Squid3 - New GUI with sync, normal and reverse proxy

marcelloc · Apr 18, 2012, 1:00 PM

Donny,
Check if does not happen if you uncheck dynamic content options on squid cache tab.

Donny · Apr 18, 2012, 6:43 PM

Donny,
Check if does not happen if you uncheck dynamic content options on squid cache tab.

Now, If I check or uncheck dynamic content options. The error is disappear.

al_reidy · Apr 18, 2012, 1:56 PM

i can't seem to get this package to cache files at all… no errors and whatismyip.com detects the proxy is working just it always downloads files without looking at the cache store... anyone else got this problem?

marcelloc · Apr 18, 2012, 3:38 PM

@al_reidy:

i can't seem to get this package to cache files at all… no errors and whatismyip.com detects the proxy is working just it always downloads files without looking at the cache store... anyone else got this problem?

If you know how to handle squid.conf files, can you check if your squid.conf file is ok?

al_reidy · Apr 18, 2012, 3:50 PM

@marcelloc:

@al_reidy:

i can't seem to get this package to cache files at all… no errors and whatismyip.com detects the proxy is working just it always downloads files without looking at the cache store... anyone else got this problem?

If you know how to handle squid.conf files, can you check if your squid.conf file is ok?


# This file is automatically generated by pfSense
# Do not edit manually !
http_port 192.168.168.150:3128
http_port 127.0.0.1:3128 intercept
icp_port 0

pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
error_directory /usr/local/etc/squid/errors/en
icon_directory /usr/local/etc/squid/icons
visible_hostname hostname.org
cache_mgr user@domain.org
access_log /var/squid/logs/access.log
cache_log /var/squid/logs/cache.log
cache_store_log none
sslcrtd_children 0
logfile_rotate 1
shutdown_lifetime 3 seconds
# Allow local network(s) on interface(s)
acl localnet src  192.168.168.0/24
forwarded_for off
uri_whitespace strip

# Break HTTP standard for flash videos. Keep them in cache even if asked not to.
refresh_pattern -i \.flv$ 10080 90% 999999 ignore-no-cache override-expire ignore-private

# Let the clients favorite video site through with full caching
acl youtube dstdomain .youtube.com
cache allow youtube
cache_mem 1024 MB
maximum_object_size_in_memory 5000 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
cache_dir diskd /var/squid/cache 429000 16 256
minimum_object_size 0 KB
maximum_object_size 5242880 KB
offline_mode offcache_swap_low 90
cache_swap_high 95
# Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp:		1440	20%	10080
refresh_pattern ^gopher:	1440	0%	1440
refresh_pattern -i (/cgi-bin/|\?) 0	0%	0
refresh_pattern .		0	20%	4320
# No redirector configured

# Setup some default acls
acl allsrc src all
acl localhost src 127.0.0.1/32
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128 1025-65535 
acl sslports port 443 563  
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT

http_access allow manager localhost

http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports

# Always allow localhost connections
http_access allow localhost

quick_abort_min 0 KB
quick_abort_max 0 KB
request_body_max_size 0 KB
delay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_initial_bucket_level 100
# Throttle extensions matched in the url
acl throttle_exts urlpath_regex -i "/var/squid/acl/throttle_exts.acl"
delay_access 1 allow throttle_exts
delay_access 1 deny allsrc

# Reverse Proxy settings

deny_info TCP_RESET allsrc

# Package Integration

# Custom options

# Setup allowed acls
# Allow local network(s) on interface(s)
http_access allow localnet
# Default block all to be sure
http_access deny allsrc

marcelloc · Apr 18, 2012, 3:57 PM

The cache info is there…

Can you grep for TCP_CACHE your squid access_log file?

al_reidy · Apr 18, 2012, 4:07 PM

@marcelloc:

The cache info is there…

Can you grep for TCP_CACHE your squid access_log file?

returns nothing back :'(

it does have TCP_MISS…. / DIRECT every line...

Pahtzo · Apr 19, 2012, 9:06 PM

Squid 3.1.19 pkg 2.0.3
2.0.1-RELEASE (amd64)
built on Mon Dec 12 18:43:51 EST 2011
FreeBSD 8.1-RELEASE-p6

Entering PEM intermediate CA certificate in the Reverse Proxy General screen: "intermediate CA certificate (if needed)" field.

Receiving the following error:

Fatal error: Call to undefined function sq_text_area_decodedecode() in /usr/local/pkg/squid_reverse.inc on line 61

Thank you

marcelloc · Apr 19, 2012, 9:20 PM

@Pahtzo:

Fatal error: Call to undefined function sq_text_area_decodedecode() in /usr/local/pkg/squid_reverse.inc on line 61

typo, I'll fix it. :)

marcelloc · Apr 20, 2012, 5:29 AM

Version 2.0.4 is out with

bug and typo fixes
Upstream tab is now remote cache to enable multiple peer/sibling cache config
New compilation to avoid refresh_pattern and transparent mode errors

Thanks for all feedback specially to ccesario.

I recommend a package uninstall/install instead of reinstall to be sure old squid3 binaries are removed.

att,
Marcello Coutinho

al_reidy · Apr 20, 2012, 7:54 AM

@marcelloc:

Version 2.0.4 is out with

bug and typo fixes

Upstream tab is now remote cache to enable multiple peer/sibling cache config

New compilation to avoid refresh_pattern and transparent mode errors

Thanks for all feedback specially to ccesario.

I recommend a package uninstall/install instead of reinstall to be sure old squid3 binaries are removed.

att,
Marcello Coutinho

i appreciate all your time on this, it is however broken still. i have done a fresh install also…

2012/04/20 07:51:25| WARNING: dnsserver #1 (FD 11) exited
2012/04/20 07:51:25| ipcacheParse: Got <null>reply
2012/04/20 07:51:25| WARNING: dnsserver #2 (FD 13) exited
2012/04/20 07:51:25| ipcacheParse: Got <null>reply
2012/04/20 07:51:25| WARNING: dnsserver #3 (FD 15) exited
2012/04/20 07:51:25| ipcacheParse: Got <null>reply
2012/04/20 07:51:25| WARNING: dnsserver #4 (FD 17) exited
2012/04/20 07:51:25| Too few dnsserver processes are running
2012/04/20 07:51:25| storeDirWriteCleanLogs: Starting...
2012/04/20 07:51:25|   Finished.  Wrote 222 entries.
2012/04/20 07:51:25|   Took 0.01 seconds (29264.43 entries/sec).
FATAL: The dnsserver helpers are crashing too rapidly, need help!

Squid Cache (Version 3.1.19): Terminated abnormally.
CPU Usage: 0.242 seconds = 0.195 user + 0.047 sys
Maximum Resident Size: 22836 KB
Page faults with physical i/o: 0</null></null></null>

transparent mode : which leaves nothing able to get DNS :'(

marcelloc · Apr 20, 2012, 12:44 PM

al_reidy,

I'll recompile it and test.

thanks for your feedback.

marcelloc · Apr 20, 2012, 2:11 PM

@al_reidy:

transparent mode : which leaves nothing able to get DNS :'(

please uninstall and reinstall the package and see if dns problems are gone.

Pahtzo · Apr 20, 2012, 2:29 PM

Squid 3.1.19 pkg 2.0.4
2.0.1-RELEASE (amd64)
built on Mon Dec 12 18:43:51 EST 2011
FreeBSD 8.1-RELEASE-p6

No other packages installed. After installing 3.1.19 the service does not start. The error is:

php: /pkg_mgr_install.php: The command '/usr/local/sbin/squid -k reconfigure' returned exit code '1', the output was '2012/04/20 10:11:10| ERROR: Error Directory /usr/local/etc/squid/errors/English: (2) No such file or directory FATAL: Error Directory /usr/local/etc/squid/errors/English: (2) No such file or directory Squid Cache (Version 3.1.19): Terminated abnormally. CPU Usage: 0.006 seconds = 0.006 user + 0.000 sys Maximum Resident Size: 4488 KB Page faults with physical i/o: 0'

Thank you

marcelloc · Apr 20, 2012, 2:50 PM

change report language on squid gui, then save config.

al_reidy · Apr 20, 2012, 4:37 PM

@marcelloc:

@al_reidy:

transparent mode : which leaves nothing able to get DNS :'(

please uninstall and reinstall the package and see if dns problems are gone.

Cheers for the recompile the dns issues are fixed now. its very odd and like I'm doing something wrong…
transparent proxy is working according to whatismyip.com, however its still not caching anything. i have scanned the access.log and there is nothing with TCP_CACHE , the cache.log says this :


2012/04/20 16:27:24| Processing Configuration File: /usr/local/etc/squid/squid.conf (depth 0)
2012/04/20 16:27:24| Starting Authentication on port 127.0.0.1:3128
2012/04/20 16:27:24| Disabling Authentication on port 127.0.0.1:3128 (interception enabled)
2012/04/20 16:27:24| Disabling IPv6 on port 127.0.0.1:3128 (interception enabled)
2012/04/20 16:27:24| WARNING: refresh_pattern maximum age too high. Cropped back to 1 year.
2012/04/20 16:27:24| WARNING: use of 'override-expire' in 'refresh_pattern' violates HTTP
2012/04/20 16:27:24| WARNING: use of 'reload-into-ims' in 'refresh_pattern' violates HTTP
2012/04/20 16:27:24| WARNING: use of 'ignore-no-cache' in 'refresh_pattern' violates HTTP
2012/04/20 16:27:24| WARNING: use of 'ignore-private' in 'refresh_pattern' violates HTTP
2012/04/20 16:27:24| Initializing https proxy context
2012/04/20 16:27:24| Store logging disabled
2012/04/20 16:27:24| User-Agent logging is disabled.
2012/04/20 16:27:24| Referer logging is disabled.
2012/04/20 16:27:24| DNS Socket created at [::], FD 13
2012/04/20 16:27:24| DNS Socket created at 0.0.0.0, FD 14
2012/04/20 16:27:24| Adding domain ********** from /etc/resolv.conf
2012/04/20 16:27:24| Adding nameserver 192.168.168.1 from /etc/resolv.conf
2012/04/20 16:27:24| Adding nameserver 208.67.222.222 from /etc/resolv.conf
2012/04/20 16:27:24| Adding nameserver 208.67.220.220 from /etc/resolv.conf
2012/04/20 16:27:24| helperOpenServers: Starting 0/0 'ssl_crtd' processes
2012/04/20 16:27:24| helperOpenServers: No 'ssl_crtd' processes needed.
2012/04/20 16:27:24| Accepting  HTTP connections at 192.168.168.150:3128, FD 16.
2012/04/20 16:27:24| Accepting  intercepted HTTP connections at 127.0.0.1:3128, FD 17.
2012/04/20 16:27:24| Accepting ICP messages at [::]:7, FD 21.
2012/04/20 16:27:24| HTCP Disabled.
2012/04/20 16:27:24| Loaded Icons.
2012/04/20 16:27:24| Ready to serve requests.

my squid.conf is :


# This file is automatically generated by pfSense
# Do not edit manually !
http_port 192.168.168.150:3128
http_port 127.0.0.1:3128 intercept
icp_port 7

pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
error_directory /usr/local/etc/squid/errors/en
icon_directory /usr/local/etc/squid/icons
visible_hostname bernard.domain.org
cache_mgr bob@example.com
access_log /var/squid/logs/access.log
cache_log /var/squid/logs/cache.log
cache_store_log none
sslcrtd_children 0
logfile_rotate 1
shutdown_lifetime 3 seconds
# Allow local network(s) on interface(s)
acl localnet src  192.168.168.0/24
forwarded_for off
uri_whitespace strip

# Break HTTP standard for flash videos. Keep them in cache even if asked not to.
refresh_pattern -i \.flv$ 10080 90% 999999 ignore-no-cache override-expire ignore-private

# Let the clients favorite video site through with full caching
acl youtube dstdomain .youtube.com
cache allow youtube

# Windows Update refresh_pattern
range_offset_limit -1
refresh_pattern -i microsoft.com/.*\.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
refresh_pattern -i windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
refresh_pattern -i my.windowsupdate.website.com/.*\.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims

# Symantec refresh_pattern
range_offset_limit -1
refresh_pattern liveupdate.symantecliveupdate.com/.*\.(cab|exe|dll|msi) 10080 100% 43200 reload-into-ims
refresh_pattern symantecliveupdate.com/.*\.(cab|exe|dll|msi) 10080 100% 43200 reload-into-ims

# Avast refresh_pattern
range_offset_limit -1
refresh_pattern avast.com/.*\.(vpu|cab|stamp|exe) 10080 100% 43200 reload-into-ims

# Avira refresh_pattern
range_offset_limit -1
refresh_pattern personal.avira-update.com/.*\.(cab|exe|dll|msi|gz) 10080 100% 43200 reload-into-ims
cache_mem 1024 MB
maximum_object_size_in_memory 5000 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
cache_dir aufs /var/squid/cache 429000 16 256
minimum_object_size 0 KB
maximum_object_size 5242880 KB
offline_mode offcache_swap_low 90
cache_swap_high 95

# Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp:    1440  20%  10080
refresh_pattern ^gopher:  1440  0%  1440
refresh_pattern -i (/cgi-bin/|\?) 0  0%  0
refresh_pattern .    0  20%  4320
# No redirector configured

#Remote proxies

# Setup some default acls
acl allsrc src all
acl localhost src 127.0.0.1/32
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128 1025-65535 
acl sslports port 443 563  
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT

http_access allow manager localhost

http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports

# Always allow localhost connections
http_access allow localhost

quick_abort_min -1 KB
quick_abort_max 0 KB
request_body_max_size 0 KB
delay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_initial_bucket_level 100
delay_access 1 allow allsrc

# Reverse Proxy settings

deny_info TCP_RESET allsrc

# Package Integration

# Custom options

# Setup allowed acls
# Allow local network(s) on interface(s)
http_access allow localnet
# Default block all to be sure
http_access deny allsrc

can anyone suggest something else to try? i have reinstalled again and restored from backup with the same results.

marcelloc · Apr 20, 2012, 4:49 PM

al_reidy,

I reverted the binaries, I'll rebuild my compile machine as squid3 is getting segmentation fault on dns module.

att,
Marcello Coutinho

Nachtfalke · Apr 20, 2012, 5:16 PM

@al_reidy

Edit this parameters on GUI (Traffic Mngt) - scroll down the page:


quick_abort_min 102400 KB
quick_abort_max 102400 KB
quick_abort_pct 60

Further try to search for "HIT" or "REFRESH" on access.log

al_reidy · Apr 20, 2012, 5:39 PM

@Nachtfalke:

@al_reidy

Edit this parameters on GUI (Traffic Mngt) - scroll down the page:
quick_abort_min 102400 KB
quick_abort_max 102400 KB
quick_abort_pct 60
Further try to search for "HIT" or "REFRESH" on access.log

thanks for the suggestions, still no joy.

this is a sample of the access log.:


1334943652.116    165 192.168.168.72 TCP_MISS/304 365 GET http://forum.pfsense.org/Themes/slickprographite/images/star.gif - DIRECT/69.64.6.7 -
1334943652.160    197 192.168.168.72 TCP_MISS/304 364 GET http://forum.pfsense.org/Themes/slickprographite/images/useron.gif - DIRECT/69.64.6.7 -
1334943652.185     95 192.168.168.72 TCP_MISS/200 527 GET http://googleads.g.doubleclick.net/pagead/adview? - DIRECT/173.194.41.122 text/html
1334943652.200    212 192.168.168.72 TCP_MISS/304 365 GET http://forum.pfsense.org/Themes/slickprographite/images/icons/profile_sm.gif - DIRECT/69.64.6.7 -
1334943652.209    112 192.168.168.72 TCP_MISS/304 302 GET http://pagead2.googlesyndication.com/pagead/js/r20120411/r20110914/abg.js - DIRECT/173.194.41.109 -
1334943652.244    176 192.168.168.72 TCP_MISS/304 365 GET http://forum.pfsense.org/Themes/slickprographite/images/email_sm.gif - DIRECT/69.64.6.7 -
1334943652.265    194 192.168.168.72 TCP_MISS/304 365 GET http://forum.pfsense.org/Themes/slickprographite/images/im_on.gif - DIRECT/69.64.6.7 -
1334943652.302     93 192.168.168.72 TCP_MISS/304 302 GET http://pagead2.googlesyndication.com/pagead/images/ad_choices_i.png - DIRECT/173.194.41.109 -
1334943652.319    106 192.168.168.72 TCP_MISS/304 302 GET http://pagead2.googlesyndication.com/pagead/images/ad_choices_en.png - DIRECT/173.194.41.109 -
1334943652.339    226 192.168.168.72 TCP_MISS/304 364 GET http://forum.pfsense.org/Themes/slickprographite/images/post/xx.gif - DIRECT/69.64.6.7 -
1334943652.464    203 192.168.168.72 TCP_MISS/200 1270 GET http://googleads.g.doubleclick.net/pagead/ads? - DIRECT/173.194.41.122 text/html
1334943652.480    215 192.168.168.72 TCP_MISS/304 365 GET http://forum.pfsense.org/Themes/slickprographite/images/buttons/quote.gif - DIRECT/69.64.6.7 -
1334943652.501    231 192.168.168.72 TCP_MISS/304 365 GET http://forum.pfsense.org/Themes/slickprographite/images/buttons/modify.gif - DIRECT/69.64.6.7 -
1334943652.512    317 192.168.168.72 TCP_MISS/200 1871 GET http://ad2.adfarm1.adition.com/js? - DIRECT/217.79.188.21 application/x-javascript
1334943652.519    224 192.168.168.72 TCP_MISS/304 365 GET http://forum.pfsense.org/Themes/slickprographite/images/buttons/delete.gif - DIRECT/69.64.6.7 -
1334943652.558    218 192.168.168.72 TCP_MISS/304 365 GET http://forum.pfsense.org/Smileys/default/cry.gif - DIRECT/69.64.6.7 -
1334943652.588    218 192.168.168.72 TCP_MISS/304 365 GET http://forum.pfsense.org/Themes/slickprographite/images/icons/modify_inline.gif - DIRECT/69.64.6.7 -
1334943652.605    218 192.168.168.72 TCP_MISS/304 384 GET http://imagesrv.adition.com/js/adition.js - DIRECT/217.79.188.11 application/javascript
1334943652.621    174 192.168.168.72 TCP_MISS/304 364 GET http://forum.pfsense.org/Themes/slickprographite/images/ip.gif - DIRECT/69.64.6.7 -
1334943652.626     80 192.168.168.72 TCP_MISS/200 527 GET http://googleads.g.doubleclick.net/pagead/adview? - DIRECT/173.194.41.122 text/html
1334943652.745    192 192.168.168.72 TCP_MISS/304 365 GET http://forum.pfsense.org/Smileys/default/grin.gif - DIRECT/69.64.6.7 -
1334943652.770    209 192.168.168.72 TCP_MISS/304 364 GET http://forum.pfsense.org/Themes/slickprographite/images/useroff.gif - DIRECT/69.64.6.7 -
1334943652.806    187 192.168.168.72 TCP_MISS/200 1882 GET http://ad2.adfarm1.adition.com/js? - DIRECT/217.79.188.21 application/x-javascript
1334943652.820    207 192.168.168.72 TCP_MISS/304 365 GET http://forum.pfsense.org/Themes/slickprographite/images/im_off.gif - DIRECT/69.64.6.7 -
1334943652.849    189 192.168.168.72 TCP_MISS/304 365 GET http://forum.pfsense.org/Themes/slickprographite/images/mirrortab_first.gif - DIRECT/69.64.6.7 -
1334943652.866    181 192.168.168.72 TCP_MISS/304 364 GET http://forum.pfsense.org/Themes/slickprographite/images/mirrortab_back.gif - DIRECT/69.64.6.7 -
1334943652.917    191 192.168.168.72 TCP_MISS/304 365 GET http://forum.pfsense.org/Themes/slickprographite/images/mirrortab_last.gif - DIRECT/69.64.6.7 -
1334943653.009    181 192.168.168.72 TCP_MISS/304 366 GET http://forum.pfsense.org/Themes/slickprographite/images/catbg.jpg - DIRECT/69.64.6.7 -
1334943653.014    180 192.168.168.72 TCP_MISS/304 365 GET http://forum.pfsense.org/Themes/slickprographite/images/quote_img.gif - DIRECT/69.64.6.7 -
1334943653.027    222 192.168.168.72 TCP_MISS/200 6781 GET http://ad2.adfarm1.adition.com/banner? - DIRECT/217.79.188.21 text/javascript
1334943653.070    188 192.168.168.72 TCP_MISS/304 365 GET http://forum.pfsense.org/Themes/slickprographite/images/code_img.gif - DIRECT/69.64.6.7 -
1334943653.096    170 192.168.168.72 TCP_MISS/304 365 GET http://forum.pfsense.org/Themes/slickprographite/images/maintab_first.gif - DIRECT/69.64.6.7 -
1334943653.115    185 192.168.168.72 TCP_MISS/304 364 GET http://forum.pfsense.org/Themes/slickprographite/images/maintab_back.gif - DIRECT/69.64.6.7 -
1334943653.178    196 192.168.168.72 TCP_MISS/304 365 GET http://forum.pfsense.org/Themes/slickprographite/images/maintab_last.gif - DIRECT/69.64.6.7 -
1334943653.300    199 192.168.168.72 TCP_MISS/304 366 GET http://forum.pfsense.org/Themes/slickprographite/images/titlebg.jpg - DIRECT/69.64.6.7 -
1334943653.309    213 192.168.168.72 TCP_MISS/200 6785 GET http://ad2.adfarm1.adition.com/banner? - DIRECT/217.79.188.21 text/javascript

Nachtfalke · Apr 20, 2012, 6:12 PM

Hi,

for me it is working. This is my access.log
First downloading a cached pfsense.iso file (100MB)
then went to forum.ofsense.org
Then did a brwser refresh

1334945508.305  10479 192.168.0.112 TCP_HIT/200 102638928 GET http://pfsense.mirror.range-id.it/downloads/pfSense-2.0.1-RELEASE-i386.iso.gz - NONE/- application/x-gzip

1334945530.527    755 192.168.0.112 TCP_MISS/200 11348 GET http://forum.pfsense.org/index.php - DIRECT/69.64.6.7 text/html
1334945530.622    306 192.168.0.112 TCP_MISS/304 323 GET http://forum.pfsense.org/Themes/default/script.js? - DIRECT/69.64.6.7 -
1334945530.635    315 192.168.0.112 TCP_MISS/304 323 GET http://forum.pfsense.org/Themes/slickprographite/style.css? - DIRECT/69.64.6.7 -
1334945530.658    336 192.168.0.112 TCP_MISS/304 321 GET http://forum.pfsense.org/Themes/default/print.css? - DIRECT/69.64.6.7 -
1334945530.675    141 192.168.0.112 TCP_REFRESH_UNMODIFIED/304 256 GET http://pagead2.googlesyndication.com/pagead/show_ads.js - DIRECT/209.85.148.156 -
1334945531.054    167 192.168.0.112 TCP_MISS/200 499 GET http://www.google-analytics.com/__utm.gif? - DIRECT/173.194.67.139 image/gif
1334945531.323     52 192.168.0.112 TCP_REFRESH_UNMODIFIED/304 257 GET http://pagead2.googlesyndication.com/pagead/expansion_embed.js - DIRECT/209.85.148.156 -
1334945531.685     49 192.168.0.112 TCP_REFRESH_UNMODIFIED/304 256 GET http://pagead2.googlesyndication.com/pagead/osd.js - DIRECT/209.85.148.156 -
1334945531.938    324 192.168.0.112 TCP_MISS/200 2016 GET http://googleads.g.doubleclick.net/pagead/ads? - DIRECT/209.85.148.157 text/html
1334945532.028    289 192.168.0.112 TCP_MISS/200 2015 GET http://googleads.g.doubleclick.net/pagead/ads? - DIRECT/209.85.148.157 text/html
1334945532.060    110 192.168.0.112 TCP_MISS/200 484 GET http://googleads.g.doubleclick.net/pagead/adview? - DIRECT/209.85.148.157 text/html
1334945532.151    106 192.168.0.112 TCP_MISS/200 484 GET http://googleads.g.doubleclick.net/pagead/adview? - DIRECT/209.85.148.157 text/html
1334945532.820    678 192.168.0.112 TCP_MISS/200 4692 GET http://ad.turn.com/server/ads.js? - DIRECT/69.194.244.11 text/javascript
1334945532.933    706 192.168.0.112 TCP_MISS/200 4693 GET http://ad.turn.com/server/ads.js? - DIRECT/69.194.244.11 text/javascript
1334945533.293    173 192.168.0.112 TCP_MISS/200 2909 GET http://ads.heias.com/x/heias.TAG.v2.0/? - DIRECT/83.169.59.64 application/x-javascript
1334945533.317    185 192.168.0.112 TCP_MISS/200 2909 GET http://ads.heias.com/x/heias.TAG.v2.0/? - DIRECT/83.169.59.64 application/x-javascript
1334945533.826    303 192.168.0.112 TCP_MISS/200 4707 GET http://ads.heias.com/x/heias.TAG.v2.0/tag.php? - DIRECT/83.169.59.64 application/x-javascript
1334945533.832    417 192.168.0.112 TCP_MISS/200 4712 GET http://ads.heias.com/x/heias.TAG.v2.0/tag.php? - DIRECT/83.169.59.64 application/x-javascript
1334945534.118    193 192.168.0.112 TCP_MISS/200 1319 GET http://bs.serving-sys.com/BurstingPipe/adServer.bs? - DIRECT/80.252.91.41 image/gif
1334945535.162    191 192.168.0.112 TCP_MISS/302 752 GET http://ads.heias.com/x/heias_image.php? - DIRECT/83.169.59.64 application/x-shockwave-flash
1334945535.188    218 192.168.0.112 TCP_MISS/200 3641 GET http://cdn.turn.com/server/ddc.htm? - DIRECT/80.239.230.163 text/html
1334945535.192    223 192.168.0.112 TCP_MISS/200 1319 GET http://bs.serving-sys.com/BurstingPipe/adServer.bs? - DIRECT/80.252.91.41 image/gif
1334945535.195    225 192.168.0.112 TCP_MISS/302 752 GET http://ads.heias.com/x/heias_image.php? - DIRECT/83.169.59.64 application/x-shockwave-flash
1334945535.207    189 192.168.0.112 TCP_MISS/200 3641 GET http://cdn.turn.com/server/ddc.htm? - DIRECT/80.239.230.163 text/html
1334945535.313    147 192.168.0.112 TCP_MISS/304 206 GET http://ads.heias.com/images/tmp/11409/20282/heias_7_20282_160586.swf? - DIRECT/83.169.59.64 -
1334945535.775     89 192.168.0.112 TCP_MISS/304 206 GET http://ads.heias.com/x/heias.xml.template/ret_xml_1.0.12.swf - DIRECT/83.169.59.64 -
1334945535.946    102 192.168.0.112 TCP_MISS/200 812 GET http://ads.heias.com/x/heias.xml.template/? - DIRECT/83.169.59.64 text/xml
1334945535.959    107 192.168.0.112 TCP_MISS/200 812 GET http://ads.heias.com/x/heias.xml.template/? - DIRECT/83.169.59.64 text/xml
1334945541.188     60 192.168.0.112 TCP_CLIENT_REFRESH_MISS/200 5299 GET http://pagead2.googlesyndication.com/pagead/show_ads.js - DIRECT/209.85.148.156 text/javascript
1334945541.201     73 192.168.0.112 TCP_CLIENT_REFRESH_MISS/200 7347 GET http://www.google-analytics.com/urchin.js - DIRECT/173.194.67.139 text/javascript
1334945541.301    667 192.168.0.112 TCP_MISS/200 11348 GET http://forum.pfsense.org/index.php - DIRECT/69.64.6.7 text/html
1334945541.407    304 192.168.0.112 TCP_MISS/200 483 GET http://forum.pfsense.org/Themes/default/print.css? - DIRECT/69.64.6.7 text/css
1334945541.463    331 192.168.0.112 TCP_MISS/200 4149 GET http://forum.pfsense.org/Themes/default/fader.js - DIRECT/69.64.6.7 application/javascript
1334945541.679    608 192.168.0.112 TCP_MISS/200 13948 GET http://forum.pfsense.org/Themes/default/script.js? - DIRECT/69.64.6.7 application/javascript
1334945541.690    618 192.168.0.112 TCP_MISS/200 13280 GET http://forum.pfsense.org/Themes/slickprographite/style.css? - DIRECT/69.64.6.7 text/css
1334945542.031    169 192.168.0.112 TCP_CLIENT_REFRESH_MISS/200 1595 GET http://forum.pfsense.org/Themes/slickprographite/images/bg_body.gif - DIRECT/69.64.6.7 image/gif
1334945542.098    165 192.168.0.112 TCP_CLIENT_REFRESH_MISS/200 751 GET http://forum.pfsense.org/Themes/slickprographite/images/transparency.gif - DIRECT/69.64.6.7 image/gif
1334945542.134    182 192.168.0.112 TCP_CLIENT_REFRESH_MISS/200 1029 GET http://forum.pfsense.org/Themes/slickprographite/images/icons/folder_open.gif - DIRECT/69.64.6.7 image/gif
1334945542.142    169 192.168.0.112 TCP_CLIENT_REFRESH_MISS/200 1124 GET http://forum.pfsense.org/Themes/slickprographite/images/rss.gif - DIRECT/69.64.6.7 image/gif
1334945542.175     69 192.168.0.112 TCP_CLIENT_REFRESH_MISS/200 5299 GET http://pagead2.googlesyndication.com/pagead/show_ads.js - DIRECT/209.85.148.156 text/javascript
1334945542.176     70 192.168.0.112 TCP_MISS/200 499 GET http://www.google-analytics.com/__utm.gif? - DIRECT/173.194.67.139 image/gif
1334945542.219    165 192.168.0.112 TCP_CLIENT_REFRESH_MISS/200 763 GET http://forum.pfsense.org/Themes/slickprographite/images/filter.gif - DIRECT/69.64.6.7 image/gif
1334945542.309    200 192.168.0.112 TCP_CLIENT_REFRESH_MISS/200 489 GET http://forum.pfsense.org/Themes/slickprographite/images/coltitle_bg.gif - DIRECT/69.64.6.7 image/gif
1334945542.329    194 192.168.0.112 TCP_MISS/200 950 GET http://forum.pfsense.org/Themes/slickprographite/images/subforum_off.gif - DIRECT/69.64.6.7 image/gif
1334945542.347    205 192.168.0.112 TCP_MISS/200 1221 GET http://forum.pfsense.org/Themes/slickprographite/images/new_some.gif - DIRECT/69.64.6.7 image/gif
1334945542.390    169 192.168.0.112 TCP_MISS/200 1752 GET http://forum.pfsense.org/Themes/slickprographite/images/new_none.gif - DIRECT/69.64.6.7 image/gif
1334945542.480    370 192.168.0.112 TCP_MISS/200 942 GET http://forum.pfsense.org/Themes/slickprographite/images/cat_unread.gif - DIRECT/69.64.6.7 image/gif
1334945542.499    188 192.168.0.112 TCP_MISS/200 2594 GET http://forum.pfsense.org/Themes/slickprographite/images/icons/info.gif - DIRECT/69.64.6.7 image/gif
1334945542.516    404 192.168.0.112 TCP_MISS/200 2293 GET http://forum.pfsense.org/Themes/slickprographite/images/off.gif - DIRECT/69.64.6.7 image/gif
1334945542.520    409 192.168.0.112 TCP_MISS/200 1045 GET http://forum.pfsense.org/Themes/slickprographite/images/collapse.gif - DIRECT/69.64.6.7 image/gif
1334945542.543    431 192.168.0.112 TCP_MISS/200 2171 GET http://forum.pfsense.org/Themes/slickprographite/images/on.gif - DIRECT/69.64.6.7 image/gif
1334945542.553    222 192.168.0.112 TCP_MISS/200 2310 GET http://forum.pfsense.org/Themes/slickprographite/images/icons/online.gif - DIRECT/69.64.6.7 image/gif
1334945542.649    168 192.168.0.112 TCP_CLIENT_REFRESH_MISS/200 854 GET http://forum.pfsense.org/Themes/slickprographite/images/maintab_first.gif - DIRECT/69.64.6.7 image/gif
1334945542.667    166 192.168.0.112 TCP_CLIENT_REFRESH_MISS/200 664 GET http://forum.pfsense.org/Themes/slickprographite/images/maintab_back.gif - DIRECT/69.64.6.7 image/gif
1334945542.686    165 192.168.0.112 TCP_CLIENT_REFRESH_MISS/200 713 GET http://forum.pfsense.org/Themes/slickprographite/images/maintab_last.gif - DIRECT/69.64.6.7 image/gif
1334945542.918    526 192.168.0.112 TCP_MISS/200 21960 GET http://forum.pfsense.org/Themes/slickprographite/images/catbg2.jpg - DIRECT/69.64.6.7 image/jpeg
1334945543.057    709 192.168.0.112 TCP_CLIENT_REFRESH_MISS/200 21959 GET http://forum.pfsense.org/Themes/slickprographite/images/catbg.jpg - DIRECT/69.64.6.7 image/jpeg
1334945543.060    255 192.168.0.112 TCP_MISS/200 3621 GET http://googleads.g.doubleclick.net/pagead/ads? - DIRECT/209.85.148.157 text/html
1334945543.092    984 192.168.0.112 TCP_CLIENT_REFRESH_MISS/200 58783 GET http://forum.pfsense.org/Themes/slickprographite/images/logo.jpg - DIRECT/69.64.6.7 image/jpeg
1334945543.124    175 192.168.0.112 TCP_MISS/200 2827 GET http://googleads.g.doubleclick.net/pagead/ads? - DIRECT/209.85.148.157 text/html
1334945543.155     63 192.168.0.112 TCP_REFRESH_UNMODIFIED/304 257 GET http://pagead2.googlesyndication.com/pagead/images/ad_choices_i.png - DIRECT/209.85.148.156 -
1334945543.168    615 192.168.0.112 TCP_CLIENT_REFRESH_MISS/200 21941 GET http://forum.pfsense.org/Themes/slickprographite/images/titlebg.jpg - DIRECT/69.64.6.7 image/jpeg
1334945543.214    110 192.168.0.112 TCP_REFRESH_UNMODIFIED/304 257 GET http://pagead2.googlesyndication.com/pagead/images/ad_choices_en.png - DIRECT/209.85.148.156 -
1334945543.244     67 192.168.0.112 TCP_MISS/200 561 GET http://googleads.g.doubleclick.net/pagead/drt/s? - DIRECT/209.85.148.157 text/html
1334945543.395    165 192.168.0.112 TCP_MISS/200 24850 GET http://pagead2.googlesyndication.com/simgad/8603368683143355801 - DIRECT/209.85.148.156 image/png
1334945543.433    249 192.168.0.112 TCP_REFRESH_MODIFIED/200 56755 GET http://pagead2.googlesyndication.com/pagead/TemplateContainer.swf - DIRECT/209.85.148.156 application/x-shockwave-flash
1334945543.621    112 192.168.0.112 TCP_MISS/302 806 GET http://google.com/pagead/drt/ui - DIRECT/173.194.70.139 text/html
1334945543.675     46 192.168.0.112 TCP_MISS/302 806 GET http://google.com/pagead/drt/ui - DIRECT/173.194.70.139 text/html
1334945543.684     54 192.168.0.112 TCP_REFRESH_UNMODIFIED/304 257 GET http://pagead2.googlesyndication.com/pagead/gadgets/all_V15/all_V15_spec_728_90.swf - DIRECT/209.85.148.156 -
1334945543.691     59 192.168.0.112 TCP_REFRESH_UNMODIFIED/304 257 GET http://pagead2.googlesyndication.com/pagead/gadgets/all_V15/all_V15_spec_728_90.xml - DIRECT/209.85.148.156 -
1334945543.834     54 192.168.0.112 TCP_MISS/200 6914 GET http://pagead2.googlesyndication.com/pagead/imgad? - DIRECT/209.85.148.156 application/x-shockwave-flash
1334945547.398    311 192.168.0.112 TCP_MISS/200 54180 GET http://safebrowsing-cache.google.com/safebrowsing/rd/ChNnb29nLW1hbHdhcmUtc2hhdmFyEAEY4YMFIICFBSoHbkIBAP__BzIW4UEBAP______________________Hw - DIRECT/173.194.67.139 application/vnd.google.safebrowsing-chunk
1334945549.094    158 192.168.0.112 TCP_REFRESH_MODIFIED/200 56758 GET http://pagead2.googlesyndication.com/pagead/TemplateContainer_latest.swf - DIRECT/209.85.148.156 application/x-shockwave-flash
^C
[2.0.1-RELEASE][admin@pfsense.localdomain]/var/log/squid(66):

squid.conf

# This file is automatically generated by pfSense
# Do not edit manually !
http_port 192.168.0.22:3128
http_port 127.0.0.1:3128 intercept
icp_port 7

pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
error_directory /usr/local/etc/squid/errors/de-de
icon_directory /usr/local/etc/squid/icons
visible_hostname localhost
cache_mgr admin@localhost
access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
sslcrtd_children 0
logfile_rotate 2
shutdown_lifetime 3 seconds
# Allow local network(s) on interface(s)
acl localnet src  192.168.0.0/24
httpd_suppress_version_string on
uri_whitespace strip
dns_nameservers 127.0.0.1
acl dynamic urlpath_regex cgi-bin \?
cache deny dynamic
cache_mem 64 MB
maximum_object_size_in_memory 256 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
cache_dir ufs /var/squid/cache 1000 16 256
minimum_object_size 0 KB
maximum_object_size 204800 KB
offline_mode offcache_swap_low 90
cache_swap_high 95

# No redirector configured

#Remote proxies

# Setup some default acls
acl allsrc src all
acl localhost src 127.0.0.1/32
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128 1025-65535
acl sslports port 443 563
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT

http_access allow manager localhost

http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports

# Always allow localhost connections
http_access allow localhost

quick_abort_min -1 KB
quick_abort_max 0 KB
request_body_max_size 0 KB
delay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_initial_bucket_level 100
# Throttle extensions matched in the url
acl throttle_exts urlpath_regex -i "/var/squid/acl/throttle_exts.acl"
delay_access 1 allow throttle_exts
delay_access 1 deny allsrc

# Reverse Proxy settings

# Package Integration
redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf
redirector_bypass on
redirect_children 3

# Custom options

# Setup allowed acls
# Allow local network(s) on interface(s)
http_access allow localnet
# Default block all to be sure
http_access deny allsrc

This is just a test installation.