense....
-
No, hobby-student, but i did some future investigations and my conclusion is: maybe a bug in IIS 8
i did the following tests
pfsense reverse proxy, behind an iis7 (server 2008r2) with exchange 2010 sp3 UR2: It works
pfsense reverse proxy, behind an iis8 (server 2012) with exchange 2010 sp3 UR2: It doesn't work with safari/firefox/chrome. No problems wih IE…. grrrso i think its not the pfsense....
that's what i meant. it's an IIS thing… with non-IE Browsers it's invoking other stuff, so an IIS setting could be the problem.
-
-
I've added a new page to configure additional ports and added a configuration for client certificates.
I'm doing it on web servers page but I'll take a look on your code and see how can I merge it with my current uncommitted code.
Thanks for your code contribution. :)
Could you already take a look at my code changes? (https://github.com/TheNetStriker/pfsense-packages/commit/7d926f3d44cee817475c20bde44fe6471bab4ba7)
-
Squid3-dev has it's own forum topic.
I have looked for it… and I can't find it.
Could you please post a link to it here?
-
Hi, there is a mistake in the URL used for dynamic caching under Windows Update, this is the wrong line:
refresh_pattern -i my.windowsupdate.website.com/.*.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
it should be
refresh_pattern -i windows.com/.*.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
-
Installed 3.3.10
Huge issue
OWA not working anymore
and mixed website
I reset the entire settings the more webserver and mappings I'm adding the messier it gets
-