Squid3-dev problems
-
Hi, I'm running pfsense 2.1.5-RELEASE (i386) and installed the squid3-dev package (squid 3.3.10 pkg 2.2.8 ). This is the only squid package I've installed that doesn't seem to work no matter what I try. If I load a http site, it says the server can't be found, but https sites load fine. the squid2 and squid 3 packages worked in transparent mode, but squid3-dev doesn't. I mainly wanted this package because of the https filtering. Like the other squid versions that worked, I added my subnet to the ACL and have authentication turned off, and the proxy interface listening on the LAN and the transparent proxy interface on the LAN.
Are other configurations needed that I missed?
EDIT: If anyone even thinks of something small that might help please mention it. I'm still stumped. I don't get any errors when I run it from command line. Are there any other ways to trouble shoot what's happening?
EDIT 2: Just did a clean install of 64-bit pfsense because another forum suggested running 32-bit pfsense on a 64-bit enabled processor sometimes caused problems. Now running 2.1.5-RELEASE (amd64). Same problems, nothing has changed. Still looking for help.
-
I do only use squid3-dev with no issues.
what you get with squid -k parse or on cache.log?
-
Thanks for replying! Here's the output for those commands:
squid -k parse:
2014/12/16 11:35:42| Startup: Initializing Authentication Schemes ... 2014/12/16 11:35:42| Startup: Initialized Authentication Scheme 'basic' 2014/12/16 11:35:42| Startup: Initialized Authentication Scheme 'digest' 2014/12/16 11:35:42| Startup: Initialized Authentication Scheme 'negotiate' 2014/12/16 11:35:42| Startup: Initialized Authentication Scheme 'ntlm' 2014/12/16 11:35:42| Startup: Initialized Authentication. 2014/12/16 11:35:42| Processing Configuration File: /usr/pbi/squid-amd64/etc/squid/squid.conf (depth 0) 2014/12/16 11:35:42| Processing: http_port 192.168.5.1:3128 2014/12/16 11:35:42| Processing: icp_port 0 2014/12/16 11:35:42| Processing: dns_v4_first off 2014/12/16 11:35:42| Processing: pid_filename /var/run/squid.pid 2014/12/16 11:35:42| Processing: cache_effective_user proxy 2014/12/16 11:35:42| Processing: cache_effective_group proxy 2014/12/16 11:35:42| Processing: error_default_language en-ca 2014/12/16 11:35:42| Processing: icon_directory /usr/pbi/squid-amd64/etc/squid/icons 2014/12/16 11:35:42| Processing: visible_hostname localhost 2014/12/16 11:35:42| Processing: cache_mgr admin@localhost 2014/12/16 11:35:42| Processing: access_log /var/squid/logs/access.log 2014/12/16 11:35:42| Processing: cache_log /var/squid/logs/cache.log 2014/12/16 11:35:42| Processing: cache_store_log none 2014/12/16 11:35:42| Processing: netdb_filename /var/squid/logs/netdb.state 2014/12/16 11:35:42| Processing: pinger_enable on 2014/12/16 11:35:42| Processing: pinger_program /usr/pbi/squid-amd64/libexec/squid/pinger 2014/12/16 11:35:42| Processing: logfile_rotate 14 2014/12/16 11:35:42| Processing: debug_options rotate=14 2014/12/16 11:35:42| Processing: shutdown_lifetime 3 seconds 2014/12/16 11:35:42| Processing: acl localnet src 192.168.5.0/24 2014/12/16 11:35:42| Processing: forwarded_for off 2014/12/16 11:35:42| Processing: via off 2014/12/16 11:35:42| Processing: uri_whitespace strip 2014/12/16 11:35:42| Processing: acl dynamic urlpath_regex cgi-bin \? 2014/12/16 11:35:42| Processing: cache deny dynamic 2014/12/16 11:35:42| Processing: cache_mem 8 MB 2014/12/16 11:35:42| Processing: maximum_object_size_in_memory 32 KB 2014/12/16 11:35:42| Processing: memory_replacement_policy heap GDSF 2014/12/16 11:35:42| Processing: cache_replacement_policy heap LFUDA 2014/12/16 11:35:42| Processing: cache_dir ufs /var/squid/cache 2000 16 256 2014/12/16 11:35:42| Processing: minimum_object_size 0 KB 2014/12/16 11:35:42| Processing: maximum_object_size 4 KB 2014/12/16 11:35:42| Processing: offline_mode off 2014/12/16 11:35:42| Processing: cache_swap_low 90 2014/12/16 11:35:42| Processing: cache_swap_high 95 2014/12/16 11:35:42| Processing: cache allow all 2014/12/16 11:35:42| Processing: acl allsrc src all 2014/12/16 11:35:42| Processing: acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 3128 3127 1025-65535 2014/12/16 11:35:42| Processing: acl sslports port 443 563 2014/12/16 11:35:42| Processing: acl purge method PURGE 2014/12/16 11:35:42| Processing: acl connect method CONNECT 2014/12/16 11:35:42| Processing: acl HTTP proto HTTP 2014/12/16 11:35:42| Processing: acl HTTPS proto HTTPS 2014/12/16 11:35:42| Processing: acl allowed_subnets src 192.168.5.0/24 2014/12/16 11:35:42| Processing: http_access allow manager localhost 2014/12/16 11:35:42| Processing: http_access deny manager 2014/12/16 11:35:42| Processing: http_access allow purge localhost 2014/12/16 11:35:42| Processing: http_access deny purge 2014/12/16 11:35:42| Processing: http_access deny !safeports 2014/12/16 11:35:42| Processing: http_access deny CONNECT !sslports 2014/12/16 11:35:42| Processing: request_body_max_size 0 KB 2014/12/16 11:35:42| Processing: delay_pools 1 2014/12/16 11:35:42| Processing: delay_class 1 2 2014/12/16 11:35:42| Processing: delay_parameters 1 -1/-1 -1/-1 2014/12/16 11:35:42| Processing: delay_initial_bucket_level 100 2014/12/16 11:35:42| Processing: delay_access 1 allow allsrc 2014/12/16 11:35:42| Processing: http_access allow allowed_subnets 2014/12/16 11:35:42| Processing: http_access allow localnet 2014/12/16 11:35:42| Processing: http_access deny allsrc 2014/12/16 11:35:42| WARNING: HTTP requires the use of Via 2014/12/16 11:35:42| Initializing https proxy context
cat /var/squid/logs/cache.log
2014/12/16 11:40:13 kid1| Starting Squid Cache version 3.3.10 for amd64-portbld-freebsd8.3... 2014/12/16 11:40:13 kid1| parse error while reading template file: /usr/pbi/squid-amd64/etc/squid/errors/en-ca/error-details.txt 2014/12/16 11:40:13 kid1| Unable to load default error language files. Reset to backups. 2014/12/16 11:40:13 kid1| parse error while reading template file: /usr/pbi/squid-amd64/etc/squid/errors/templates/error-details.txt 2014/12/16 11:40:13 kid1| WARNING: failed to find or read error text file error-details.txt 2014/12/16 11:40:13 kid1| sendto FD 26: (1) Operation not permitted 2014/12/16 11:40:13 kid1| ipcCreate: CHILD: hello write test failed
EDIT: Formatting output to use code tags.
-
I have no Problem.. but nothing cache..
this my squid -k parse
2014/12/17 00:57:38| Startup: Initializing Authentication Schemes ... 2014/12/17 00:57:38| Startup: Initialized Authentication Scheme 'basic' 2014/12/17 00:57:38| Startup: Initialized Authentication Scheme 'digest' 2014/12/17 00:57:38| Startup: Initialized Authentication Scheme 'negotiate' 2014/12/17 00:57:38| Startup: Initialized Authentication Scheme 'ntlm' 2014/12/17 00:57:38| Startup: Initialized Authentication. 2014/12/17 00:57:38| Processing Configuration File: /usr/pbi/squid-amd64/etc/squid/squid.conf (depth 0) 2014/12/17 00:57:38| Processing: http_port 192.168.1.1:3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=10MB cert=/usr/pbi/squid-amd64/etc/squid/serverkey.pem capath=/usr/pbi/squid-amd64/share/certs/ 2014/12/17 00:57:38| Processing: http_port 127.0.0.1:3128 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=10MB cert=/usr/pbi/squid-amd64/etc/squid/serverkey.pem capath=/usr/pbi/squid-amd64/share/certs/ 2014/12/17 00:57:38| Starting Authentication on port 127.0.0.1:3128 2014/12/17 00:57:38| Disabling Authentication on port 127.0.0.1:3128 (interception enabled) 2014/12/17 00:57:38| Disabling IPv6 on port 127.0.0.1:3128 (interception enabled) 2014/12/17 00:57:38| Processing: https_port 127.0.0.1:3129 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=10MB cert=/usr/pbi/squid-amd64/etc/squid/serverkey.pem capath=/usr/pbi/squid-amd64/share/certs/ 2014/12/17 00:57:38| Starting Authentication on port 127.0.0.1:3129 2014/12/17 00:57:38| Disabling Authentication on port 127.0.0.1:3129 (interception enabled) 2014/12/17 00:57:38| Disabling IPv6 on port 127.0.0.1:3129 (interception enabled) 2014/12/17 00:57:38| Processing: icp_port 0 2014/12/17 00:57:38| Processing: dns_v4_first on 2014/12/17 00:57:38| Processing: pid_filename /var/run/squid.pid 2014/12/17 00:57:38| Processing: cache_effective_user proxy 2014/12/17 00:57:38| Processing: cache_effective_group proxy 2014/12/17 00:57:38| Processing: error_default_language en 2014/12/17 00:57:38| Processing: icon_directory /usr/pbi/squid-amd64/etc/squid/icons 2014/12/17 00:57:38| Processing: visible_hostname localhost 2014/12/17 00:57:38| Processing: cache_mgr admin@localhost 2014/12/17 00:57:38| Processing: access_log /var/squid/logs/access.log 2014/12/17 00:57:38| Processing: cache_log /var/squid/logs/cache.log 2014/12/17 00:57:38| Processing: cache_store_log none 2014/12/17 00:57:38| Processing: netdb_filename /var/squid/logs/netdb.state 2014/12/17 00:57:38| Processing: pinger_enable on 2014/12/17 00:57:38| Processing: pinger_program /usr/pbi/squid-amd64/libexec/squid/pinger 2014/12/17 00:57:38| Processing: sslcrtd_program /usr/pbi/squid-amd64/libexec/squid/ssl_crtd -s /var/squid/lib/ssl_db -M 4MB -b 2048 2014/12/17 00:57:38| Processing: sslcrtd_children 5 2014/12/17 00:57:38| Processing: sslproxy_capath /usr/pbi/squid-amd64/share/certs/ 2014/12/17 00:57:38| Processing: sslproxy_cert_error allow all 2014/12/17 00:57:38| Processing: sslproxy_flags DONT_VERIFY_PEER 2014/12/17 00:57:38| Processing: logfile_rotate 90 2014/12/17 00:57:38| Processing: debug_options rotate=90 2014/12/17 00:57:38| Processing: shutdown_lifetime 3 seconds 2014/12/17 00:57:38| Processing: acl localnet src 192.168.1.0/24 2014/12/17 00:57:38| Processing: uri_whitespace strip 2014/12/17 00:57:38| Processing: acl dynamic urlpath_regex cgi-bin \? 2014/12/17 00:57:38| Processing: cache deny dynamic 2014/12/17 00:57:38| Processing: cache_mem 256 MB 2014/12/17 00:57:38| Processing: maximum_object_size_in_memory 128 KB 2014/12/17 00:57:38| Processing: memory_replacement_policy lru 2014/12/17 00:57:38| Processing: cache_replacement_policy heap LFUDA 2014/12/17 00:57:38| Processing: cache_dir aufs /var/squid/cache 180000 16 256 2014/12/17 00:57:38| Processing: minimum_object_size 1 KB 2014/12/17 00:57:38| Processing: maximum_object_size 102400 KB 2014/12/17 00:57:38| Processing: offline_mode off 2014/12/17 00:57:38| Processing: cache_swap_low 90 2014/12/17 00:57:38| Processing: cache_swap_high 95 2014/12/17 00:57:38| Processing: cache allow all 2014/12/17 00:57:38| Processing: acl allsrc src all 2014/12/17 00:57:38| Processing: acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 81 3128 3127 1025-65535 2014/12/17 00:57:38| Processing: acl sslports port 443 563 81 2014/12/17 00:57:38| Processing: acl purge method PURGE 2014/12/17 00:57:38| Processing: acl connect method CONNECT 2014/12/17 00:57:38| Processing: acl HTTP proto HTTP 2014/12/17 00:57:38| Processing: acl HTTPS proto HTTPS 2014/12/17 00:57:38| Processing: acl allowed_subnets src 192.168.1.0/24 2014/12/17 00:57:38| Processing: http_access allow manager localhost 2014/12/17 00:57:38| Processing: http_access deny manager 2014/12/17 00:57:38| Processing: http_access allow purge localhost 2014/12/17 00:57:38| Processing: http_access deny purge 2014/12/17 00:57:38| Processing: http_access deny !safeports 2014/12/17 00:57:38| Processing: http_access deny CONNECT !sslports 2014/12/17 00:57:38| Processing: quick_abort_min 0 KB 2014/12/17 00:57:38| Processing: quick_abort_max 0 KB 2014/12/17 00:57:38| Processing: request_body_max_size 0 KB 2014/12/17 00:57:38| Processing: delay_pools 1 2014/12/17 00:57:38| Processing: delay_class 1 2 2014/12/17 00:57:38| Processing: delay_parameters 1 -1/-1 -1/-1 2014/12/17 00:57:38| Processing: delay_initial_bucket_level 100 2014/12/17 00:57:38| Processing: delay_access 1 allow allsrc 2014/12/17 00:57:38| Processing: always_direct allow all 2014/12/17 00:57:38| Processing: ssl_bump server-first all 2014/12/17 00:57:38| Processing: http_access allow allowed_subnets 2014/12/17 00:57:38| Processing: http_access allow localnet 2014/12/17 00:57:38| Processing: http_access deny allsrc 2014/12/17 00:57:38| Initializing https proxy context 2014/12/17 00:57:38| Initializing http_port 192.168.1.1:3128 SSL context 2014/12/17 00:57:38| Using certificate in /usr/pbi/squid-amd64/etc/squid/serverkey.pem 2014/12/17 00:57:38| Initializing http_port 127.0.0.1:3128 SSL context 2014/12/17 00:57:38| Using certificate in /usr/pbi/squid-amd64/etc/squid/serverkey.pem 2014/12/17 00:57:38| Initializing https_port 127.0.0.1:3129 SSL context 2014/12/17 00:57:38| Using certificate in /usr/pbi/squid-amd64/etc/squid/serverkey.pem
-
Nearly a month later, I'm still having problems getting it to work. Any suggestions at all?
-
Read again cache.log. All you need to fix is there.