2.1 with Squid3 - How to reset the config of a deleted package?



  • How to reset the config og a deleted package?

    Actually I test squid3 with 2.1 but I think somethings are not correct in my config

    • the proxy can not be transparent.
    • in GUI I put logs in "/var/squid/logs", and in reality, it need /var/log/squid/netdb.state

    When I delete the package and re-install it, the old config is restored without ask.

    Other question how to test that this package work fine?
    Usually I do
    "tail -f /var/squid/logs/access.log" to see the traffic in cache, and
    "du -h /var/squid/cache/" to see that the cache is used (in first times)
    is this right?

    thanks.



  • To delete config, you need to Edit XML by hand.
    Current version does not has an option to clean package config.

    Unselect cache dynamic content if you have only TCP_MISS on your access.log



  • Hi Marcelloc!

    I see your name frequently is the forum.
    Thanks for your work, thanks for your help.

    With ssh access, I delete /usr/pbi/squid-i386/etc/squid/squid.conf
    I copy /usr/pbi/squid-i386/etc/squid/squid.conf.default to squid.conf, and reboot pfSense.
    The config is the same, no change.

    /var/squid/logs/access.log is empty

    
    [2.1-BETA0][admin@pfSense.tld]/var/squid(4): pwd
    /var/squid         
    
    [2.1-BETA0][admin@pfSense.tld]/var/squid(5): ls -l logs/
    total 14
    -rw-r--r--  1 proxy  proxy     0 Nov 10 12:35 access.log
    -rw-r-----  1 proxy  proxy  4375 Nov 11 09:59 cache.log
    -rw-r--r--  1 proxy  proxy  7132 Nov 10 18:49 cache.log.0
    [2.1-BETA0][admin@pfSense.tld]/var/squid(6): 
    
    

    The content of cache.log

    
    [2.1-BETA0][admin@pfSense.tld]/var/squid(6): cat logs/cache.log
    2012/11/11 00:00:02| storeDirWriteCleanLogs: Starting...
    2012/11/11 00:00:02|   Finished.  Wrote 0 entries.
    2012/11/11 00:00:02|   Took 0.00 seconds (  0.00 entries/sec).
    2012/11/11 09:57:00| Preparing for shutdown after 16133 requests
    2012/11/11 09:57:00| Waiting 3 seconds for active connections to finish
    2012/11/11 09:57:00| FD 22 Closing HTTP connection
    2012/11/11 09:57:00| FD 23 Closing HTTP connection
    2012/11/11 09:57:04| Shutting down...
    2012/11/11 09:57:04| FD 24 Closing ICP connection
    2012/11/11 09:57:04| basic/auth_basic.cc(97) done: Basic authentication Shutdown.
    2012/11/11 09:57:04| Closing unlinkd pipe on FD 17
    2012/11/11 09:57:04| storeDirWriteCleanLogs: Starting...
    2012/11/11 09:57:04|   Finished.  Wrote 0 entries.
    2012/11/11 09:57:04|   Took 0.00 seconds (  0.00 entries/sec).
    CPU Usage: 303.738 seconds = 162.332 user + 141.405 sys
    Maximum Resident Size: 14768 KB
    Page faults with physical i/o: 3
    2012/11/11 09:57:04| Open FD UNSTARTED    11 DNS Socket IPv6
    2012/11/11 09:57:04| Open FD READ/WRITE   12 DNS Socket IPv4
    2012/11/11 09:57:04| Open FD READ/WRITE   16 Waiting for next request
    2012/11/11 09:57:04| Open FD UNSTARTED    24 ICP Socket
    2012/11/11 09:57:04| Open FD READ/WRITE   25 www.msftncsi.com idle connection
    2012/11/11 09:57:04| Open FD READ/WRITE   26 crl.microsoft.com idle connection
    2012/11/11 09:57:04| Squid Cache (Version 3.1.20): Exiting normally.
    2012/11/11 09:59:09| Starting Squid Cache version 3.1.20 for i386-portbld-freebsd8.3...
    2012/11/11 09:59:09| Process ID 18192
    2012/11/11 09:59:09| With 6976 file descriptors available
    2012/11/11 09:59:09| Initializing IP Cache...
    2012/11/11 09:59:09| DNS Socket created at [::], FD 11
    2012/11/11 09:59:09| DNS Socket created at 0.0.0.0, FD 12
    2012/11/11 09:59:09| Adding domain cna.mg from /etc/resolv.conf
    2012/11/11 09:59:09| Adding nameserver 127.0.0.1 from /etc/resolv.conf
    2012/11/11 09:59:09| Adding nameserver 192.168.1.1 from /etc/resolv.conf
    2012/11/11 09:59:09| Adding nameserver 208.67.222.222 from /etc/resolv.conf
    2012/11/11 09:59:09| Adding nameserver 208.67.220.220 from /etc/resolv.conf
    2012/11/11 09:59:09| Adding nameserver 8.8.8.8 from /etc/resolv.conf
    2012/11/11 09:59:09| Adding nameserver 8.8.8.4 from /etc/resolv.conf
    2012/11/11 09:59:09| User-Agent logging is disabled.
    2012/11/11 09:59:09| Referer logging is disabled.
    2012/11/11 09:59:10| Unlinkd pipe opened on FD 17
    2012/11/11 09:59:10| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
    2012/11/11 09:59:10| Store logging disabled
    2012/11/11 09:59:10| Swap maxSize 5120000 + 262144 KB, estimated 414011 objects
    2012/11/11 09:59:10| Target number of buckets: 20700
    2012/11/11 09:59:10| Using 32768 Store buckets
    2012/11/11 09:59:10| Max Mem  size: 262144 KB
    2012/11/11 09:59:10| Max Swap size: 5120000 KB
    2012/11/11 09:59:10| Version 1 of swap file with LFS support detected... 
    2012/11/11 09:59:10| Rebuilding storage in /var/squid/cache (CLEAN)
    2012/11/11 09:59:10| Using Least Load store dir selection
    2012/11/11 09:59:10| Current Directory is /etc
    2012/11/11 09:59:10| Loaded Icons.
    2012/11/11 09:59:10| helperOpenServers: Starting 0/0 'ssl_crtd' processes
    2012/11/11 09:59:10| helperOpenServers: No 'ssl_crtd' processes needed.
    2012/11/11 09:59:10| Accepting  HTTP connections at 172.24.0.1:3128, FD 22.
    2012/11/11 09:59:10| Accepting  intercepted HTTP connections at 127.0.0.1:3128, FD 23.
    2012/11/11 09:59:10| Accepting ICP messages at [::]:7, FD 24.
    2012/11/11 09:59:10| HTCP Disabled.
    2012/11/11 09:59:10| Ready to serve requests.
    2012/11/11 09:59:10| Done reading /var/squid/cache swaplog (0 entries)
    2012/11/11 09:59:10| Finished rebuilding storage from disk.
    2012/11/11 09:59:10|         0 Entries scanned
    2012/11/11 09:59:10|         0 Invalid entries.
    2012/11/11 09:59:10|         0 With invalid flags.
    2012/11/11 09:59:10|         0 Objects loaded.
    2012/11/11 09:59:10|         0 Objects expired.
    2012/11/11 09:59:10|         0 Objects cancelled.
    2012/11/11 09:59:10|         0 Duplicate URLs purged.
    2012/11/11 09:59:10|         0 Swapfile clashes avoided.
    2012/11/11 09:59:10|   Took 0.11 seconds (  0.00 objects/sec).
    2012/11/11 09:59:10| Beginning Validation Procedure
    2012/11/11 09:59:10|   Completed Validation Procedure
    2012/11/11 09:59:10|   Validated 25 Entries
    2012/11/11 09:59:10|   store_swap_size = 0
    2012/11/11 09:59:11| storeLateRelease: released 0 objects
    
    [2.1-BETA0][admin@pfSense.tld]/var/squid(7): 
    
    

    Where is the xml file?
    I can not see the modified values in these files

    
    [2.1-BETA0][admin@pfSense.tld]/var/squid(7): find / -name "*squid*xml*"
    /usr/local/pkg/squid.xml
    /usr/local/pkg/squid_reverse_general.xml
    /usr/local/pkg/squid_reverse_peer.xml
    /usr/local/pkg/squid_reverse_uri.xml
    /usr/local/pkg/squid_reverse_sync.xml
    /usr/local/pkg/squid_sync.xml
    /usr/local/pkg/squid_cache.xml
    /usr/local/pkg/squid_nac.xml
    /usr/local/pkg/squid_ng.xml
    /usr/local/pkg/squid_traffic.xml
    /usr/local/pkg/squid_upstream.xml
    /usr/local/pkg/squid_reverse.xml
    /usr/local/pkg/squid_auth.xml
    /usr/local/pkg/squid_users.xml
    
    [2.1-BETA0][admin@pfSense.tld]/var/squid(8): 
    
    
    
    [2.1-BETA0][admin@pfSense.tld]/usr/local/pkg(17): ps ax |grep squid
    17633  ??  Is     0:00.01 /usr/pbi/squid-i386/sbin/squid -f /usr/pbi/squid-i386
    18192  ??  R      0:45.86 (squid) -f /usr/pbi/squid-i386/etc/squid/squid.conf (
    59301   0  S+     0:00.01 grep squid
    
    [2.1-BETA0][admin@pfSense.tld]/usr/local/pkg(18): 
    
    

    If can post all needed info.

    I think it can be help to have a reset button in the GUI for restore default value.

    @+



  • Squid package config stays on pfSense config.xml file.

    Make a backup (diagnostic s-> backup) and take a look for squid settings.

    Be care full while editing XML file to do not mess up the file and break your pfSense.

    If you know how Vi and XML config works, you can try a viconfig on console.



  • I uncheck "dynamic content" and can see that "du -h /var/squid/cache" begin to increase. Wait for real use of the network for verify if cache work.

    "tail -f /var/squid/logs/access.log" stay empty. Nothing in this log-file.

    /cf/conf/config.xml contain configs data but it seems to be mixed in the file, ie, the item in the file is not in the same order in the GUI, it is more complicated for me because the number of lines (3250), I prefer do nothing with this file.

    I'm not certain that it works correctly.



  • the ends of lines of /var/squid/logs/cache.log show some errors

    
    [2.1-BETA0][admin@pfSense.tld]/var/squid(7): cat logs/cache.log
    2012/11/12 00:00:00| storeDirWriteCleanLogs: Starting...
    2012/11/12 00:00:00|   Finished.  Wrote 5657 entries.
    2012/11/12 00:00:00|   Took 0.01 seconds (427233.59 entries/sec).
    2012/11/12 08:30:13| comm_old_accept: FD 23: (53) Software caused connection abort
    2012/11/12 08:30:13| httpAccept: FD 23: accept failure: (53) Software caused connection abort
    2012/11/12 08:30:16| comm_old_accept: FD 23: (53) Software caused connection abort
    2012/11/12 08:30:16| httpAccept: FD 23: accept failure: (53) Software caused connection abort
    2012/11/12 08:30:18| comm_old_accept: FD 23: (53) Software caused connection abort
    2012/11/12 08:30:18| httpAccept: FD 23: accept failure: (53) Software caused connection abort
    2012/11/12 08:30:20| comm_old_accept: FD 23: (53) Software caused connection abort
    2012/11/12 08:30:20| httpAccept: FD 23: accept failure: (53) Software caused connection abort
    
    [2.1-BETA0][admin@pfSense.tld]/var/squid(8): 
    
    

    I can not interpret these errors.

    .



  • I see that squid runs under root. Is it normal?

    
    [2.1-BETA0][admin@pfSense.tld]/var/squid(17): ps ux |grep squid
    root 12374  0.0  0.8  9552  3984  ??  Is   Sun11AM   0:00.01 /usr/pbi/squid-i38
    root 10230  0.0  0.2  3536  1184   0  S+   11:34AM   0:00.01 grep squid
    
    [2.1-BETA0][admin@pfSense.tld]/var/squid(18): 
    
    
    
    [2.1-BETA0][admin@pfSense.tld]/var/squid(19): cat /etc/passwd |grep squid
    
    [2.1-BETA0][admin@pfSense.tld]/var/squid(20): cat /etc/passwd | grep proxy
    proxy:*:62:62:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin
    
    [2.1-BETA0][admin@pfSense.tld]/var/squid(21): cat /etc/group  | grep squid
    
    [2.1-BETA0][admin@pfSense.tld]/var/squid(22): cat /etc/group | grep proxy
    proxy:*:62:
    
    [2.1-BETA0][admin@pfSense.tld]/var/squid(23): 
    
    

    In /usr/pbi/squid-i386/etc/squid/squid.conf the user and group are proxy

    
    [2.1-BETA0][admin@pfSense.tld]/var/squid(23): cat /usr/pbi/squid-i386/etc/squid/squid.conf
    # This file is automatically generated by pfSense
    # Do not edit manually !
    http_port 172.24.0.1:3128
    http_port 127.0.0.1:3128 intercept
    icp_port 7
    dns_v4_first off
    pid_filename /var/run/squid.pid
    cache_effective_user proxy
    cache_effective_group proxy
    error_default_language fr
    icon_directory /usr/pbi/squid-i386/etc/squid/icons
    visible_hostname aro-afo
    cache_mgr admin@localhost
    access_log /dev/null
    cache_log /var/squid/logs/cache.log
    cache_store_log none
    sslcrtd_children 0
    logfile_rotate 15
    shutdown_lifetime 3 seconds
    # Allow local network(s) on interface(s)
    acl localnet src  172.24.0.0/24
    uri_whitespace strip
    
    acl dynamic urlpath_regex cgi-bin \?
    cache deny dynamic
    cache_mem 256 MB
    maximum_object_size_in_memory 128 KB
    memory_replacement_policy lru
    cache_replacement_policy heap LFUDA
    cache_dir ufs /var/squid/cache 5000 16 256
    minimum_object_size 0 KB
    maximum_object_size 20000 KB
    offline_mode offcache_swap_low 90
    cache_swap_high 95
    
    # No redirector configured
    
    #Remote proxies
    
    # Setup some default acls
    acl allsrc src all
    acl localhost src 127.0.0.1/32
    acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128 1025-65535 
    acl sslports port 443 563  
    acl manager proto cache_object
    acl purge method PURGE
    acl connect method CONNECT
    
    http_access allow manager localhost
    
    http_access deny manager
    http_access allow purge localhost
    http_access deny purge
    http_access deny !safeports
    http_access deny CONNECT !sslports
    
    # Always allow localhost connections
    http_access allow localhost
    
    quick_abort_min 0 KB
    quick_abort_max 0 KB
    request_body_max_size 0 KB
    delay_pools 1
    delay_class 1 2
    delay_parameters 1 -1/-1 -1/-1
    delay_initial_bucket_level 100
    # Throttle extensions matched in the url
    acl throttle_exts urlpath_regex -i "/var/squid/acl/throttle_exts.acl"
    delay_access 1 allow throttle_exts
    delay_access 1 deny allsrc
    
    # Reverse Proxy settings
    
    # Custom options
    
    # Setup allowed acls
    # Allow local network(s) on interface(s)
    http_access allow localnet
    # Default block all to be sure
    http_access deny allsrc
    
    [2.1-BETA0][admin@pfSense.tld]/var/squid(24): 
    
    


  • @TsyMiroro:

    "tail -f /var/squid/logs/access.log" stay empty. Nothing in this log-file.

    Did you enabled squid logs on gui?



  • Enable logging is enabled.

    In this time I do a update from 13 Nov to 17 Nov.
    After this if I see some error I report it here.

    In this version caching dynamic content work?



  • Now, I have activities into /var/squid/logs/access.log with some HIT

    The size given by du -h /var/squid/cache/ increase and decrease (decrease slowly), but is not in the maximum value get in GUI.
    In GUI It put 3000Mo, yesterday "du -h" give 780Mo, today it is  757Mo

    I can think that it work correctly.

    I continue to view this work and install lightsquid in next week, and when it work normally, install squidguard too, but when a problem occurs, it is an other thread.

    Thanks for help.



  • How to mark [solved] in subject?



  • Edit your first post in this subject and edit Subject field.. ;)



  • I want to note that in 2.1, squid3 seems not work with "dynamic content" checked.

    Thanks for all.


Locked