Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squidguard crashed pfsense

    pfSense Packages
    1
    1
    1.8k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      martta
      last edited by

      Hello,

      I have pfsense 2.0.3, running squid (2.7.9 pkg v.4.3.3) in transparent mode and squidguard (1.4_4 pkg v.1.9.5). This system has functioned well for a few months until this morning when one URL took the whole system down to the point where a hard poweroff was the only option - twice. The url was http://www.forbes.com/sites/williampentland/2013/07/09/worlds-15-most-inventive-cities/ so it shouldn't be anything questionable. I tried visiting it again after turning squid off and it worked without problems. Could there be something wrong with my settings, or is it the myriad of ads on that website that caused this? Even so, I don't think a lot of ads should do that.

      I have the 'Clean advertising' box checked. My blacklist is from http://squidguard.mesd.k12.or.us/blacklists.tgz
      My target rules deny: ads, aggressive, drugs, gambling, hacking, porn, spyware, violence, and warez. I don't have any custom settings other than those.

      Let me know if you have any ideas or need more info. Below I have pasted what was available in the proxy filter logs. Since the system just hung at some point, it's possible the root cause isn't included.

      15.07.2013 08:59:23	192.168.100.100/-	http://gscounters.us1.gigya.com/gs/api.ashx?sdk=js&f=re&e=load&ak=2_Ais1WWPAXDG-HIjyf3JLBHo5wnYnwGm6KSfL1A0vaeV99eJghllSaRjZNe8njI2f&source=showLoginUI&now=1373896772323	Request(default/blk_blacklists_spyware/-) - GET REDIRECT
15.07.2013 08:59:23	192.168.100.100/-	http://gscounters.us1.gigya.com/gs/api.ashx?sdk=js&f=re&e=load&ak=2_Ais1WWPAXDG-HIjyf3JLBHo5wnYnwGm6KSfL1A0vaeV99eJghllSaRjZNe8njI2f&source=showLoginUI&now=1373896772293	Request(default/blk_blacklists_spyware/-) - GET REDIRECT
15.07.2013 08:59:23	192.168.100.100/-	http://gscounters.us1.gigya.com/gs/api.ashx?sdk=js&f=re&e=load&ak=2_Ais1WWPAXDG-HIjyf3JLBHo5wnYnwGm6KSfL1A0vaeV99eJghllSaRjZNe8njI2f&source=showLoginUI&now=1373896772232	Request(default/blk_blacklists_spyware/-) - GET REDIRECT
15.07.2013 08:59:23	192.168.100.100/-	http://gscounters.us1.gigya.com/gs/api.ashx?sdk=js&f=re&e=load&ak=2_Ais1WWPAXDG-HIjyf3JLBHo5wnYnwGm6KSfL1A0vaeV99eJghllSaRjZNe8njI2f&source=showLoginUI&now=1373896772205	Request(default/blk_blacklists_spyware/-) - GET REDIRECT
15.07.2013 08:59:22	192.168.100.100/-	http://gscounters.us1.gigya.com/gs/api.ashx?sdk=js&f=re&e=loadc&;ak=2_Ais1WWPAXDG-HIjyf3JLBHo5wnYnwGm6KSfL1A0vaeV99eJghllSaRjZNe8njI2f&now=1373896771789&sref=http://www.forbes.com/fdc/welcome_mjx.shtml	Request(default/blk_blacklists_spyware/-) - GET REDIRECT
15.07.2013 08:58:51	192.168.100.100/-	http://cc.simplereach.com/n?pid=50e4a8434240cf5c4b000009&url=http://www.forbes.com/sites/williampentland/2013/07/09/worlds-15-most-inventive-cities/&title=World's%2015%20Most%20Inventive%20Cities&date=2013-07-09T19:49:00Z&domain=undefined&ref_url=http://www.forbes.com/fdc/welcome_mjx.shtml&referrer=http://www.forbes.com/fdc/welcome_mjx.shtml&page_url=http://www.forbes.com/sites/williampentland/2013/07/09/worlds-15-most-inventive-cities/&authors=William%20Pentland&channels=business&;tags=site::williampentland|slot::&cb=SPR.API.callbacks.cb584661	Request(default/blk_blacklists_spyware/-) - GET REDIRECT
15.07.2013 08:58:51	192.168.100.100/-	http://tags.bluekai.com/site/3536?ret=js&phint=channel=business&phint=section=williampentlandblog&phint=member=&phint=partner=	Request(default/blk_blacklists_ads/-) - GET REDIRECT
15.07.2013 08:58:51	192.168.100.100/-	http://ad.doubleclick.net/N7175/adj/fdc.forbes/article;id=blogandpostid/blog/post/1211-6161;channel=business;section=business:energy;channel=tech;section=tech:greentech;section=tech:humaningenuity;section=tech:innovation&science;section=business:logistics&transportation;contrib=williampentland;pos=bottom;sz=728x90,970x250;tile=10;u=;ord=402428261?	Request(default/blk_blacklists_ads/-) - GET REDIRECT
15.07.2013 08:58:51	192.168.100.100/-	http://ad.doubleclick.net/N7175/adj/fdc.forbes/article;id=blogandpostid/blog/post/1211-6161;channel=business;section=business:energy;channel=tech;section=tech:greentech;section=tech:humaningenuity;section=tech:innovation&science;section=business:logistics&transportation;contrib=williampentland;pos=loge;sz=300x250,300x600,336x850,336x280;tile=9;u=;ord=402428261?	Request(default/blk_blacklists_ads/-) - GET REDIRECT
15.07.2013 08:58:51	192.168.100.100/-	http://ad.doubleclick.net/N7175/adj/fdc.forbes/article;id=blogandpostid/blog/post/1211-6161;channel=business;section=business:energy;channel=tech;section=tech:greentech;section=tech:humaningenuity;section=tech:innovation&science;section=business:logistics&transportation;contrib=williampentland;pos=text;sz=300x250,336x280,300x600;tile=8;u=;ord=402428261?	Request(default/blk_blacklists_ads/-) - GET REDIRECT
15.07.2013 08:58:51	192.168.100.100/-	http://ad.doubleclick.net/N7175/adj/fdc.forbes/article;id=blogandpostid/blog/post/1211-6161;channel=business;section=business:energy;channel=tech;section=tech:greentech;section=tech:humaningenuity;section=tech:innovation&science;section=business:logistics&transportation;contrib=williampentland;pos=prorail;sz=300x250;tile=7;u=;ord=402428261?	Request(default/blk_blacklists_ads/-) - GET REDIRECT
15.07.2013 08:58:51	192.168.100.100/-	http://ad.doubleclick.net/N7175/adj/fdc.forbes/article;id=blogandpostid/blog/post/1211-6161;channel=business;section=business:energy;channel=tech;section=tech:greentech;section=tech:humaningenuity;section=tech:innovation&science;section=business:logistics&transportation;contrib=williampentland;pos=railrec;sz=300x250,300x600,336x850,336x280;tile=6;u=;ord=402428261?	Request(default/blk_blacklists_ads/-) - GET REDIRECT
15.07.2013 08:58:51	192.168.100.100/-	http://ad.doubleclick.net/N7175/adj/fdc.forbes/article;id=blogandpostid/blog/post/1211-6161;channel=business;section=business:energy;channel=tech;section=tech:greentech;section=tech:humaningenuity;section=tech:innovation&science;section=business:logistics&transportation;contrib=williampentland;rb=yes;pos=rec;sz=300x250,300x600,336x850,336x280;tile=5;u=;ord=402428261?	Request(default/blk_blacklists_ads/-) - GET REDIRECT
15.07.2013 08:58:51	192.168.100.100/-	http://ad.doubleclick.net/N7175/adj/fdc.forbes/article;id=blogandpostid/blog/post/1211-6161;channel=business;section=business:energy;channel=tech;section=tech:greentech;section=tech:humaningenuity;section=tech:innovation&science;section=business:logistics&transportation;contrib=williampentland;pos=sharevid;sz=620x529,336x280,300x250;tile=4;u=;ord=402428261?	Request(default/blk_blacklists_ads/-) - GET REDIRECT
15.07.2013 08:58:51	192.168.100.100/-	http://ad.doubleclick.net/N7175/adj/fdc.forbes/article;id=blogandpostid/blog/post/1211-6161;channel=business;section=business:energy;channel=tech;section=tech:greentech;section=tech:humaningenuity;section=tech:innovation&science;section=business:logistics&transportation;contrib=williampentland;pos=moreon;sz=620x529,336x280,300x250;tile=3;u=;ord=402428261?	Request(default/blk_blacklists_ads/-) - GET REDIRECT
15.07.2013 08:58:51	192.168.100.100/-	http://ad.doubleclick.net/N7175/adj/fdc.forbes/article;id=blogandpostid/blog/post/1211-6161;channel=business;section=business:energy;channel=tech;section=tech:greentech;section=tech:humaningenuity;section=tech:innovation&science;section=business:logistics&transportation;contrib=williampentland;rb=yes;pos=logo;sz=120x40;tile=2;u=;ord=402428261?	Request(default/blk_blacklists_ads/-) - GET REDIRECT
15.07.2013 08:58:51	192.168.100.100/-	http://contextual.media.net/dmedianet.js?cid=8CU2T3HV4	Request(default/blk_blacklists_spyware/-) - GET REDIRECT
15.07.2013 08:58:51	192.168.100.100/-	http://js.moatads.com/2be987/moatheader.js	Request(default/blk_blacklists_spyware/-) - GET REDIRECT
15.07.2013 08:58:51	192.168.100.100/-	http://cdn.krxd.net/controltag?confid=Hm5iiZ1t	Request(default/blk_blacklists_ads/-) - GET REDIRECT
15.07.2013 08:58:51	192.168.100.100/-	http://ad.doubleclick.net/N7175/adj/fdc.forbes/article;id=blogandpostid/blog/post/1211-6161;channel=business;section=business:energy;channel=tech;section=tech:greentech;section=tech:humaningenuity;section=tech:innovation&science;section=business:logistics&transportation;contrib=williampentland;rb=yes;pos=top;sz=728x90,970x66,970x250,980x200;tile=1;u=;ord=402428261?	Request(default/blk_blacklists_ads/-) - GET REDIRECT
15.07.2013 08:58:51	192.168.100.100/-	http://sc-forbes.forbes.com/b/ss/forbescom/1/H.22.1/s25366109091243?AQB=1&ndh=1&t=15/6/2013%208:59:0%201%20300&ce=UTF-8&pageName=sites:williampentland:2013:07:09:worlds-15-most-inventive-cities&g=http://www.forbes.com/sites/williampentland/2013/07/09/worlds-15-most-inventive-cities/&r=http://www.forbes.com/fdc/welcome_mjx.shtml&cc=USD&ch=business:williampentlandblog&server=www&h1=business:williampentlandblog&c31=William%20Pentland&c37=business&c38=www&s=1440x900&c=24&j=1.7&v=N&k=Y&bw=1440&bh=761&p=Shockwave%20Flash;QuickTime%20Plug-in%207.7.1;Google%20Talk%20Plugin;Google%20Talk%20Plugin%20Video%20Renderer;Google%20Talk%20Plugin%20Video%20Accelerator;SharePoint%20Browser%20Plug-in;Citrix%20Online%20Web%20Deployment%20Plugin%201.0.0.105;Flip4Mac%20Windows%20Media%20Plugin;AmazonMP3DownloaderPlugin;iPhotoPhotocast;&AQE=1	Request(default/blk_blacklists_spyware/-) - GET REDIRECT
      1 Reply Last reply Reply Quote 0
      • First post
        Last post