Dansguardian freshclam issue
-
I just did a fresh install of the 2.1 amd64 build from 8/29 and had no issues at all…
I installed the following packages in order...
cron
vhosts
dansguardian
squid3
OpenVPN Client Export Utility -
hmmm.. ok.. did you activate clamd ???
Also, if I am not mistaken.. you must have configured dans "after" installing squid3.. as dans works on squid
-
I just did a fresh install of the 2.1 amd64 build from 8/29 and had no issues at all…
I installed the following packages in order...
cron
vhosts
dansguardian
squid3
OpenVPN Client Export Utilitysame old issue..
$ freshclam
ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).
ERROR: Can't open /var/log/clamav/freshclam.log in append mode (check permissions!). -
hmmm.. ok.. did you activate clamd ???
Also, if I am not mistaken.. you must have configured dans "after" installing squid3.. as dans works on squid
To be honest… what I did is install all of the packages listed above in the order that I listed. Then I did the following
1.) rebooted
2.) copied over a config.xml that already had all of the DG and squid settings I wanted (turns on clam for example).
3.) rebooted
5.) ran the DG blacklist download (since my config.xml uses a different blacklist site)
6.) started DG manually
7.) validated that everything was running (ps -ax | grep clam, ps -ax | grep dans, ps -ax | grep squid)
8.) rebooted
9.) validate that everything was running -
Just as a quick follow-up. I did another install of 2.1 RC2 i386 version today. With the following steps, I'm not having any issue…
1. Install pfsense 2.1 RC2 using normal USB install
2. Reboot and assign WAN and LAN interfaces
3. Select "Set interface(s) IP address" from the menu (2)
choose the LAN interface
change IP address to 192.168.4.1
change bitcount to 24
enable DHCP server Y
starting 192.168.4.100
ending 192.168.4.150
revert to HTTP Y
NO Gateway or IPV6
4. Select "Enable Secure Shell (sshd)" (14) from the menu
5. Login to the web interface as admin/pfsense at http://192.168.4.1
6. Skip the setup wizard by going to 192.168.4.1 again after the wizard starts
7. Install the following packages in order (System/Packages):
cron
vhosts
dansguardian
squid3
OpenVPN Client Export Utility
8. Go into the proxy settings and click "save"
9. Go into DG settings and enable DG and save
10. Go into DG settings and add the URL for blacklist download, set to happen every other day
11. Go into DG settings and turn on ClamI logged into the secure shell and validated that everything was running. I then rebooted the box and validated that everything was running.
-
Ahh you are on i386.. I am on amd64 .. That could be the issue. I have 8GB RAM.. so i386 is not for me.
The amd64 dans package still needs to be updated for compatibility with 2.1
-
Ahh you are on i386.. I am on amd64 .. That could be the issue. I have 8GB RAM.. so i386 is not for me.
The amd64 dans package still needs to be updated for compatibility with 2.1
The install I referenced earlier in this thread was amd64 - it worked as well. However, as soon as the new 2.1 release bits come out I will try it again and let you know the steps/results.
-
Great. Thanks!
I am thinking of creating a new test 2.0.3 install and restore my current stable 2.0.3 config.xml to it.. and do a 2.1 upgrade on it. If that works then I will make a copy of the new 2.1 config.xml and use it for future installs. Something tells me it won't work.. but who cares I will still test it out :)
-
Great. Thanks!
I am thinking of creating a new test 2.0.3 install and restore my current stable 2.0.3 config.xml to it.. and do a 2.1 upgrade on it. If that works then I will make a copy of the new 2.1 config.xml and use it for future installs. Something tells me it won't work.. but who cares I will still test it out :)
Yea I can't imagine that will make much difference.
Apologize - doesn't seem like I'm being much help, but I haven't been able to replicate the problem you're having. What you describe happened to me on some builds about a month ago, but I haven't had an issue in quite a while…
-
Made some progress.. while at least a step forward..
Still on 2.0.3 I wanted to try Squid3 for sometime but could never get it to work with Dans. This time I installed Dans first on a clean install and then Squid3 after that. One thing I forgot to mention is that I used to install Snort as the first package after every clean install but this time I installed it in the end. Maybe this must have resolved the issue. Logic said to install Squid first as Dans is dependent on Squid but when I saw other folks on this forum installing Dans before Squid, I tried it for the sake of doing it and it worked. Ran freshclam manually after a reboot as the automated freshclam instance hangs (have seen it behave the same way earlier)
One issue I have noticed is that "transparent proxy" feature in Squid3 does not work. If I select that option all clients on the network fail to reach the internet. I could get them to work by specifying a web proxy with port 3128 and that worked fine. This wasn't the case in Squid2. But this annoyance is not much of an issue for me right now as use Dans NAT forced rules to forward all traffic to port 8080. So its kinda transparent for all network devices. But I would still like to see the transparent proxy issue resolved in Squid3.
Has anyone tested the new dev-Squid3 install yet with Dans?
My next step is to wait for the final release of v2.1 and then do the same steps as above to install Dans. I suspect Snort package install corrupting the Dans installation … but I may be wrong.
-
Made some progress.. while at least a step forward..
Still on 2.0.3 I wanted to try Squid3 for sometime but could never get it to work with Dans. This time I installed Dans first on a clean install and then Squid3 after that. One thing I forgot to mention is that I used to install Snort as the first package after every clean install but this time I installed it in the end. Maybe this must have resolved the issue. Logic said to install Squid first as Dans is dependent on Squid but when I saw other folks on this forum installing Dans before Squid, I tried it for the sake of doing it and it worked. Ran freshclam manually after a reboot as the automated freshclam instance hangs (have seen it behave the same way earlier)
You definitely need to install squid3 after dans. I believe it's because Dans installs squid2 and installing after essentially replaces the squid2 install
One issue I have noticed is that "transparent proxy" feature in Squid3 does not work. If I select that option all clients on the network fail to reach the internet. I could get them to work by specifying a web proxy with port 3128 and that worked fine. This wasn't the case in Squid2. But this annoyance is not much of an issue for me right now as use Dans NAT forced rules to forward all traffic to port 8080. So its kinda transparent for all network devices. But I would still like to see the transparent proxy issue resolved in Squid3.
I'm not really sure what you mean by this… If you are installing Dans, you would typically send all clients to dans either through a NAT rule or by the client proxy configuration (manuall or using proxy PAC file). Then you would block anyone from directly accessing squid by using a firewall rule or in the squid config itself - i.e. no one should be able to use squid proxy directly on 3128. If that's how you set things up, it makes no difference whether you select "transparent" or not on the squid configuration.
Has anyone tested the new dev-Squid3 install yet with Dans?
My next step is to wait for the final release of v2.1 and then do the same steps as above to install Dans. I suspect Snort package install corrupting the Dans installation … but I may be wrong.
Havent' tried dev-Squid3 or Snort. 2.1 works fine though…
-
I don't think Dans installs Squid2. Its dependent on it but it won't install it. You would have to install it manually.
I bypass Dans for just myself for testing stuff ;) and add my laptop IP in the exclusion list so that it's filtered.
-
Still can't make Dans work on 2.1 .. moving back to 2.0.3 :(
php: rc.start_packages: The command '/usr/local/etc/rc.d/dansguardian.sh start' returned exit code '127', the output was '/usr/local/etc/rc.d/dansguardian.sh: not found'
Sep 21 15:22:22 php: rc.start_packages: [Dansguardian] - Save settings package call pr: bp:1 rpc:no
Sep 21 15:22:22 php: rc.start_packages: Starting Dansguardian -
Why do you need squid3? Just wondering?
-
Still can't make Dans work on 2.1 .. moving back to 2.0.3 :(
php: rc.start_packages: The command '/usr/local/etc/rc.d/dansguardian.sh start' returned exit code '127', the output was '/usr/local/etc/rc.d/dansguardian.sh: not found'
Sep 21 15:22:22 php: rc.start_packages: [Dansguardian] - Save settings package call pr: bp:1 rpc:no
Sep 21 15:22:22 php: rc.start_packages: Starting DansguardianI've installed DG and Squid3 on 2.1 at least a half dozen times and never had this problem. I will try to replicate your issue if it would be helpful, but I would need to know exactly what you are doing and in what order…
-
Still can't make Dans work on 2.1 .. moving back to 2.0.3 :(
php: rc.start_packages: The command '/usr/local/etc/rc.d/dansguardian.sh start' returned exit code '127', the output was '/usr/local/etc/rc.d/dansguardian.sh: not found'
Sep 21 15:22:22 php: rc.start_packages: [Dansguardian] - Save settings package call pr: bp:1 rpc:no
Sep 21 15:22:22 php: rc.start_packages: Starting DansguardianI've installed DG and Squid3 on 2.1 at least a half dozen times and never had this problem. I will try to replicate your issue if it would be helpful, but I would need to know exactly what you are doing and in what order…
Now I have the exact same problem on 2.0.3 as well >:(
Clean install on basic VM. After first boot I installed dans first and then squid (tried both v2 ad v3) Thats it. Squid works everytime but dans does not start and gives the exat same error of exit cde
27.. REALLY PISSED RIGHT NOW .. >:(Have done over 10 clean installs since morning… with the exact same issue. I don't even start clamd.. its the base das config and it wont start. I get the blacklist to download as well.. but the service fails to start.
Here is the log from 2.0.3
Sep 21 16:04:09 php: : Starting Dansguardian
Sep 21 16:04:09 check_reload_status: Syncing firewall
Sep 21 16:04:08 php: : [Dansguardian] - Save settings package call pr: bp:1 rpc:no
Sep 21 16:04:08 php: : The command '/usr/local/etc/rc.d/dansguardian.sh start' returned exit code '127', the output was '/usr/local/etc/rc.d/dansguardian.sh: not found'
Sep 21 16:04:08 php: : Starting Dansguardian
Sep 21 16:04:08 php: : [Dansguardian] - Save settings package call pr: bp:1 rpc:no -
Why do you need squid3? Just wondering?
Just testing Squid3. Have found Squid2 to work fine but looking at Squid3 to see if there is any improvements in caching and response times.
-
Does Dansguardian + squid (not cutting edge new and improved squid) work for you with 2.1?
-
There is a definite issue with Dans package. No one is accepting this fact. A simple VM shouldnt have this issue. Its on the very basic config
Dans at the moment is not working for me on 2.0.3 and 2.1 .. well it never worked with 2.1 .. ever.
Squid2 and Squid3 works fine on both versions.
-
Running pfsense on very compatible hardware is much better than in a VM. If you have a box you can spare…