SquidGuard Bug

pablomoretto

Hi Every body

I´m having some problems after implementation of PfSense with some client´s with elevate number of users.(50 users or more).

basically the service of squidGUard is affected, integrated with AD.

The problem is that:
SquidGuard is working properly, but in some times it stop work.
I think is that problem have a relation with comunication in AD.

If I turn off the SquidGuard, the navigation go back work.
After hours I start again the SquidGuard and all return to work again.

Installed Packages:
pfsense 2.1.3
squid 2.7.79 pkg v4.3.4
squidGuard v1.4_4 pkg v1.9.6

Log´s of squidGuard:
Log: /var/squidGuard/log/squidGuard.log
2014-06-30 12:09:08 [45965] (squidGuard): ldap_search_ext_s failed: Can't contact LDAP server (params: DC=MyDomain,DC=local, 2, (&(sAMAccountName=pablo)(memberOf=CN=INTERNET,OU=Group,DC=MyDomain,DC=local)), sAMAccountName)
2014-06-30 12:09:08 [45965] Added LDAP source: pablo
2014-06-30 12:09:12 [62503] squidGuard 1.4 started (1404140943.222)
2014-06-30 12:09:12 [62503] Info: recalculating alarm in 1248 seconds
2014-06-30 12:09:12 [62503] squidGuard ready for requests (1404140952.528)
2014-06-30 12:09:12 [62382] squidGuard 1.4 started (1404140943.058)
2014-06-30 12:09:12 [62382] Info: recalculating alarm in 1248 seconds
2014-06-30 12:09:12 [62382] squidGuard ready for requests (1404140952.917)
2014-06-30 12:09:13 [62097] squidGuard 1.4 started (1404140942.953)
2014-06-30 12:09:13 [62097] Info: recalculating alarm in 1247 seconds
2014-06-30 12:09:13 [62097] squidGuard ready for requests (1404140953.494)
2014-06-30 12:09:13 [62063] squidGuard 1.4 started (1404140942.952)
2014-06-30 12:09:13 [62292] squidGuard 1.4 started (1404140943.005)
2014-06-30 12:09:13 [62063] Info: recalculating alarm in 1247 seconds
2014-06-30 12:09:13 [62292] Info: recalculating alarm in 1247 seconds
2014-06-30 12:09:13 [62292] squidGuard ready for requests (1404140953.940)
2014-06-30 12:09:13 [62063] squidGuard ready for requests (1404140953.940)
2014-06-30 12:09:52 [25959] squidGuard 1.4 started (1404140990.794)
2014-06-30 12:09:52 [25959] Info: recalculating alarm in 1208 seconds
2014-06-30 12:09:52 [25959] squidGuard ready for requests (1404140992.926)
2014-06-30 12:09:52 [26449] squidGuard 1.4 started (1404140991.071)
2014-06-30 12:09:52 [26449] Info: recalculating alarm in 1208 seconds
2014-06-30 12:09:52 [26449] squidGuard ready for requests (1404140992.983)
2014-06-30 12:09:52 [25934] squidGuard 1.4 started (1404140990.774)
2014-06-30 12:09:52 [25934] Info: recalculating alarm in 1208 seconds
2014-06-30 12:09:52 [25934] squidGuard ready for requests (1404140992.988)
2014-06-30 12:09:52 [26174] squidGuard 1.4 started (1404140991.010)
2014-06-30 12:09:52 [26174] Info: recalculating alarm in 1208 seconds
2014-06-30 12:09:52 [26174] squidGuard ready for requests (1404140993.005)
2014-06-30 12:09:53 [26101] squidGuard 1.4 started (1404140990.773)
2014-06-30 12:09:53 [26101] Info: recalculating alarm in 1207 seconds
2014-06-30 12:09:53 [26101] squidGuard ready for requests (1404140993.320)
2014-06-30 12:10:18 [45917] (squidGuard): ldap_simple_bind_s failed: Can't contact LDAP server
2014-06-30 12:10:18 [45917] Added LDAP source: pablo
2014-06-30 12:10:18 [46319] (squidGuard): ldap_simple_bind_s failed: Can't contact LDAP server
2014-06-30 12:10:18 [46115] (squidGuard): ldap_simple_bind_s failed: Can't contact LDAP server
2014-06-30 12:10:18 [46319] Added LDAP source: pablo
2014-06-30 12:10:18 [46115] Added LDAP source: pablo
2014-06-30 12:10:18 [46651] (squidGuard): ldap_simple_bind_s failed: Can't contact LDAP server
2014-06-30 12:10:18 [46651] Added LDAP source: pablo
2014-06-30 12:10:34 [45965] (squidGuard): ldap_simple_bind_s failed: Can't contact LDAP server
2014-06-30 12:10:34 [45965] Added LDAP source: pablo

rjcrowder

I'm not sure why you think this is a Squidguard bug. Have you validated that there are no issues talking to the LDAP server at the time the outages occur? Couldn't this be LDAP server or network related?

pablomoretto

LDAP server it is OK.

I am trying use a parameter "ldapcachetime" in squidGuard.conf.
I am thinking this problem are occurring because exist a large base of users authenticating simultaneously .

atilacastro

Anybody found a solution to this issue?
Thanks