3. Squid3+Squidgard restore problem

Squid3+Squidgard restore problem

  • I

    Hi
    I'm restoring my Pfsense server 2.0.3 from backup.
    After the restore process everything work except SquidGard service is not starting.
    Whit this error
    php: /pkg_edit.php: The command '/usr/local/sbin/squid -k reconfigure -f /usr/local/etc/squid/squid.conf' returned exit code '1', the output was 'FATAL: Bungled squid.conf line 4: http_port 127.0.0.1:3128 intercept Squid Cache (Version 2.7.STABLE9): Terminated abnormally.'

    I have reinstall and install multiple times the packages but the problem remain.

    PLS HELP!!!

    my proxy config

    This file is automatically generated by pfSense

    Do not edit manually !

    http_port 192.168.50.40:3128
    http_port 127.0.0.1:3128 intercept
    icp_port 7
    dns_v4_first off
    pid_filename /var/run/squid.pid
    cache_effective_user proxy
    cache_effective_group proxy
    error_default_language bg
    icon_directory /usr/local/etc/squid/icons
    visible_hostname
    cache_mgr
    access_log /var/squid/logs/access.log
    cache_log /var/squid/logs/cache.log
    cache_store_log none
    sslcrtd_children 0
    logfile_rotate 3
    shutdown_lifetime 3 seconds

    Allow local network(s) on interface(s)

    acl localnet src  192.168.50.0/24
    httpd_suppress_version_string on
    uri_whitespace strip

    acl dynamic urlpath_regex cgi-bin ?
    cache deny dynamic
    cache_mem 800 MB
    maximum_object_size_in_memory 64 KB
    memory_replacement_policy heap GDSF
    cache_replacement_policy heap LFUDA
    cache_dir aufs /var/squid/cache 50000 64 256
    minimum_object_size 0 KB
    maximum_object_size 32 KB
    offline_mode offcache_swap_low 90
    cache_swap_high 95
    acl donotcache dstdomain '/var/squid/acl/donotcache.acl'
    cache deny donotcache

    No redirector configured

    #Remote proxies

    Setup some default acls

    acl allsrc src all
    acl localhost src 127.0.0.1/32
    acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 1234 3128 1025-65535
    acl sslports port 443 563 1234
    acl manager proto cache_object
    acl purge method PURGE
    acl connect method CONNECT

    Define protocols used for redirects

    acl HTTP proto HTTP
    acl HTTPS proto HTTPS

    http_access allow manager localhost

    http_access deny manager
    http_access allow purge localhost
    http_access deny purge
    http_access deny !safeports
    http_access deny CONNECT !sslports

    Always allow localhost connections

    http_access allow localhost

    quick_abort_min 0 KB
    quick_abort_max 0 KB
    request_body_max_size 0 KB
    delay_pools 1
    delay_class 1 2
    delay_parameters 1 -1/-1 1048576/1048576
    delay_initial_bucket_level 100

    Throttle extensions matched in the url

    acl throttle_exts urlpath_regex -i '/var/squid/acl/throttle_exts.acl'
    delay_access 1 allow throttle_exts
    delay_access 1 deny allsrc

    Reverse Proxy settings

    Package Integration

    redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf
    redirector_bypass off
    url_rewrite_children 5

    Custom options

    Setup allowed acls

    Allow local network(s) on interface(s)

    http_access allow localnet

    Default block all to be sure

    http_access deny allsrc

    and filter config

    ============================================================

    SquidGuard configuration file

    This file generated automaticly with SquidGuard configurator

    (C)2006 Serg Dvoriancev

    email: dv_serg@mail.ru

    ============================================================

    logdir /var/squidGuard/log
    dbhome /var/db/squidGuard

    admin

    src admin {
    ip     192.168.50.55
    ip     192.168.50.245
    ip     192.168.50.243
    ip     192.168.50.238
    ip     192.168.50.106
    ip     192.168.50.207
    log block.log
    }

    #=/=/ =/=/=/=/=/=/=/=/=/=/=/=/

    torrent

    dest torrents {
    domainlist torrents/domains
    expressionlist torrents/expressions
    }

    rew safesearch {
    s@(google../search?.q=.)@&safe=active@i
    s@(google..    /images.q=.)@&safe=active@i
    s@(google../groups.q=.)@&safe=active@i
    s@(google..    /news.q=.)@&safe=active@i
    s@(yandex../yandsearch?.text=.)@&fyandex=1@i
    s@(search.yahoo..    /search.p=.)@&vm=r&v=1@i
    s@(search.live../.q=.)@&adlt=strict@i
    s@(search.msn..    /.q=.)@&adlt=strict@i
    s@(.bing..*/.q=.)@&adlt=strict@i
    log block.log
    }

    acl  {

    admin

    admin  {
    pass facebook fun torrents all
    redirect http://192.168.50.1/sgerror.php?url=403 &a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
    log block.log
    }

    default  {
    pass !facebook !fun !torrents !blk_BL_aggressive !blk_BL_alcohol !blk_BL_anonvpn !blk_BL_dating !blk_BL_downloads !blk_BL_drugs !blk_BL_gamble !blk_BL_hacking !blk_BL_hobby_games-misc !blk_BL_hobby_games-online !blk_BL_porn !blk_BL_spyware !blk_BL_warez !blk_BL_weapons !blk_BL_webtv all
    redirect http://192.168.50.1/error.php?&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
    log block.log
    }
    }

    0
  • I

    ok I solve it.
    I delete /usr/local/bin/squid and reinstall the package. NOW it's WORKING.

    0

  • The error was showing squid2 instead of squid3.
    That's why it's was not working.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy