Squid on 2.1 amd64 not working or I'm retarded



  • Hi,

    not the first time I install squid on pfsense. First time it fails, however.

    I have an Atom appliance here with freshly installed 4g nanobsd pfsense 2.1 and I tried with the squid 2 and squid 3 package. I basically install the package, wait for it to finish, then go to "proxy server" in the gui, enable the server, select my LAN port, give squid a port to listen to  (tried 8228 and 3128), allow users on interface is checked and for good measure I also entered my subnet into the allowed subnets under ACL (tried without, too). Save everything.

    I set up a browser to use the proxy, nothing loads. I try telnet <ip of="" proxy=""><3128/8228> and I don't get a telnet connect (not sure if this will work anyway).

    I also completely uninstalled and reinstalled the squid package (both squid2 and 3)
    Did I forget anything?

    I will have to turn on logs for squid - is there any path to have them go to ram (I only have a 4gb cf card in this pfsense box).

    Sorry for the noobish approach here, but I think there's a problem at the very start of all of this.

    Thanks!</ip>



  • Hi,

    not sure if squid works nanobsd so please try to change disk cache from (a)ufs to "null" to disable caching on HDD/CF.

    Then make sure - for testing - you set an "any to any" firewall rule on your LAN interface - for testing.
    Then you can try with "transparent proxy" first an check if browsing the web using http websites will work.
    If it works you can disable "transparent proxy" and add the proxy to your browser and test again.

    Further you should enable logging on the firewall rule which loggs the packets from your client to pfsense/proxy/WAN



  • Hi,

    I think I forgot the firewall rule  ::)  :o

    Anyway, for some reason squidguard will not start, it keeps being "stopped". When I completely uninstall squid and squidguard, reboot, then install again, all my old settings are still there.

    How can I delete all settings from squid so I can start over with installing and configuring? /usr/local/pkg had no squid related files I could see…

    thanks again!



  • On squid3 squidguard only starts when needed. If there are no connections then squidguard is stopped.

    To delete config have a look at the backup config.xml and delete the squidguard part in the packages section.

    Or try:
    /conf/config.xml



  • Thanks a lot for your help so far. I installed another pfsense box today (also nanobsd but i386) and has similar problems. Got tired, installed pfsense full on a ssd that was supposed to go into the system anyway and voila, everything worked as a charm.

    Upon researching, I found out that the main problem with squidguard seems to be the blacklist - it's too large to fit into wherever (/var or /tmp) it is being copied, so it gets truncated and thus squidguard freaks out.

    I'll see if I can make these locations bigger, or I'll just write off the cf card as "not suitable for pfsense as a proxy" and use a small ssd.



  • As far as I know unser system - advanced there is the possibility to change these locations, isn't it? I am not sure at all.