Squid3-dev ICAP Protocol Error on 32-bit
-
It is possible to fix it, or it really nonremovable error in 2.1.5 x64 in ICAP?
Unfortunatelly no. the icap error are related to freebsd 8.x and icap, not pfsense itself. the same compile args and config options works fine on freebsd 8.x 32bit version.
An workaround for pfsense 2.1.x 64bits if you are not using ssl interception is to use clamav on dansguardian ou havp.
-
I am receiving ICAP errors with squid3 on amd64 pfSense 2.2 but only on http sites. I think I must have something misconfigured because HTTPS is fine. How does one use HAVP with squid, I feel like I have too many redundant proxies with HAVP and Dansguardian.
-
I was having a similar problem until I saw this: https://forum.pfsense.org/index.php?topic=87424.msg480232#msg480232
fresh 2.2 install
Install squid3
…
chech squid tabs, save, fix config options pointed by gui alerts
On antivirus tab, save config twice as first time it will load sample files and second check config options.
via console wait (repeating ps ax | grep -i fresclam or tail -f /var/log/clamav/freshclam.log) clamav database first slow update
enable transparent mode(do not select loopback on any squid option)
stop and start squid via gui to force c-icap to restart too after first freshclam.
…Edited original post to describe my steps. The key part is the "save twice" on the AV tab. Fix the problems presented, each has its solution right in the message. I am now able to browse HTTP sites without the ICAP errors.
-
$ repeating ps ax | grep -i freshclam or tail -f /var/log/clamav/freshclam.log grep: freshclam: No such file or directory grep: or: No such file or directory grep: tail: No such file or directoryFor some reason I can't freshclam
-
$ repeating ps ax | grep -i freshclam or tail -f /var/log/clamav/freshclam.logThis line means
repeat this cmd on console every 30 seconds for example
ps ax | grep -i freshclamor this one once
tail -f /var/log/clamav/freshclam.log -
I think I just typed "freshclam" (without quotes) to update, as marcelloc says the other commands are to show the status of freshclam, not to execute it.
-
HI, Guys
I got errors:
ERROR
The requested URL could not be retrievedThe following error was encountered while trying to retrieve the URL: http://www.google.ca
Connection to 127.0.0.1 failed.
The system returned: (60) Operation timed out
The remote host or network may be down. Please try the request again.
Your cache administrator is admin@localhost.
ERROR
The requested URL could not be retrievedThe following error was encountered while trying to retrieve the URL: http://www.dslreports.com/forum/rogers
Unable to forward this request at this time.
This request could not be forwarded to the origin server or to any parent caches.
Some possible problems are:
An Internet connection needed to access this domains origin servers may be down.
All configured parent caches may be currently unreachable.
The administrator may not allow this cache to make direct connections to origin servers.Your cache administrator is admin@localhost.
I only installed snort, pfBlokerNG, and squid3, for Squid3, all the settings were setup by default, changed squid.inc, changed anti-virus configs, and execute freshclam, but I got above odd errors, can't surf internet unless turn off the transparent HTTP proxy.
What am I doing wrong?
-
Olá,
Caso alguém ainda esteja com problemas. Segue abaixo como funcionou em minha rede:
Pfsense 2.2.3 + Squid3 0.2.8 + SquidGuard 1.9.14 + i-cap/clamav
Defina em squidclamav.conf:
redirect http://IP_SEU_SERVIDOR/squid_clwarn.php
Para o caso de possuir SquidGuard, descomente a linha:
squidguard /usr/local/squidGuard/bin/squidGuard
Adicione em i-cap.conf:
Service squid_clamav squidclamav.so
Apague essa linha de i-cap.conf(Mesmo que esteja comentada):
ldap://cn=Directory Manager:Apassword@ldap.chtsanti.net?o=chtsanti?mermberUid?(&(objectClass=posixGroup)(cn=%s))
Pra mim está funcionando ok.
I hope it helps someone. ;D
-
Just add domain in Whitelist with http and you`r issue will solve.
-
@mit the path is /usr/local/pkg/squid_antivirus.inc not squid.inc for latest pfsense 2.6 squid 0.4.45_9