Squid3-dev problems



  • Hi, I'm running pfsense 2.1.5-RELEASE (i386) and installed the squid3-dev package (squid 3.3.10 pkg 2.2.8 ). This is the only squid package I've installed that doesn't seem to work no matter what I try. If I load a http site, it says the server can't be found, but https sites load fine. the squid2 and squid 3 packages worked in transparent mode, but squid3-dev doesn't. I mainly wanted this package because of the https filtering. Like the other squid versions that worked, I added my subnet to the ACL and have authentication turned off, and the proxy interface listening on the LAN and the transparent proxy interface on the LAN.

    Are other configurations needed that I missed?

    EDIT: If anyone even thinks of something small that might help please mention it. I'm still stumped. I don't get any errors when I run it from command line. Are there any other ways to trouble shoot what's happening?

    EDIT 2: Just did a clean install of 64-bit pfsense because another forum suggested running 32-bit pfsense on a 64-bit enabled processor sometimes caused problems. Now running  2.1.5-RELEASE (amd64). Same problems, nothing has changed. Still looking for help.



  • I do only use squid3-dev with no issues.

    what you get with squid -k parse or on cache.log?



  • Thanks for replying! Here's the output for those commands:

    squid -k parse:

    2014/12/16 11:35:42| Startup: Initializing Authentication Schemes ...
    2014/12/16 11:35:42| Startup: Initialized Authentication Scheme 'basic'
    2014/12/16 11:35:42| Startup: Initialized Authentication Scheme 'digest'
    2014/12/16 11:35:42| Startup: Initialized Authentication Scheme 'negotiate'
    2014/12/16 11:35:42| Startup: Initialized Authentication Scheme 'ntlm'
    2014/12/16 11:35:42| Startup: Initialized Authentication.
    2014/12/16 11:35:42| Processing Configuration File: /usr/pbi/squid-amd64/etc/squid/squid.conf (depth 0)
    2014/12/16 11:35:42| Processing: http_port 192.168.5.1:3128
    2014/12/16 11:35:42| Processing: icp_port 0
    2014/12/16 11:35:42| Processing: dns_v4_first off
    2014/12/16 11:35:42| Processing: pid_filename /var/run/squid.pid
    2014/12/16 11:35:42| Processing: cache_effective_user proxy
    2014/12/16 11:35:42| Processing: cache_effective_group proxy
    2014/12/16 11:35:42| Processing: error_default_language en-ca
    2014/12/16 11:35:42| Processing: icon_directory /usr/pbi/squid-amd64/etc/squid/icons
    2014/12/16 11:35:42| Processing: visible_hostname localhost
    2014/12/16 11:35:42| Processing: cache_mgr admin@localhost
    2014/12/16 11:35:42| Processing: access_log /var/squid/logs/access.log
    2014/12/16 11:35:42| Processing: cache_log /var/squid/logs/cache.log
    2014/12/16 11:35:42| Processing: cache_store_log none
    2014/12/16 11:35:42| Processing: netdb_filename /var/squid/logs/netdb.state
    2014/12/16 11:35:42| Processing: pinger_enable on
    2014/12/16 11:35:42| Processing: pinger_program /usr/pbi/squid-amd64/libexec/squid/pinger
    2014/12/16 11:35:42| Processing: logfile_rotate 14
    2014/12/16 11:35:42| Processing: debug_options rotate=14
    2014/12/16 11:35:42| Processing: shutdown_lifetime 3 seconds
    2014/12/16 11:35:42| Processing: acl localnet src  192.168.5.0/24
    2014/12/16 11:35:42| Processing: forwarded_for off
    2014/12/16 11:35:42| Processing: via off
    2014/12/16 11:35:42| Processing: uri_whitespace strip
    2014/12/16 11:35:42| Processing: acl dynamic urlpath_regex cgi-bin \?
    2014/12/16 11:35:42| Processing: cache deny dynamic
    2014/12/16 11:35:42| Processing: cache_mem 8 MB
    2014/12/16 11:35:42| Processing: maximum_object_size_in_memory 32 KB
    2014/12/16 11:35:42| Processing: memory_replacement_policy heap GDSF
    2014/12/16 11:35:42| Processing: cache_replacement_policy heap LFUDA
    2014/12/16 11:35:42| Processing: cache_dir ufs /var/squid/cache 2000 16 256
    2014/12/16 11:35:42| Processing: minimum_object_size 0 KB
    2014/12/16 11:35:42| Processing: maximum_object_size 4 KB
    2014/12/16 11:35:42| Processing: offline_mode off
    2014/12/16 11:35:42| Processing: cache_swap_low 90
    2014/12/16 11:35:42| Processing: cache_swap_high 95
    2014/12/16 11:35:42| Processing: cache allow all
    2014/12/16 11:35:42| Processing: acl allsrc src all
    2014/12/16 11:35:42| Processing: acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128 3127 1025-65535
    2014/12/16 11:35:42| Processing: acl sslports port 443 563
    2014/12/16 11:35:42| Processing: acl purge method PURGE
    2014/12/16 11:35:42| Processing: acl connect method CONNECT
    2014/12/16 11:35:42| Processing: acl HTTP proto HTTP
    2014/12/16 11:35:42| Processing: acl HTTPS proto HTTPS
    2014/12/16 11:35:42| Processing: acl allowed_subnets src 192.168.5.0/24
    2014/12/16 11:35:42| Processing: http_access allow manager localhost
    2014/12/16 11:35:42| Processing: http_access deny manager
    2014/12/16 11:35:42| Processing: http_access allow purge localhost
    2014/12/16 11:35:42| Processing: http_access deny purge
    2014/12/16 11:35:42| Processing: http_access deny !safeports
    2014/12/16 11:35:42| Processing: http_access deny CONNECT !sslports
    2014/12/16 11:35:42| Processing: request_body_max_size 0 KB
    2014/12/16 11:35:42| Processing: delay_pools 1
    2014/12/16 11:35:42| Processing: delay_class 1 2
    2014/12/16 11:35:42| Processing: delay_parameters 1 -1/-1 -1/-1
    2014/12/16 11:35:42| Processing: delay_initial_bucket_level 100
    2014/12/16 11:35:42| Processing: delay_access 1 allow allsrc
    2014/12/16 11:35:42| Processing: http_access allow allowed_subnets
    2014/12/16 11:35:42| Processing: http_access allow localnet
    2014/12/16 11:35:42| Processing: http_access deny allsrc
    2014/12/16 11:35:42| WARNING: HTTP requires the use of Via
    2014/12/16 11:35:42| Initializing https proxy context 
    

    cat /var/squid/logs/cache.log

    2014/12/16 11:40:13 kid1| Starting Squid Cache version 3.3.10 for amd64-portbld-freebsd8.3...
    2014/12/16 11:40:13 kid1|  parse error while reading template file: /usr/pbi/squid-amd64/etc/squid/errors/en-ca/error-details.txt
    2014/12/16 11:40:13 kid1| Unable to load default error language files. Reset to backups.
    2014/12/16 11:40:13 kid1|  parse error while reading template file: /usr/pbi/squid-amd64/etc/squid/errors/templates/error-details.txt
    2014/12/16 11:40:13 kid1| WARNING: failed to find or read error text file error-details.txt
    2014/12/16 11:40:13 kid1| sendto FD 26: (1) Operation not permitted
    2014/12/16 11:40:13 kid1| ipcCreate: CHILD: hello write test failed
    

    EDIT: Formatting output to use code tags.



  • I have no Problem.. but nothing cache..

    this my squid -k parse

    
    2014/12/17 00:57:38| Startup: Initializing Authentication Schemes ...
    2014/12/17 00:57:38| Startup: Initialized Authentication Scheme 'basic'
    2014/12/17 00:57:38| Startup: Initialized Authentication Scheme 'digest'
    2014/12/17 00:57:38| Startup: Initialized Authentication Scheme 'negotiate'
    2014/12/17 00:57:38| Startup: Initialized Authentication Scheme 'ntlm'
    2014/12/17 00:57:38| Startup: Initialized Authentication.
    2014/12/17 00:57:38| Processing Configuration File: /usr/pbi/squid-amd64/etc/squid/squid.conf (depth 0)
    2014/12/17 00:57:38| Processing: http_port 192.168.1.1:3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=10MB cert=/usr/pbi/squid-amd64/etc/squid/serverkey.pem capath=/usr/pbi/squid-amd64/share/certs/
    2014/12/17 00:57:38| Processing: http_port 127.0.0.1:3128 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=10MB cert=/usr/pbi/squid-amd64/etc/squid/serverkey.pem capath=/usr/pbi/squid-amd64/share/certs/
    2014/12/17 00:57:38| Starting Authentication on port 127.0.0.1:3128
    2014/12/17 00:57:38| Disabling Authentication on port 127.0.0.1:3128 (interception enabled)
    2014/12/17 00:57:38| Disabling IPv6 on port 127.0.0.1:3128 (interception enabled)
    2014/12/17 00:57:38| Processing: https_port 127.0.0.1:3129 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=10MB cert=/usr/pbi/squid-amd64/etc/squid/serverkey.pem capath=/usr/pbi/squid-amd64/share/certs/
    2014/12/17 00:57:38| Starting Authentication on port 127.0.0.1:3129
    2014/12/17 00:57:38| Disabling Authentication on port 127.0.0.1:3129 (interception enabled)
    2014/12/17 00:57:38| Disabling IPv6 on port 127.0.0.1:3129 (interception enabled)
    2014/12/17 00:57:38| Processing: icp_port 0
    2014/12/17 00:57:38| Processing: dns_v4_first on
    2014/12/17 00:57:38| Processing: pid_filename /var/run/squid.pid
    2014/12/17 00:57:38| Processing: cache_effective_user proxy
    2014/12/17 00:57:38| Processing: cache_effective_group proxy
    2014/12/17 00:57:38| Processing: error_default_language en
    2014/12/17 00:57:38| Processing: icon_directory /usr/pbi/squid-amd64/etc/squid/icons
    2014/12/17 00:57:38| Processing: visible_hostname localhost
    2014/12/17 00:57:38| Processing: cache_mgr admin@localhost
    2014/12/17 00:57:38| Processing: access_log /var/squid/logs/access.log
    2014/12/17 00:57:38| Processing: cache_log /var/squid/logs/cache.log
    2014/12/17 00:57:38| Processing: cache_store_log none
    2014/12/17 00:57:38| Processing: netdb_filename /var/squid/logs/netdb.state
    2014/12/17 00:57:38| Processing: pinger_enable on
    2014/12/17 00:57:38| Processing: pinger_program /usr/pbi/squid-amd64/libexec/squid/pinger
    2014/12/17 00:57:38| Processing: sslcrtd_program /usr/pbi/squid-amd64/libexec/squid/ssl_crtd -s /var/squid/lib/ssl_db -M 4MB -b 2048
    2014/12/17 00:57:38| Processing: sslcrtd_children 5
    2014/12/17 00:57:38| Processing: sslproxy_capath /usr/pbi/squid-amd64/share/certs/
    2014/12/17 00:57:38| Processing: sslproxy_cert_error allow all
    2014/12/17 00:57:38| Processing: sslproxy_flags DONT_VERIFY_PEER
    2014/12/17 00:57:38| Processing: logfile_rotate 90
    2014/12/17 00:57:38| Processing: debug_options rotate=90
    2014/12/17 00:57:38| Processing: shutdown_lifetime 3 seconds
    2014/12/17 00:57:38| Processing: acl localnet src  192.168.1.0/24
    2014/12/17 00:57:38| Processing: uri_whitespace strip
    2014/12/17 00:57:38| Processing: acl dynamic urlpath_regex cgi-bin \?
    2014/12/17 00:57:38| Processing: cache deny dynamic
    2014/12/17 00:57:38| Processing: cache_mem 256 MB
    2014/12/17 00:57:38| Processing: maximum_object_size_in_memory 128 KB
    2014/12/17 00:57:38| Processing: memory_replacement_policy lru
    2014/12/17 00:57:38| Processing: cache_replacement_policy heap LFUDA
    2014/12/17 00:57:38| Processing: cache_dir aufs /var/squid/cache 180000 16 256
    2014/12/17 00:57:38| Processing: minimum_object_size 1 KB
    2014/12/17 00:57:38| Processing: maximum_object_size 102400 KB
    2014/12/17 00:57:38| Processing: offline_mode off
    2014/12/17 00:57:38| Processing: cache_swap_low 90
    2014/12/17 00:57:38| Processing: cache_swap_high 95
    2014/12/17 00:57:38| Processing: cache allow all
    2014/12/17 00:57:38| Processing: acl allsrc src all
    2014/12/17 00:57:38| Processing: acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 81 3128 3127 1025-65535
    2014/12/17 00:57:38| Processing: acl sslports port 443 563 81
    2014/12/17 00:57:38| Processing: acl purge method PURGE
    2014/12/17 00:57:38| Processing: acl connect method CONNECT
    2014/12/17 00:57:38| Processing: acl HTTP proto HTTP
    2014/12/17 00:57:38| Processing: acl HTTPS proto HTTPS
    2014/12/17 00:57:38| Processing: acl allowed_subnets src 192.168.1.0/24
    2014/12/17 00:57:38| Processing: http_access allow manager localhost
    2014/12/17 00:57:38| Processing: http_access deny manager
    2014/12/17 00:57:38| Processing: http_access allow purge localhost
    2014/12/17 00:57:38| Processing: http_access deny purge
    2014/12/17 00:57:38| Processing: http_access deny !safeports
    2014/12/17 00:57:38| Processing: http_access deny CONNECT !sslports
    2014/12/17 00:57:38| Processing: quick_abort_min 0 KB
    2014/12/17 00:57:38| Processing: quick_abort_max 0 KB
    2014/12/17 00:57:38| Processing: request_body_max_size 0 KB
    2014/12/17 00:57:38| Processing: delay_pools 1
    2014/12/17 00:57:38| Processing: delay_class 1 2
    2014/12/17 00:57:38| Processing: delay_parameters 1 -1/-1 -1/-1
    2014/12/17 00:57:38| Processing: delay_initial_bucket_level 100
    2014/12/17 00:57:38| Processing: delay_access 1 allow allsrc
    2014/12/17 00:57:38| Processing: always_direct allow all
    2014/12/17 00:57:38| Processing: ssl_bump server-first all
    2014/12/17 00:57:38| Processing: http_access allow allowed_subnets
    2014/12/17 00:57:38| Processing: http_access allow localnet
    2014/12/17 00:57:38| Processing: http_access deny allsrc
    2014/12/17 00:57:38| Initializing https proxy context
    2014/12/17 00:57:38| Initializing http_port 192.168.1.1:3128 SSL context
    2014/12/17 00:57:38| Using certificate in /usr/pbi/squid-amd64/etc/squid/serverkey.pem
    2014/12/17 00:57:38| Initializing http_port 127.0.0.1:3128 SSL context
    2014/12/17 00:57:38| Using certificate in /usr/pbi/squid-amd64/etc/squid/serverkey.pem
    2014/12/17 00:57:38| Initializing https_port 127.0.0.1:3129 SSL context
    2014/12/17 00:57:38| Using certificate in /usr/pbi/squid-amd64/etc/squid/serverkey.pem
    
    


  • Nearly a month later, I'm still having problems getting it to work. Any suggestions at all?



  • Read again cache.log.  All you need to fix is there.


Log in to reply