Squid+squidGuard: web pages are timing out, they load after refreshing

  • Hey guys,

    For the past couple of days, browsing has been painful. When anyone tries to access any website it keeps loading till time out, but it works after refreshing the page.

    I've tried to disable/enable cache, no solution.
    I'm currently using pfSense2.1 + squid + squidGuard + NTLM (Active Directory authentication). The max amount of users during the day is about 75.

    My firewall contains only the default rules, I'm using pfSense only for filtering pages.

    My custom options are:

    acl windowsupdate dstdomain windowsupdate.microsoft.com;
    acl windowsupdate dstdomain .update.microsoft.com;
    acl windowsupdate dstdomain download.windowsupdate.com;
    acl windowsupdate dstdomain redir.metaservices.microsoft.com;
    acl windowsupdate dstdomain images.metaservices.microsoft.com;
    acl windowsupdate dstdomain c.microsoft.com;
    acl windowsupdate dstdomain www.download.windowsupdate.com;
    acl windowsupdate dstdomain wustat.windows.com;
    acl windowsupdate dstdomain crl.microsoft.com;
    acl windowsupdate dstdomain sls.microsoft.com;
    acl windowsupdate dstdomain productactivation.one.microsoft.com;
    acl windowsupdate dstdomain ntservicepack.microsoft.com;
    acl CONNECT method CONNECT;
    acl wuCONNECT dstdomain www.update.microsoft.com;
    acl wuCONNECT dstdomain sls.microsoft.com;
    http_access allow CONNECT wuCONNECT localnet;
    http_access allow windowsupdate localnet;
    acl java_app browser Java/1.4 Java/1.5 Java/1.6 Java/1.7;
    http_access allow java_app;
    acl java_vm browser regexp -i Java;
    acl java urlpath_regex -i \.class$ \.jar; 
    http_access allow java;http_access allow java_vm;
    acl_uses_indirect_client on;
    follow_x_forwarded_for allow localhost;
    auth_param ntlm program /usr/local/bin/ntlm_auth --use-cached-creds --helper-protocol=squid-2.5-ntlmssp;
    auth_param ntlm children 10;
    auth_param ntlm keep_alive on;
    acl password proxy_auth REQUIRED;
    http_access allow password;
    redirect_program /usr/pbi/squidguard-i386/bin/squidGuard -c /usr/pbi/squidguard-i386/etc/squidGuard/squidGuard.conf;
    redirector_bypass off;
    url_rewrite_children 5

    Any suggestions?

    Thanks in advance.

Log in to reply