Squid3 - New GUI with sync, normal and reverse proxy
-
Hello.
I have 2.2-RELEASE (i386) with Squid 2.7.9 pkg v.4.3.6 (and Lightsquid who stopped working after last upgrade).
I need IPv6 support, so i think Squid3 is my only option.
Shall i uninstall Squid 2.7.9 first?
Is Lightsquid compatible with Squid3 (when they fix new problems)?
Thanks
-
Hello.
I have 2.2-RELEASE (i386) with Squid 2.7.9 pkg v.4.3.6 (and Lightsquid who stopped working after last upgrade).
I need IPv6 support, so i think Squid3 is my only option.
Shall i uninstall Squid 2.7.9 first?
Is Lightsquid compatible with Squid3 (when they fix new problems)?
Thanks
uninstall 2.7.9 then install squid3… squid 3 does support IPv6, but it doesn't listen on an IPv6 address tho. So clients would need to connect to ipv4:3128. You can however in advance options add an IPv6 interface e.g http_port [xxxx.xxxx.xxxx.xxxx.xxx.xxx]:3182
lightsquid still has issues with its pbi but search for my workaround to get it working. It is compatible with squid3
-
uninstall 2.7.9 then install squid3… squid 3 does support IPv6, but it doesn't listen on an IPv6 address tho. So clients would need to connect to ipv4:3128. You can however in advance options add an IPv6 interface e.g http_port [xxxx.xxxx.xxxx.xxxx.xxx.xxx]:3182
lightsquid still has issues with its pbi but search for my workaround to get it working. It is compatible with squid3
Thanks a lot.
I can live with v4 clients, and i will try the custom addition.
I want IPv6 Internet behavior for Squid because my 6to4 Tunnel ends in a (very) faster local Gate (International circuits much larger/faster than my ISP's one).
-
Hello pfSense Gurus!
I have been using pfSense for about 2 years now and I love it. One of my favorite features has come to be Squid2 and Squid3. Right now I am using Squid3 to run both proxy and reverse proxy.
Using this forum thread and other threads on this forum I have my reverse proxy running. There are two questions if have to make it work perfectly:
1. How can I force Squid3 (the reverse proxy part in pfSense) to suppress the addition headers identifying the host as Squid? (picture of my headers attached.[Contained in the red box])
2. How can I get Squid (reverse proxy) to forcefully cache static (text/HTML) content?
Squid3 will query my web server on the local network every time I connect. I have two remote machines that I use for testing. When I look in my Squid logs both machines show their remote IP address separately and each time it says "TCP_MISS/200". (Picture attached)
I have a openVPN connection between two networks. One network is the public IP(site B) I use to run my website and the other network is my private network(site A). It works right now and the DNS has no problems resolving.
When i check the headers (in my example[contained in blue box]) it says that is has not changed for two days and has an eTag. That header is from Apache server itself(I have checked headers on localhost using [curl -I]).
If I understand how the reverse proxy is supposed to be working. Since it is being presented with a not changed since date it should be caching it at (site B), but instead it queries (site A) for each call.
tl;dr - Need help suppressing Squid's headers in reverse proxy mode and forcing the reverse proxy to cache static content.
 -
Hi marcelloc/pfsense squid folks.
I've been using squid3/squidguard setup in a redundant CARP pair setup for quite some time and was just cooking up a new pair for a new site and ran into a problem that I guess I've pretty much always had.
Sync to configured system backup server - never sync's to the backup. The configured system backup server is working as expected sharing my DHCP/DNS/Firewall rules but I have always had to turn on..
Sync to host(s) defined below - set the same server as I use in the system config and then everything does get copied over to the backup.
Since it was easy to fix/workaround it never really bothered me much but I'm just setting up a brand fresh install of 2.2.1 and it seems to still happen. Am I the only one?
Thanks!
-
Hi,
How do I add this list http://winhelp2002.mvps.org/hosts.txt to squid3? or do I need squidGuard ?
KR
Daniel -
Hi,
How do I add this list http://winhelp2002.mvps.org/hosts.txt to squid3? or do I need squidGuard ?
KR
Danieli think you need squid guard
-
Hi,
How do I add this list http://winhelp2002.mvps.org/hosts.txt to squid3? or do I need squidGuard ?
KR
Danieli think you need squid guard
Okay, have idea how? or if there are any good guide…
-
Hi,
How do I add this list http://winhelp2002.mvps.org/hosts.txt to squid3? or do I need squidGuard ?
KR
Danieli think you need squid guard
Okay, have idea how? or if there are any good guide…
I'd be VERY interested in the same feature.
-
Hi,
How do I add this list http://winhelp2002.mvps.org/hosts.txt to squid3? or do I need squidGuard ?
KR
Danieli think you need squid guard
Okay, have idea how? or if there are any good guide…
I'd be VERY interested in the same feature.
I create this list myself. It's just one (domains) big list, which I pack together with f.i. shalla or mesd.
My main OS is Arch Linux, I use a program called hosts-update see https://aur.archlinux.org/packages/hosts-update/
From the hosts file, which is basically the MVPS list, I create the 'domains' file, which can be used by squidguard.If there is interest, I could place this list (mvps only) on github.
-
Does the version on the pfsense packages ie:
beta
0.2.8
platform: 2.2contain support for HTTP/1.1 ?
We are having a problem with keep-alives that need this support.
ThanksBTW the link https://github.com/pfsense/pfsense-packages/commits/master/config/34 that is on the version number leads to a 404.
-
BTW the link https://github.com/pfsense/pfsense-packages/commits/master/config/34 that is on the version number leads to a 404.
That should probably be this one then:
https://github.com/pfsense/pfsense-packages/tree/master/config/squid3/34 -
@hackersoft:
I am still experiencing the same problem.
I've got the time last week to reinstall pfsense amd-64 and the same problem exists.
So my solution right now is to reboot pfsense everyday using CRON @ 1 am. That way pfsense will be alive the next working day.
I'm suspecting one of the packages installed is messing it up at 12 midnight so I do a cron to reboot the machine @ 1am daily.
To heimdal, you can install the CRON package then add a cron task:
0 1 * * * root /sbin/reboot
I hope the fix will be released soon.
for some wierd reason im getting this too, a look at the logs doesnt show much so its been one of those evil bugs that dont leave any traces. i did mitigate it by simply seting up a cron job that runs squid at 12.15 am …
currently i have squid, squidguard, ntopng and freeradius setup and running its just this but that is "bugging" me
-
Hello.
I need IPv6 support, so i think Squid3 is my only option.squid 3 does support IPv6, but it doesn't listen on an IPv6 address tho. So clients would need to connect to ipv4:3128. You can however in advance options add an IPv6 interface e.g http_port [xxxx.xxxx.xxxx.xxxx.xxx.xxx]:3182
How can I use IPv6 with the Reverse Proxy? I currently listen on IPv4/80 and IPv4/443 and would like to additionally listen on IPv6.
-
Interesting error, while AV is enabled while navigating to most websites (not all websites) I get TAG_NONE/500 Status error. Any suggestions?
-
How do I add this list http://winhelp2002.mvps.org/hosts.txt to squid3? or do I need squidGuard ?
Wouldn't pfBlockerNG work better in this case?
-
whats new in 0.2.9?
-
whats new in 0.2.9?
Hm , its still the same version.
Here are the build options of 0.2.9
Squid Cache: Version 3.4.10 configure options: '--with-default-user=squid' '--bindir=/usr/local/sbin' '--sbindir=/usr/local/sbin' '--datadir=/usr/local/etc/squid' '--libexecdir=/usr/local/libexec/squid' '--localstatedir=/var' '--sysconfdir=/usr/local/etc/squid' '--with-logdir=/var/log/squid' '--with-pidfile=/var/run/squid/squid.pid' '--with-swapdir=/var/squid/cache' '--enable-auth' '--enable-build-info' '--enable-loadable-modules' '--enable-removal-policies=lru heap' '--disable-epoll' '--disable-linux-netfilter' '--disable-linux-tproxy' '--disable-translation' '--disable-arch-native' '--enable-eui' '--enable-cache-digests' '--enable-delay-pools' '--enable-ecap' '--disable-esi' '--enable-follow-x-forwarded-for' '--enable-htcp' '--enable-icap-client' '--enable-icmp' '--enable-ident-lookups' '--enable-ipv6' '--enable-kqueue' '--with-large-files' '--enable-http-violations' '--without-nettle' '--enable-snmp' '--enable-ssl' '--enable-ssl-crtd' '--disable-stacktraces' '--disable-ipf-transparent' '--disable-ipfw-transparent' '--enable-pf-transparent' '--with-nat-devpf' '--disable-forw-via-db' '--enable-wccp' '--enable-wccpv2' '--enable-auth-basic=DB MSNT MSNT-multi-domain NCSA PAM POP3 RADIUS fake getpwnam LDAP NIS' '--enable-auth-digest=file' '--enable-external-acl-helpers=file_userip time_quota unix_group LDAP_group' '--enable-auth-negotiate=kerberos wrapper' '--enable-auth-ntlm=fake smb_lm' '--enable-storeio=ufs aufs diskd' '--enable-disk-io=AIO Blocking IpcIo Mmapped DiskThreads DiskDaemon' '--enable-log-daemon-helpers=file' '--enable-url-rewrite-helpers=fake' '--enable-storeid-rewrite-helpers=file' '--with-openssl=/usr' '--prefix=/usr/local' '--mandir=/usr/local/man' '--infodir=/usr/local/info/' '--build=amd64-portbld-freebsd10.1' 'build_alias=amd64-portbld-freebsd10.1' 'CC=cc' 'CFLAGS=-O2 -pipe -I/usr/local/include -I/usr/local/include -I/usr/include -fstack-protector -DLDAP_DEPRECATED -fno-strict-aliasing' 'LDFLAGS= -L/usr/local/lib -L/usr/local/lib -pthread -Wl,-rpath,/usr/lib:/usr/local/lib -L/usr/lib -fstack-protector' 'LIBS=' 'CPPFLAGS=' 'CXX=c++' 'CXXFLAGS=-O2 -pipe -I/usr/local/include -I/usr/local/include -I/usr/include -fstack-protector -DLDAP_DEPRECATED -fno-strict-aliasing -Wno-unused-private-field' 'CPP=cpp' 'PKG_CONFIG=pkgconf' --enable-ltdl-convenience -
well I updated,all went well, just had to remove the cache after the install or else i get page loading issues.
-
Hi there.
I found a "bug" / "feature" when we have IPv6.
Seems that I have to add manually the IPv6 to listen on the squid (on the integration box)Is this normal ?