Squid 3.3.4 package for pfsense with ssl filtering
-
Good day, I had come across having problem with transparent proxy for both http and https to remote cache. It doesn't redirect to the other proxy server when I enabled both settings.
It works perfectly fine without enable ssl transparent proxy.
(opened a thread here. http://forum.pfsense.org/index.php/topic,64192.0.html)
thanks. :)
-
I'm not sure, if this is a bug or not:
if I enter wrong code into the custom options box and save those options squid stops working (this is ok :))
But if you remove the wrong options from the custom option field and hit save/restart squid manually, it still does not work. It seems, that if squid stops responding no changes are committed to the squid.conf file when you change some options in the webinterface. The system log still displays the wrong option line and says that there was no running copy found. -
Hi marcelloc.
First thanks for all your work getting squid with ssl interception! I currently have a hacked in squid 3.3.1 with it working on pfSense 2.1-BETA.
So I really would like to replace that as it prevents me from easily updating the system.
Trying the new 3.3.5 package on a virtual machine here I was able to get squid and squidguard installed and squid will run for me but refuses connections and netstat shows me:
tcp4 0 0 192.168.56.254.3128 . CLOSED
right IP:port but CLOSED..? Let me know if you want to see cache.log or output from squid -NsXY or if you happen to know the fix? ;)
-
Hi again.
I figured out how to get squid to start. Disable pf :(
If I don't the squid cache.log stops at:
2013/07/24 13:29:21 kid1| WARNING: no_suid: setuid(0): (1) Operation not permitted
2013/07/24 13:29:21 kid1| sendto FD 25: (1) Operation not permitted
2013/07/24 13:29:21 kid1| ipcCreate: CHILD: hello write test failedOnce I run pfctl -d it starts up normally.
2013/07/24 13:32:34 kid1| Completed Validation Procedure
2013/07/24 13:32:34 kid1| Validated 325 Entries
2013/07/24 13:32:34 kid1| store_swap_size = 5758.00 KB
2013/07/24 13:32:35 kid1| storeLateRelease: released 0 objectsAs I mentioned this is running in a VM so that may be part of the problem but I have done similar setups in the past and did not have this issue.
-
I had 3.3.5 working well with SG and HAVP. i noticed the other day your pkg had been updated to 3.3.8. i tried to upgrade to 3.3.8 by re-installing the pkg. The re-install failed, and since then I can't get squid to work. I've tried completely removing and re-installing the pkg, but no good.
here is the log:
Jul 25 14:51:37 squid[26589]: Squid Parent: will start 1 kids
Jul 25 14:51:37 squid[26589]: Squid Parent: (squid-1) process 26798 started
Jul 25 14:51:38 (squid-1): I don't handle this error well!
Jul 25 14:51:38 squid[26589]: Squid Parent: (squid-1) process 26798 exited with status 1
Jul 25 14:51:41 squid[26589]: Squid Parent: (squid-1) process 27792 started
Jul 25 14:51:43 (squid-1): I don't handle this error well!
Jul 25 14:51:43 squid[26589]: Squid Parent: (squid-1) process 27792 exited with status 1
Jul 25 14:51:46 squid[26589]: Squid Parent: (squid-1) process 32037 started
Jul 25 14:51:47 (squid-1): I don't handle this error well!
Jul 25 14:51:47 squid[26589]: Squid Parent: (squid-1) process 32037 exited with status 1
Jul 25 14:51:50 squid[26589]: Squid Parent: (squid-1) process 32672 started
Jul 25 14:51:51 Squid_Alarm[34792]: Squid has resumed. Reconfiguring filter.
Jul 25 14:51:51 (squid-1): I don't handle this error well!
Jul 25 14:51:51 squid[26589]: Squid Parent: (squid-1) process 32672 exited with status 1
Jul 25 14:51:51 check_reload_status: Reloading filter
Jul 25 14:51:54 squid[26589]: Squid Parent: (squid-1) process 35905 started
Jul 25 14:51:55 (squid-1): I don't handle this error well!
Jul 25 14:51:55 squid[26589]: Squid Parent: (squid-1) process 35905 exited with status 1
Jul 25 14:51:55 squid[26589]: Squid Parent: (squid-1) process 35905 will not be restarted due to repeated, frequent failures
Jul 25 14:51:55 squid[26589]: Exiting due to repeated, frequent failures
Jul 25 14:52:00 php: : SQUID is installed but not started. Not installing "nat" rules.
Jul 25 14:52:03 php: : SQUID is installed but not started. Not installing "pfearly" rules.Any suggestions on how to proceed?
Thanks
-
Hi, I have problems too with the "3.3.8" package on 2.1 amd64 see system.log:
Jul 25 22:10:20 <hostname>php: /status_services.php: The command '/usr/local/etc/rc.d/squid.sh stop' returned exit code '1', the output was '/libexec/ld-elf.so.1: Shared object "libheimntlm.so.10" not found, required by "squid"'
Seems the PBI is missing this library yet to launch?</hostname>
-
Grab the libs from the first post and copy to /usr/local/lib
squid should run.. I'm just having weird issues where it looks like pf is blocking my squid port.
-
Thanks @workingman, the thread just got a bit long (aka TL;DR) ;-)
So squid >3.3 is yet quite of a moving target. Anyhow thanks to the packager(s) for all their time put into this fine proxy.
Update:
-
Since I'm on 2.1 (I have due to H/W support) with PBIs I put the libs under /usr/pbi/squid-amd64/lib
-
Although the libs work, the build dates suggest they are from FreeBSD 8.1 (base of 2.0.x), I consider
getting those libs from a patched 8.3 for my 2.1
-
-
Hello
Since 2.1 RC1
Latest Squid doesn't works anymore:Aug 6 08:54:33 (squid-1): I don't handle this error well!
Aug 6 08:54:33 squid[64384]: Squid Parent: (squid-1) process 71825 exited with status 1
Aug 6 08:54:36 squid[64384]: Squid Parent: (squid-1) process 76944 started
Aug 6 08:54:38 (squid-1): I don't handle this error well!
Aug 6 08:54:38 squid[64384]: Squid Parent: (squid-1) process 76944 exited with status 1
Aug 6 08:54:38 squid[64384]: Squid Parent: (squid-1) process 76944 will not be restarted due to repeated, frequent failures
Aug 6 08:54:38 squid[64384]: Exiting due to repeated, frequent failuresIs there a turnaround ?
-
Squid was updated to 3.3.8 but I'm having no time to test if it was working properly or not.
-
It's working
juste had to save the settings (with no change)
Service restarted and didn't crashed -
Pretty sure I just figured out why my port was CLOSED.
I had Allow IPv6 disabled under System -> Advanced -> Networking
After checking that box and restarting squid:
tcp4 0 0 192.168.56.254.3128 . LISTEN
Finally… a-testing I will go.
-
hi
i want to install squid tahat support icap and integrate with anti virus.but i dont now.
can you help? -
hi
i want to install squid tahat support icap and integrate with anti virus.but i dont now.
can you help?It's still under development on squid3-dev
-
I was wondering if Dansguardian is suppose to be working on this version of squid?
I am on PFSense 2.1(AMD64). DG works with Squid3 but not the dev version.
For some reason DG is unable to connect with Squid3dev.
Squid3dev works perfectly on its own.
-
I use dansguardian with squid3-dev.
What errors are you getting?
-
I use dansguardian with squid3-dev.
What errors are you getting?
Dansguardian: error connecting to proxy. Same error as Legion on page 2.
I have it upstream to a proxy server on port 3128.
works fine with squid3.
Thnx
-
Check if squid is listening(netstat -an | grep -i listen) on the port you have configured on dansguardian.
-
Check if squid is listening(netstat -an | grep -i listen) on the port you have configured on dansguardian.
It is closed.
-