Squid3 i386 pfsense 2.2



  • Hi,

    i386 pbi for squid 3.4 was rebuild. Can you chech if transparent proxy is working now?

    squid-3.4.10_2-amd64.pbi  09-Feb-2015 17:22
    squid-3.4.10_2-i386.pbi  09-Feb-2015 17:41



  • Squid3 is working with transparent but you need to disable the antivirus and configure it to get squid to fire.



  • @Visseroth:

    Squid3 is working with transparent but you need to disable the antivirus and configure it to get squid to fire.

    For the antivirus, did you following the checks that displayed to correct the config files?



  • @marcelloc:

    Hi,

    i386 pbi for squid 3.4 was rebuild. Can you chech if transparent proxy is working now?

    squid-3.4.10_2-amd64.pbi  09-Feb-2015 17:22
    squid-3.4.10_2-i386.pbi  09-Feb-2015 17:41

    Hi Marcelloc,

    Only just spotted you'd opened a thread to track this, so forgive me for duplicating an existing post here…

    I've just installed 3.4.10_2 pkg 0.2.6 and I'm seeing the following config using "squid -v"

    '--disable-ipf-transparent' '--disable-ipfw-transparent' '--enable-pf-transparent'
    

    This is the same as before…  :(

    Although I was offered an upgrade I now realise the version hasn't actually changed. Should I have expected this for the recompiled version?

    It does appear to be of the correct vintage though:

    : ls -lL `which squid`
    -rwxr-xr-x  1 proxy  proxy  8514 Feb  9 17:39 /usr/local/sbin/squid
    

    Steve



  • @Cino:

    @Visseroth:

    Squid3 is working with transparent but you need to disable the antivirus and configure it to get squid to fire.

    For the antivirus, did you following the checks that displayed to correct the config files?

    No I did not, I have not had a chance to go through it as of yet. But for a quick fix this will get squid to fire.



  • @Steve:

    This is the same as before…  :(

    try to remove the package, check if squid binary is gone and then install it again. The compile options were fixed a while ago and if it still missing transparent mode, I'll report on redmine.



  • Yes, I'd done that.

    Thanks,

    Steve



  • i still have this problem also. any workarround to enable transparent proxy?

    [2.2.2-RELEASE][root@xxx]/root: pbi_info
    lightsquid-1.8_2-i386
    squid-3.4.10_2-i386

    [2.2.2-RELEASE][root@xxx]/root: /usr/local/sbin/squid -v
    Squid Cache: Version 3.4.10
    configure options:  '–with-default-user=squid' '--bindir=/usr/local/sbin' '--sbindir=/usr/local/sbin' '--datadir=/usr/local/etc/squid' '--libexecdir=/usr/local/libexec/squid' '--localstatedir=/var' '--sysconfdir=/usr/local/etc/squid' '--with-logdir=/var/log/squid' '--with-pidfile=/var/run/squid/squid.pid' '--with-swapdir=/var/squid/cache' '--enable-auth' '--enable-build-info' '--enable-loadable-modules' '--enable-removal-policies=lru heap' '--disable-epoll' '--disable-linux-netfilter' '--disable-linux-tproxy' '--disable-translation' '--disable-arch-native' '--enable-eui' '--enable-cache-digests' '--enable-delay-pools' '--enable-ecap' '--disable-esi' '--enable-follow-x-forwarded-for' '--enable-htcp' '--enable-icap-client' '--enable-icmp' '--enable-ident-lookups' '--enable-ipv6' '--enable-kqueue' '--with-large-files' '--enable-http-violations' '--without-nettle' '--enable-snmp' '--enable-ssl' '--enable-ssl-crtd' '--disable-stacktraces' '–disable-ipf-transparent' '--disable-ipfw-transparent' '--enable-pf-transparent' '–with-nat-devpf' '--disable-forw-via-db' '--enable-wccp' '--enable-wccpv2' '--enable-auth-basic=DB MSNT MSNT-multi-domain NCSA PAM POP3 RADIUS fake getpwnam LDAP NIS' '--enable-auth-digest=file' '--enable-external-acl-helpers=file_userip time_quota unix_group LDAP_group' '--enable-auth-negotiate=kerberos wrapper' '--enable-auth-ntlm=fake smb_lm' '--enable-storeio=ufs aufs diskd' '--enable-disk-io=AIO Blocking IpcIo Mmapped DiskThreads DiskDaemon' '--enable-log-daemon-helpers=file' '--enable-url-rewrite-helpers=fake' '--enable-storeid-rewrite-helpers=file' '--with-openssl=/usr' '--prefix=/usr/local' '--mandir=/usr/local/man' '--infodir=/usr/local/info/' '--build=i386-portbld-freebsd10.1' 'build_alias=i386-portbld-freebsd10.1' 'CC=cc' 'CFLAGS=-O2 -pipe  -I/usr/local/include -I/usr/local/include -I/usr/include -fstack-protector -DLDAP_DEPRECATED -fno-strict-aliasing' 'LDFLAGS= -L/usr/local/lib -L/usr/local/lib -pthread -Wl,-rpath,/usr/lib:/usr/local/lib -L/usr/lib -fstack-protector' 'LIBS=' 'CPPFLAGS=' 'CXX=c++' 'CXXFLAGS=-O2 -pipe -I/usr/local/include -I/usr/local/include -I/usr/include -fstack-protector -DLDAP_DEPRECATED -fno-strict-aliasing  -Wno-unused-private-field' 'CPP=cpp' 'PKG_CONFIG=pkgconf' --enable-ltdl-convenience



  • I've gone back to 2.1.5. Working great after wasting too much time on this.

    Steve



  • Hello Steve,

    I read all your detailed comments about this issue and I realize that the problem was not only with version pfsense 2.2.2 i386 (32bits), but also with pfsense 2.2.2 amd64 (64bits) version. It was working great under 64 bits arquitecture, I mean redirection from port 80 to 8080 (dansguardian on lan:8080 and then squid on loopback:3128) on a similar scenario as yours, but after I changed a value in a queue from the traffic shaper, for some reason, the NAT rule stop working so I had to configure manually on every desktop.

    Installed Packages: dansguardian-2.12.0.3_2 and squid-2.7.9_4

    I don't think I will have a change to get back to 2.1.5 but certainly, I will be wating for a new realease that fixes this problem!

    Thank you for your information!

    Carlos.



  • so I had to configure manually on every desktop.

    WPAD might have saved you a lot of time.


Log in to reply