Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid3-dev problems

    pfSense Packages
    3
    6
    1516
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pf12
      last edited by

      Hi, I'm running pfsense 2.1.5-RELEASE (i386) and installed the squid3-dev package (squid 3.3.10 pkg 2.2.8 ). This is the only squid package I've installed that doesn't seem to work no matter what I try. If I load a http site, it says the server can't be found, but https sites load fine. the squid2 and squid 3 packages worked in transparent mode, but squid3-dev doesn't. I mainly wanted this package because of the https filtering. Like the other squid versions that worked, I added my subnet to the ACL and have authentication turned off, and the proxy interface listening on the LAN and the transparent proxy interface on the LAN.

      Are other configurations needed that I missed?

      EDIT: If anyone even thinks of something small that might help please mention it. I'm still stumped. I don't get any errors when I run it from command line. Are there any other ways to trouble shoot what's happening?

      EDIT 2: Just did a clean install of 64-bit pfsense because another forum suggested running 32-bit pfsense on a 64-bit enabled processor sometimes caused problems. Now running  2.1.5-RELEASE (amd64). Same problems, nothing has changed. Still looking for help.

      1 Reply Last reply Reply Quote 0
      • marcellocM
        marcelloc
        last edited by

        I do only use squid3-dev with no issues.

        what you get with squid -k parse or on cache.log?

        Treinamentos de Elite: http://sys-squad.com

        Help a community developer! ;D

        1 Reply Last reply Reply Quote 0
        • P
          pf12
          last edited by

          Thanks for replying! Here's the output for those commands:

          squid -k parse:

          2014/12/16 11:35:42| Startup: Initializing Authentication Schemes ...
2014/12/16 11:35:42| Startup: Initialized Authentication Scheme 'basic'
2014/12/16 11:35:42| Startup: Initialized Authentication Scheme 'digest'
2014/12/16 11:35:42| Startup: Initialized Authentication Scheme 'negotiate'
2014/12/16 11:35:42| Startup: Initialized Authentication Scheme 'ntlm'
2014/12/16 11:35:42| Startup: Initialized Authentication.
2014/12/16 11:35:42| Processing Configuration File: /usr/pbi/squid-amd64/etc/squid/squid.conf (depth 0)
2014/12/16 11:35:42| Processing: http_port 192.168.5.1:3128
2014/12/16 11:35:42| Processing: icp_port 0
2014/12/16 11:35:42| Processing: dns_v4_first off
2014/12/16 11:35:42| Processing: pid_filename /var/run/squid.pid
2014/12/16 11:35:42| Processing: cache_effective_user proxy
2014/12/16 11:35:42| Processing: cache_effective_group proxy
2014/12/16 11:35:42| Processing: error_default_language en-ca
2014/12/16 11:35:42| Processing: icon_directory /usr/pbi/squid-amd64/etc/squid/icons
2014/12/16 11:35:42| Processing: visible_hostname localhost
2014/12/16 11:35:42| Processing: cache_mgr admin@localhost
2014/12/16 11:35:42| Processing: access_log /var/squid/logs/access.log
2014/12/16 11:35:42| Processing: cache_log /var/squid/logs/cache.log
2014/12/16 11:35:42| Processing: cache_store_log none
2014/12/16 11:35:42| Processing: netdb_filename /var/squid/logs/netdb.state
2014/12/16 11:35:42| Processing: pinger_enable on
2014/12/16 11:35:42| Processing: pinger_program /usr/pbi/squid-amd64/libexec/squid/pinger
2014/12/16 11:35:42| Processing: logfile_rotate 14
2014/12/16 11:35:42| Processing: debug_options rotate=14
2014/12/16 11:35:42| Processing: shutdown_lifetime 3 seconds
2014/12/16 11:35:42| Processing: acl localnet src  192.168.5.0/24
2014/12/16 11:35:42| Processing: forwarded_for off
2014/12/16 11:35:42| Processing: via off
2014/12/16 11:35:42| Processing: uri_whitespace strip
2014/12/16 11:35:42| Processing: acl dynamic urlpath_regex cgi-bin \?
2014/12/16 11:35:42| Processing: cache deny dynamic
2014/12/16 11:35:42| Processing: cache_mem 8 MB
2014/12/16 11:35:42| Processing: maximum_object_size_in_memory 32 KB
2014/12/16 11:35:42| Processing: memory_replacement_policy heap GDSF
2014/12/16 11:35:42| Processing: cache_replacement_policy heap LFUDA
2014/12/16 11:35:42| Processing: cache_dir ufs /var/squid/cache 2000 16 256
2014/12/16 11:35:42| Processing: minimum_object_size 0 KB
2014/12/16 11:35:42| Processing: maximum_object_size 4 KB
2014/12/16 11:35:42| Processing: offline_mode off
2014/12/16 11:35:42| Processing: cache_swap_low 90
2014/12/16 11:35:42| Processing: cache_swap_high 95
2014/12/16 11:35:42| Processing: cache allow all
2014/12/16 11:35:42| Processing: acl allsrc src all
2014/12/16 11:35:42| Processing: acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128 3127 1025-65535
2014/12/16 11:35:42| Processing: acl sslports port 443 563
2014/12/16 11:35:42| Processing: acl purge method PURGE
2014/12/16 11:35:42| Processing: acl connect method CONNECT
2014/12/16 11:35:42| Processing: acl HTTP proto HTTP
2014/12/16 11:35:42| Processing: acl HTTPS proto HTTPS
2014/12/16 11:35:42| Processing: acl allowed_subnets src 192.168.5.0/24
2014/12/16 11:35:42| Processing: http_access allow manager localhost
2014/12/16 11:35:42| Processing: http_access deny manager
2014/12/16 11:35:42| Processing: http_access allow purge localhost
2014/12/16 11:35:42| Processing: http_access deny purge
2014/12/16 11:35:42| Processing: http_access deny !safeports
2014/12/16 11:35:42| Processing: http_access deny CONNECT !sslports
2014/12/16 11:35:42| Processing: request_body_max_size 0 KB
2014/12/16 11:35:42| Processing: delay_pools 1
2014/12/16 11:35:42| Processing: delay_class 1 2
2014/12/16 11:35:42| Processing: delay_parameters 1 -1/-1 -1/-1
2014/12/16 11:35:42| Processing: delay_initial_bucket_level 100
2014/12/16 11:35:42| Processing: delay_access 1 allow allsrc
2014/12/16 11:35:42| Processing: http_access allow allowed_subnets
2014/12/16 11:35:42| Processing: http_access allow localnet
2014/12/16 11:35:42| Processing: http_access deny allsrc
2014/12/16 11:35:42| WARNING: HTTP requires the use of Via
2014/12/16 11:35:42| Initializing https proxy context

          cat /var/squid/logs/cache.log

          2014/12/16 11:40:13 kid1| Starting Squid Cache version 3.3.10 for amd64-portbld-freebsd8.3...
2014/12/16 11:40:13 kid1|  parse error while reading template file: /usr/pbi/squid-amd64/etc/squid/errors/en-ca/error-details.txt
2014/12/16 11:40:13 kid1| Unable to load default error language files. Reset to backups.
2014/12/16 11:40:13 kid1|  parse error while reading template file: /usr/pbi/squid-amd64/etc/squid/errors/templates/error-details.txt
2014/12/16 11:40:13 kid1| WARNING: failed to find or read error text file error-details.txt
2014/12/16 11:40:13 kid1| sendto FD 26: (1) Operation not permitted
2014/12/16 11:40:13 kid1| ipcCreate: CHILD: hello write test failed

          EDIT: Formatting output to use code tags.

          1 Reply Last reply Reply Quote 0
          • H
            hyundrax
            last edited by

            I have no Problem.. but nothing cache..

            this my squid -k parse

            
2014/12/17 00:57:38| Startup: Initializing Authentication Schemes ...
2014/12/17 00:57:38| Startup: Initialized Authentication Scheme 'basic'
2014/12/17 00:57:38| Startup: Initialized Authentication Scheme 'digest'
2014/12/17 00:57:38| Startup: Initialized Authentication Scheme 'negotiate'
2014/12/17 00:57:38| Startup: Initialized Authentication Scheme 'ntlm'
2014/12/17 00:57:38| Startup: Initialized Authentication.
2014/12/17 00:57:38| Processing Configuration File: /usr/pbi/squid-amd64/etc/squid/squid.conf (depth 0)
2014/12/17 00:57:38| Processing: http_port 192.168.1.1:3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=10MB cert=/usr/pbi/squid-amd64/etc/squid/serverkey.pem capath=/usr/pbi/squid-amd64/share/certs/
2014/12/17 00:57:38| Processing: http_port 127.0.0.1:3128 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=10MB cert=/usr/pbi/squid-amd64/etc/squid/serverkey.pem capath=/usr/pbi/squid-amd64/share/certs/
2014/12/17 00:57:38| Starting Authentication on port 127.0.0.1:3128
2014/12/17 00:57:38| Disabling Authentication on port 127.0.0.1:3128 (interception enabled)
2014/12/17 00:57:38| Disabling IPv6 on port 127.0.0.1:3128 (interception enabled)
2014/12/17 00:57:38| Processing: https_port 127.0.0.1:3129 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=10MB cert=/usr/pbi/squid-amd64/etc/squid/serverkey.pem capath=/usr/pbi/squid-amd64/share/certs/
2014/12/17 00:57:38| Starting Authentication on port 127.0.0.1:3129
2014/12/17 00:57:38| Disabling Authentication on port 127.0.0.1:3129 (interception enabled)
2014/12/17 00:57:38| Disabling IPv6 on port 127.0.0.1:3129 (interception enabled)
2014/12/17 00:57:38| Processing: icp_port 0
2014/12/17 00:57:38| Processing: dns_v4_first on
2014/12/17 00:57:38| Processing: pid_filename /var/run/squid.pid
2014/12/17 00:57:38| Processing: cache_effective_user proxy
2014/12/17 00:57:38| Processing: cache_effective_group proxy
2014/12/17 00:57:38| Processing: error_default_language en
2014/12/17 00:57:38| Processing: icon_directory /usr/pbi/squid-amd64/etc/squid/icons
2014/12/17 00:57:38| Processing: visible_hostname localhost
2014/12/17 00:57:38| Processing: cache_mgr admin@localhost
2014/12/17 00:57:38| Processing: access_log /var/squid/logs/access.log
2014/12/17 00:57:38| Processing: cache_log /var/squid/logs/cache.log
2014/12/17 00:57:38| Processing: cache_store_log none
2014/12/17 00:57:38| Processing: netdb_filename /var/squid/logs/netdb.state
2014/12/17 00:57:38| Processing: pinger_enable on
2014/12/17 00:57:38| Processing: pinger_program /usr/pbi/squid-amd64/libexec/squid/pinger
2014/12/17 00:57:38| Processing: sslcrtd_program /usr/pbi/squid-amd64/libexec/squid/ssl_crtd -s /var/squid/lib/ssl_db -M 4MB -b 2048
2014/12/17 00:57:38| Processing: sslcrtd_children 5
2014/12/17 00:57:38| Processing: sslproxy_capath /usr/pbi/squid-amd64/share/certs/
2014/12/17 00:57:38| Processing: sslproxy_cert_error allow all
2014/12/17 00:57:38| Processing: sslproxy_flags DONT_VERIFY_PEER
2014/12/17 00:57:38| Processing: logfile_rotate 90
2014/12/17 00:57:38| Processing: debug_options rotate=90
2014/12/17 00:57:38| Processing: shutdown_lifetime 3 seconds
2014/12/17 00:57:38| Processing: acl localnet src  192.168.1.0/24
2014/12/17 00:57:38| Processing: uri_whitespace strip
2014/12/17 00:57:38| Processing: acl dynamic urlpath_regex cgi-bin \?
2014/12/17 00:57:38| Processing: cache deny dynamic
2014/12/17 00:57:38| Processing: cache_mem 256 MB
2014/12/17 00:57:38| Processing: maximum_object_size_in_memory 128 KB
2014/12/17 00:57:38| Processing: memory_replacement_policy lru
2014/12/17 00:57:38| Processing: cache_replacement_policy heap LFUDA
2014/12/17 00:57:38| Processing: cache_dir aufs /var/squid/cache 180000 16 256
2014/12/17 00:57:38| Processing: minimum_object_size 1 KB
2014/12/17 00:57:38| Processing: maximum_object_size 102400 KB
2014/12/17 00:57:38| Processing: offline_mode off
2014/12/17 00:57:38| Processing: cache_swap_low 90
2014/12/17 00:57:38| Processing: cache_swap_high 95
2014/12/17 00:57:38| Processing: cache allow all
2014/12/17 00:57:38| Processing: acl allsrc src all
2014/12/17 00:57:38| Processing: acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 81 3128 3127 1025-65535
2014/12/17 00:57:38| Processing: acl sslports port 443 563 81
2014/12/17 00:57:38| Processing: acl purge method PURGE
2014/12/17 00:57:38| Processing: acl connect method CONNECT
2014/12/17 00:57:38| Processing: acl HTTP proto HTTP
2014/12/17 00:57:38| Processing: acl HTTPS proto HTTPS
2014/12/17 00:57:38| Processing: acl allowed_subnets src 192.168.1.0/24
2014/12/17 00:57:38| Processing: http_access allow manager localhost
2014/12/17 00:57:38| Processing: http_access deny manager
2014/12/17 00:57:38| Processing: http_access allow purge localhost
2014/12/17 00:57:38| Processing: http_access deny purge
2014/12/17 00:57:38| Processing: http_access deny !safeports
2014/12/17 00:57:38| Processing: http_access deny CONNECT !sslports
2014/12/17 00:57:38| Processing: quick_abort_min 0 KB
2014/12/17 00:57:38| Processing: quick_abort_max 0 KB
2014/12/17 00:57:38| Processing: request_body_max_size 0 KB
2014/12/17 00:57:38| Processing: delay_pools 1
2014/12/17 00:57:38| Processing: delay_class 1 2
2014/12/17 00:57:38| Processing: delay_parameters 1 -1/-1 -1/-1
2014/12/17 00:57:38| Processing: delay_initial_bucket_level 100
2014/12/17 00:57:38| Processing: delay_access 1 allow allsrc
2014/12/17 00:57:38| Processing: always_direct allow all
2014/12/17 00:57:38| Processing: ssl_bump server-first all
2014/12/17 00:57:38| Processing: http_access allow allowed_subnets
2014/12/17 00:57:38| Processing: http_access allow localnet
2014/12/17 00:57:38| Processing: http_access deny allsrc
2014/12/17 00:57:38| Initializing https proxy context
2014/12/17 00:57:38| Initializing http_port 192.168.1.1:3128 SSL context
2014/12/17 00:57:38| Using certificate in /usr/pbi/squid-amd64/etc/squid/serverkey.pem
2014/12/17 00:57:38| Initializing http_port 127.0.0.1:3128 SSL context
2014/12/17 00:57:38| Using certificate in /usr/pbi/squid-amd64/etc/squid/serverkey.pem
2014/12/17 00:57:38| Initializing https_port 127.0.0.1:3129 SSL context
2014/12/17 00:57:38| Using certificate in /usr/pbi/squid-amd64/etc/squid/serverkey.pem
            1 Reply Last reply Reply Quote 0
            • P
              pf12
              last edited by

              Nearly a month later, I'm still having problems getting it to work. Any suggestions at all?

              1 Reply Last reply Reply Quote 0
              • marcellocM
                marcelloc
                last edited by

                Read again cache.log.  All you need to fix is there.

                Treinamentos de Elite: http://sys-squad.com

                Help a community developer! ;D

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post