Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    WPAD questions and problems

    Cache/Proxy
    4
    31
    3839
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      MrGlasspoole last edited by

      I have the problem that i can't get autodiscover to work.

      But now i wonder if it makes sense to use wpad cause you still have to configure
      the browser or devices cause autodiscover is not on by default.
      I think it does not make a difference if i go to the browser settings to select
      autodiscover or to put a ip and port in there?

      Then i was reading you can port forward any traffic directed at port 80 to the proxy (Squid).
      So why should i use wpad (which does not work) - i'm missing something?

      1 Reply Last reply Reply Quote 0
      • KOM
        KOM last edited by

        But now i wonder if it makes sense to use wpad cause you still have to configure the browser or devices cause autodiscover is not on by default.

        All major browsers have shipped with auto-discovery enabled for several years now.  Mobile devices may vary, but the trend is to enable auto-discovery.

        I think it does not make a difference if i go to the browser settings to select autodiscover or to put a ip and port in there?

        Sure, if you only have a tiny number of devices to worry about.  Get back to me on your method when you have a LAN with a couple of hundred/thousand clients.

        Then i was reading you can port forward any traffic directed at port 80 to the proxy (Squid). So why should i use wpad (which does not work) - i'm missing something?

        What you're describing is called Transparent Mode.  It's great until you need to intercept HTTPS traffic, which involves installing a trusted certificate on every client and then doing what's essentially a Man in the Middle attack.

        Trust me, WPAD is the way to go.  How is it not working for you?

        1 Reply Last reply Reply Quote 0
        • M
          MrGlasspoole last edited by

          @KOM:

          All major browsers have shipped with auto-discovery enabled for several years now.

          All tutorials say the opposite.

          @KOM:

          What you're describing is called Transparent Mode.

          This tut about wpad still says NAT redirect at the bottom: http://irj972.co.uk/articles/pfSense-WPAD-PAC-configuration

          I did setup the vHosts package with:

          wpad.mydomain.net
          

          I have:

          wpad.pfsense.mydomain.net
          wpad.mydomain.net
          

          in the DNS resolver.
          In the DHCP server LAN i have:

          252 txt http://wpad.mydomain.net/wpad.dat
          252 txt http://wpad.mydomain.net/wpad.da
          252 txt http://wpad.mydomain.net/proxy.pac
          

          I can download the files if i point the browser to:

          http://wpad.mydomain.net/wpad.dat
          

          But Firefox and IE do not use the file with auto-discovery.

          1 Reply Last reply Reply Quote 0
          • KOM
            KOM last edited by

            All tutorials say the opposite.

            I'm not really looking to argue.  I'm trying to help you with knowledge that I have which I know works for a fact and is recommended by every other volunteer here.

            All of the major browsers most certainly do work with WPAD.  I have seen a few instances where a user's browser had to be manually set from auto-detect to specified server and port, but this is rare in my experience.  I don't know why you went wandering off with some random tutorial when pfSense already has a full document on how to get it working which I know works because I used it myself.

            WPAD Autoconfigure for Squid

            This tut about wpad still says NAT redirect at the bottom:

            It is idiotic to have a proxy server online but leave ports 80 and 443 open.  If users can go around the proxy then what is the point of having it in the first place?

            1 Reply Last reply Reply Quote 0
            • M
              MrGlasspoole last edited by

              @KOM:

              I don't know why you went wandering off with some random tutorial when pfSense already has a full document on how to get it working

              The pfSense docu was the first thing i was looking at.
              But it was not working and for a newbie allot of the docu is not clear/specific enough.
              I'm not the only one who has problems get it running and after searching the forum i found
              out that it is recommended to use a second webserver and lighttpd because if not you have
              to use a certificate.

              The tutorial i linked is just something i found when i was searching the web to find out
              why i can't get it running.

              As i wrote i can download the file with

              http://wpad.mydomain.net/wpad.dat
              

              but auto-discovery is not using it.

              Why is that?
              How can i figure out what the problem is?
              How do i make sure clients do not bypass the proxy?

              1 Reply Last reply Reply Quote 0
              • KOM
                KOM last edited by

                How do i make sure clients do not bypass the proxy?

                Create a Ports Alias (Firewall - Aliases - Ports) called WebPorts or WWW_Ports and set it to 80,443.  Create a firewall rule on LAN that blocks Source Any, Destination Any, Destination port range (Other) and then put your alias in the red box beside the (Other) combobox.  See attached.

                but auto-discovery is not using it.  Why is that?  How can i figure out what the problem is?

                First block off the ports as shown above.  Then manually set your browser to the proxy to ensure the proxy is working by going to a few sites.  Can you show me your wpad.dat file?  Loading the file and processing the file are two different things.  If you have a bug in your code, then it won't work.




                1 Reply Last reply Reply Quote 0
                • M
                  MrGlasspoole last edited by

                  Thanks KOM

                  The proxy is working if i use

                  http://wpad.mydomain.net/wpad.dat
                  

                  in Firefox "Automatic proxy configuration URL"
                  and test it with http://www.lagado.com/proxy-test

                  wpad.dat:

                  function FindProxyForURL(url,host)
                  {
                  return "PROXY 192.168.0.1:3128";
                  }
                  
                  1 Reply Last reply Reply Quote 0
                  • KOM
                    KOM last edited by

                    The auto-discovery should work if you have a DNS entry for the host WPAD on your local domain, or a DHCP 252 entry in DHCP.  On your DNS server, create a WPAD host entry and point it to your pfSense LAN IP address.  Then every browser set to automatic discovery should be able to find it since they do a DNS lookup on wpad.YourDomain.foo and then load the wpad.dat file via HTTP from that host.

                    1 Reply Last reply Reply Quote 0
                    • M
                      MrGlasspoole last edited by

                      As you can see in my second post the DNS and DHCP entries are already there.
                      I added now the Firewall rules - if i do that my Internet stops working… (sure Firefox is set to the proxy).

                      1 Reply Last reply Reply Quote 0
                      • KOM
                        KOM last edited by

                        If you do an nslookup on WPAD, does it resolve to the proxy LAN address?

                        1 Reply Last reply Reply Quote 0
                        • M
                          MrGlasspoole last edited by

                          nslookup wpad.mydomain.net:

                          Server:  pfsense.mydomain.net
                          Address:  192.168.0.1
                          
                          Name:    wpad.mydomain.net
                          Address:  192.168.0.1
                          

                          nslookup wpad:

                          Server:  pfsense.mydomain.net
                          Address:  192.168.0.1
                          
                          Name:    wpad
                          Address:  192.168.0.1
                          

                          nslookup wpad.pfsense.mydomain.net:

                          Server:  pfsense.mydomain.net
                          Address:  192.168.0.1
                          
                          Name:    wpad.pfsense.mydomain.net
                          Address:  192.168.0.1
                          

                          But if something would be wrong here why is the proxy working as long as i not block http in the firewall?

                          1 Reply Last reply Reply Quote 0
                          • KOM
                            KOM last edited by

                            Because something isn't working.  If the browser is set to auto-detect, then it will try to go straight out the gateway.  If it can't, then it tries to detect the proxy using WPAD.  When you unblock LAN, it can go straight out.  When you block LAN, it can't go out so it tries to detect the proxy and use it.  This is where your problem is.  Either the browser isn't detecting the proxy at all, or it is and the proxy isn't working.  Is your WebGUI using HTTP or HTTPS?  If I remember, you can't use pfSense under HTTPS to host the WPAD file.

                            1 Reply Last reply Reply Quote 0
                            • Q
                              q54e3w last edited by

                              you can't use the default lightppd intstance to serve the WPAD file, its tied up to port 80 for serving webconfigurator stuff. You need the second lightppd instance. If you webconfigurator is running on port 80 and not a custom port you won't be able to bind it so you need a custom port for the webconfiguator lightppd instance in order for the second lightppd to server the file on port 80.

                              whats the output of "ps aux | grep "light"?

                              1 Reply Last reply Reply Quote 0
                              • KOM
                                KOM last edited by

                                you can't use the default lightppd intstance to serve the WPAD file

                                I'm fairly sure that you can, considering that's exactly how I'm doing it and that's how it's documented  ;D

                                From WPAD Autoconfigure for Squid

                                "Now upload that file to pfSense or another locally accessible web server with scp, or create it using the built-in file editor. The file must go in /usr/local/www/…"

                                Port 80 isn't "tied up" with WebGUI.  It will serve the GUI as the default page, but if you give it an explicit URL then it will serve anything, including wpad.dat.

                                1 Reply Last reply Reply Quote 0
                                • Q
                                  q54e3w last edited by

                                  yes, you are right, sorry. I dont allow HTTP to my pfsense box. I'll keep out of it, you carry on….I suspect you are nearly there :)

                                  1 Reply Last reply Reply Quote 0
                                  • KOM
                                    KOM last edited by

                                    yes, you are right, sorry.

                                    Hey, no problem.  I've never let a lack of knowledge or incorrect information stop me from trying to help someone.  Even when I am wrong (and I've been wrong in these forums many times), I learn something.  It bruises the ego a bit, but you become better for it.  Thanks for contributing.  A community is only as strong as its members.

                                    1 Reply Last reply Reply Quote 0
                                    • M
                                      MrGlasspoole last edited by

                                      Step by step…

                                      Forget the wpad for a while.
                                      What i was saying is:
                                      If i enable the firewall rule to block http and use 192.168.0.1:3128 (not wpad) in the browser then the internet stops working.
                                      If i disable the rule then it works again and uses the proxy.

                                      1 Reply Last reply Reply Quote 0
                                      • KOM
                                        KOM last edited by

                                        If you block 80/443 and manually set your browser to use the proxy at the specified address:port and nothing works and you're positive you didn't make a typo, your Squid install is broken.  Look in your System log, as well as /var/squid/logs/access.log and cache.log.

                                        Can you please remind me as to what version of pfSense and Squid you are using?

                                        1 Reply Last reply Reply Quote 0
                                        • M
                                          MrGlasspoole last edited by

                                          Ok, found out something.
                                          The whole time i was just using google for testing.
                                          But this time i used another site and it's just HTTPS (google) that is not working if i enable the firewall rule.
                                          HTTP works with pointing the browser to address:port.
                                          BUT if i set the browser to auto-discovery then also HTTP is not working.

                                          pfSense 2.2
                                          squid3 3.4.10_2 pkg 0.2.6

                                          1 Reply Last reply Reply Quote 0
                                          • KOM
                                            KOM last edited by

                                            Do you run IPv6?

                                            1 Reply Last reply Reply Quote 0
                                            • M
                                              MrGlasspoole last edited by

                                              IPv6 is none in LAN and WAN.

                                              And the output of ps aux | grep "light" is:

                                              root    17216   0.0  0.3  50796   5888  -  S    12Feb15     0:25.97 /usr/local/sbin/lighttpd -f /var/etc/
                                              root    89081   0.0  0.2  40392   4416  -  S    12Feb15     0:21.07 /usr/local/sbin/lighttpd -f /var/etc/
                                              root    94646   0.0  1.5 232612  31596  -  I    10:10AM     0:00.22 php-fpm: pool lighty (php-fpm)
                                              root    49032   0.0  0.1  18884   2356  0  S+   10:13AM     0:00.00 grep light
                                              

                                              As i said i use the vHost package to host the wpad that i can run the WebGUI over HTTPS
                                              but don't need a certificate for the wpad.

                                              Tomorrow when i have time i will make some tests step by step with checking the logs after every step.
                                              But today i have a date and no time ;-)

                                              1 Reply Last reply Reply Quote 0
                                              • KOM
                                                KOM last edited by

                                                Good luck on your date  8)  :-*

                                                1 Reply Last reply Reply Quote 0
                                                • M
                                                  MrGlasspoole last edited by

                                                  Ok time to get it working.

                                                  Blocking https and using the proxy does not work.
                                                  This is what happens if the browser is set to the proxy and http and https are blocked in Firewall > Rules > LAN:
                                                  http = YES working
                                                  https = NO does not work

                                                  1 Reply Last reply Reply Quote 0
                                                  • KOM
                                                    KOM last edited by

                                                    You have it set to standard mode (not transparent)?  You do NOT have it set to intercept SSL?  You have a wpad.dat file accessible via an HTTP server that can be found by a DNS lookup of wpad.yourdomain?

                                                    1 Reply Last reply Reply Quote 0
                                                    • M
                                                      MrGlasspoole last edited by

                                                      I'm just looking to get https working if i block it in the firewall without looking a the wpad (proxy ip/port manually set in the browser).

                                                      Transparent HTTP proxy = unchecked
                                                      HTTPS/SSL interception = unchecked

                                                      See attachment…

                                                      ![Proxy server- General settings.png](/public/imported_attachments/1/Proxy server- General settings.png)
                                                      ![Proxy server- General settings.png_thumb](/public/imported_attachments/1/Proxy server- General settings.png_thumb)
                                                      ![Firewall- Rules.png](/public/imported_attachments/1/Firewall- Rules.png)
                                                      ![Firewall- Rules.png_thumb](/public/imported_attachments/1/Firewall- Rules.png_thumb)

                                                      1 Reply Last reply Reply Quote 0
                                                      • KOM
                                                        KOM last edited by

                                                        Your settings look good but I notice that squidGuard is in the mix.  OK, sometimes these weird issues with squid can be fixed with a reboot, so I would do that first.  Next, I would look at /var/log/squid/access.log and see what's happening.  Also look at cache.log for any obvious errors.  Lastly, I would get rid of squidGuard to make sure it isn't interfering. Mare sure when you're testing to do a force refresh with ctrl-F5 or whatever your browser uses.

                                                        1 Reply Last reply Reply Quote 0
                                                        • M
                                                          MrGlasspoole last edited by

                                                          Ok I first deleted the logs to get fresh ones and restarted.
                                                          After blocking 80/443 and accessing one http and one https site i get this:
                                                          /var/squid/logs/access.log

                                                          1430081870.198    476 192.168.0.70 TCP_MISS/200 18530 GET http://winfuture.de/ - HIER_DIRECT/212.53.132.4 text/html
                                                          1430081870.327     72 192.168.0.70 TCP_MISS/200 8032 GET http://i.wfcdn.de/teaser/328/6945.jpg - HIER_DIRECT/162.159.246.58 image/jpeg
                                                          1430081870.336     73 192.168.0.70 TCP_MISS/200 5999 GET http://i.wfcdn.de/teaser/128/15219.jpg - HIER_DIRECT/162.159.246.58 image/jpeg
                                                          1430081870.341     78 192.168.0.70 TCP_MISS/200 6489 GET http://i.wfcdn.de/teaser/128/65.jpg - HIER_DIRECT/162.159.246.58 image/jpeg
                                                          1430081870.341     76 192.168.0.70 TCP_MISS/200 5749 GET http://i.wfcdn.de/teaser/128/415.jpg - HIER_DIRECT/162.159.246.58 image/jpeg
                                                          1430081870.344     64 192.168.0.70 TCP_MISS/200 2756 GET http://i.wfcdn.de/videos/128/14406.jpg - HIER_DIRECT/162.159.246.58 image/jpeg
                                                          1430081870.344     88 192.168.0.70 TCP_MISS/200 5272 GET http://i.wfcdn.de/teaser/128/12165.jpg - HIER_DIRECT/162.159.246.58 image/jpeg
                                                          1430081870.347     56 192.168.0.70 TCP_MISS/200 6398 GET http://i.wfcdn.de/teaser/210/15205.jpg - HIER_DIRECT/162.159.246.58 image/jpeg
                                                          1430081870.351     72 192.168.0.70 TCP_MISS/200 2607 GET http://i.wfcdn.de/videos/128/14411.jpg - HIER_DIRECT/162.159.246.58 image/jpeg
                                                          1430081870.351     58 192.168.0.70 TCP_MISS/200 8325 GET http://i.wfcdn.de/teaser/210/14525.jpg - HIER_DIRECT/162.159.246.58 image/jpeg
                                                          1430081870.571    310 192.168.0.70 TCP_MISS/200 2831 GET http://i.wfcdn.de/teaser/128/454.1.jpg - HIER_DIRECT/162.159.246.58 image/jpeg
                                                          1430081870.573    315 192.168.0.70 TCP_MISS/200 3785 GET http://i.wfcdn.de/teaser/128/14997.jpg - HIER_DIRECT/162.159.246.58 image/jpeg
                                                          1430081870.577     61 192.168.0.70 TCP_MISS/200 536 GET http://winfuture.de/ajax/now? - HIER_DIRECT/212.53.132.4 application/json
                                                          1430081873.324   3029 192.168.0.70 TCP_MISS/200 8941 GET http://i.wfcdn.de/teaser/210/15209.jpg - HIER_DIRECT/162.159.246.58 image/jpeg
                                                          1430081873.355   3057 192.168.0.70 TCP_MISS/200 14746 GET http://i.wfcdn.de/teaser/210/15196.png - HIER_DIRECT/162.159.246.58 image/png
                                                          1430081873.417   3122 192.168.0.70 TCP_MISS/200 23704 GET http://videos.winfuture.de/14408.jpg - HIER_DIRECT/212.53.132.3 image/jpeg
                                                          1430081883.494     51 192.168.0.70 TCP_MISS/200 575 GET http://winfuture.de/ajax/ca/1/6801 - HIER_DIRECT/212.53.132.4 text/html
                                                          1430081893.581     69 192.168.0.70 TCP_MISS/200 575 GET http://winfuture.de/ajax/ca/2/5891 - HIER_DIRECT/212.53.132.4 text/html
                                                          1430081894.166     25 192.168.0.70 TCP_MISS/200 1460 GET http://i.wfcdn.de/5/favicon.ico - HIER_DIRECT/162.159.246.58 image/x-icon
                                                          1430081903.665     60 192.168.0.70 TCP_MISS/200 575 GET http://winfuture.de/ajax/ca/3/2270 - HIER_DIRECT/212.53.132.4 text/html
                                                          1430081913.751     68 192.168.0.70 TCP_MISS/200 575 GET http://winfuture.de/ajax/ca/4/0245 - HIER_DIRECT/212.53.132.4 text/html
                                                          1430081923.810     45 192.168.0.70 TCP_MISS/200 575 GET http://winfuture.de/ajax/ca/5/2352 - HIER_DIRECT/212.53.132.4 text/html
                                                          1430081933.875     53 192.168.0.70 TCP_MISS/200 575 GET http://winfuture.de/ajax/ca/6/8629 - HIER_DIRECT/212.53.132.4 text/html
                                                          1430081943.944     57 192.168.0.70 TCP_MISS/200 575 GET http://winfuture.de/ajax/ca/7/9718 - HIER_DIRECT/212.53.132.4 text/html
                                                          

                                                          /var/squid/logs/cache.log

                                                          2015/04/26 22:57:14 kid1| Starting Squid Cache version 3.4.10 for amd64-portbld-freebsd10.1...
                                                          2015-04-26 22:57:14 [26308] /usr/local/bin/squidGuard: can't write to logfile /var/log/squidGuard/squidGuard.log
                                                          2015-04-26 22:57:14 [26308] New setting: logdir: /var/squidGuard/log
                                                          2015-04-26 22:57:14 [26308] New setting: dbhome: /var/db/squidGuard
                                                          2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_ads/domains
                                                          2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_ads/domains.db
                                                          2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_blasphemy/domains
                                                          2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_blasphemy/domains.db
                                                          2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_chanology/domains
                                                          2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_chanology/domains.db
                                                          2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_cp/domains
                                                          2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_cp/domains.db
                                                          2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_dating/domains
                                                          2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_dating/domains.db
                                                          2015-04-26 22:57:14 [24879] /usr/local/bin/squidGuard: can't write to logfile /var/log/squidGuard/squidGuard.log
                                                          2015-04-26 22:57:14 [24879] New setting: logdir: /var/squidGuard/log
                                                          2015-04-26 22:57:14 [24879] New setting: dbhome: /var/db/squidGuard
                                                          2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_ads/domains
                                                          2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_ads/domains.db
                                                          2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_blasphemy/domains
                                                          2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_blasphemy/domains.db
                                                          2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_chanology/domains
                                                          2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_chanology/domains.db
                                                          2015-04-26 22:57:14 [26572] /usr/local/bin/squidGuard: can't write to logfile /var/log/squidGuard/squidGuard.log
                                                          2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_cp/domains
                                                          2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_cp/domains.db
                                                          2015-04-26 22:57:14 [26572] New setting: logdir: /var/squidGuard/log
                                                          2015-04-26 22:57:14 [26572] New setting: dbhome: /var/db/squidGuard
                                                          2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_ads/domains
                                                          2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_ads/domains.db
                                                          2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_dating/domains
                                                          2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_dating/domains.db
                                                          2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_dyn/domains
                                                          2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_dyn/domains.db
                                                          2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_file/domains
                                                          2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_file/domains.db
                                                          2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_freeWeb/domains
                                                          2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_freeWeb/domains.db
                                                          2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_gambling/domains
                                                          2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_gambling/domains.db
                                                          2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_gaming/domains
                                                          2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_gaming/domains.db
                                                          2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_image/domains
                                                          2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_image/domains.db
                                                          2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_malicious/domains
                                                          2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_malicious/domains.db
                                                          2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_pharmaRX/domains
                                                          2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_pharmaRX/domains.db
                                                          2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_blasphemy/domains
                                                          2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_blasphemy/domains.db
                                                          2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_chanology/domains
                                                          2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_chanology/domains.db
                                                          2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_cp/domains
                                                          2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_cp/domains.db
                                                          2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_dating/domains
                                                          2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_dating/domains.db
                                                          2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_dyn/domains
                                                          2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_dyn/domains.db
                                                          2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_file/domains
                                                          2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_file/domains.db
                                                          2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_dyn/domains
                                                          2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_dyn/domains.db
                                                          2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_file/domains
                                                          2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_file/domains.db
                                                          2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_freeWeb/domains
                                                          2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_freeWeb/domains.db
                                                          2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_gambling/domains
                                                          2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_gambling/domains.db
                                                          2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_gaming/domains
                                                          2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_gaming/domains.db
                                                          2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_piracy/domains
                                                          2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_piracy/domains.db
                                                          2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_porn/domains
                                                          2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_porn/domains.db
                                                          2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_prime/domains
                                                          2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_prime/domains.db
                                                          2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_proxies/domains
                                                          2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_proxies/domains.db
                                                          2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_freeWeb/domains
                                                          2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_freeWeb/domains.db
                                                          2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_gambling/domains
                                                          2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_gambling/domains.db
                                                          2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_gaming/domains
                                                          2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_gaming/domains.db
                                                          2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_image/domains
                                                          2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_image/domains.db
                                                          2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_malicious/domains
                                                          2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_malicious/domains.db
                                                          2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_smedia/domains
                                                          2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_smedia/domains.db
                                                          2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_pharmaRX/domains
                                                          2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_pharmaRX/domains.db
                                                          2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_piracy/domains
                                                          2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_piracy/domains.db
                                                          2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_porn/domains
                                                          2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_porn/domains.db
                                                          2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_prime/domains
                                                          2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_prime/domains.db
                                                          2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_proxies/domains
                                                          2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_proxies/domains.db
                                                          2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_smedia/domains
                                                          2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_smedia/domains.db
                                                          2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_image/domains
                                                          2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_image/domains.db
                                                          2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_malicious/domains
                                                          2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_malicious/domains.db
                                                          2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_pharmaRX/domains
                                                          2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_pharmaRX/domains.db
                                                          2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_tlds_new/domains
                                                          2015-04-26 22:57:14 [24666] /usr/local/bin/squidGuard: can't write to logfile /var/log/squidGuard/squidGuard.log
                                                          2015-04-26 22:57:14 [27008] /usr/local/bin/squidGuard: can't write to logfile /var/log/squidGuard/squidGuard.log
                                                          2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_piracy/domains
                                                          2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_piracy/domains.db
                                                          2015-04-26 22:57:14 [24666] New setting: logdir: /var/squidGuard/log
                                                          2015-04-26 22:57:14 [24666] New setting: dbhome: /var/db/squidGuard
                                                          

                                                          /var/squidGuard/log/squidGuard.log

                                                          2015-04-26 22:57:14 [24666] squidGuard 1.4 started (1430081834.410)
                                                          2015-04-26 22:57:14 [24666] squidGuard ready for requests (1430081834.439)
                                                          2015-04-26 22:57:14 [24879] squidGuard 1.4 started (1430081834.368)
                                                          2015-04-26 22:57:14 [24879] squidGuard ready for requests (1430081834.441)
                                                          2015-04-26 22:57:14 [26572] squidGuard 1.4 started (1430081834.370)
                                                          2015-04-26 22:57:14 [26572] squidGuard ready for requests (1430081834.444)
                                                          2015-04-26 22:57:14 [26308] squidGuard 1.4 started (1430081834.361)
                                                          2015-04-26 22:57:14 [26308] squidGuard ready for requests (1430081834.451)
                                                          2015-04-26 22:57:14 [25549] squidGuard 1.4 started (1430081834.462)
                                                          2015-04-26 22:57:14 [25549] squidGuard ready for requests (1430081834.473)
                                                          2015-04-26 22:57:14 [27008] squidGuard 1.4 started (1430081834.415)
                                                          2015-04-26 22:57:14 [27008] squidGuard ready for requests (1430081834.482)
                                                          2015-04-26 22:57:14 [28268] squidGuard 1.4 started (1430081834.462)
                                                          2015-04-26 22:57:14 [28268] squidGuard ready for requests (1430081834.489)
                                                          2015-04-26 22:57:14 [24592] squidGuard 1.4 started (1430081834.450)
                                                          2015-04-26 22:57:14 [24592] squidGuard ready for requests (1430081834.491)
                                                          2015-04-26 22:57:15 [24592] squidGuard stopped (1430081835.986)
                                                          2015-04-26 22:57:15 [25549] squidGuard stopped (1430081835.986)
                                                          2015-04-26 22:57:15 [26308] squidGuard stopped (1430081835.986)
                                                          2015-04-26 22:57:15 [28268] squidGuard stopped (1430081835.987)
                                                          2015-04-26 22:57:15 [24666] squidGuard stopped (1430081835.988)
                                                          2015-04-26 22:57:15 [24879] squidGuard stopped (1430081835.988)
                                                          2015-04-26 22:57:15 [26572] squidGuard stopped (1430081835.988)
                                                          2015-04-26 22:57:15 [27008] squidGuard stopped (1430081835.988)
                                                          2015-04-26 22:57:16 [60436] squidGuard 1.4 started (1430081836.432)
                                                          2015-04-26 22:57:16 [60436] squidGuard ready for requests (1430081836.447)
                                                          2015-04-26 22:57:16 [60750] squidGuard 1.4 started (1430081836.466)
                                                          2015-04-26 22:57:16 [60750] squidGuard ready for requests (1430081836.480)
                                                          2015-04-26 22:57:16 [62581] squidGuard 1.4 started (1430081836.476)
                                                          2015-04-26 22:57:16 [62581] squidGuard ready for requests (1430081836.487)
                                                          2015-04-26 22:57:16 [60430] squidGuard 1.4 started (1430081836.466)
                                                          2015-04-26 22:57:16 [60430] squidGuard ready for requests (1430081836.497)
                                                          2015-04-26 22:57:16 [61883] squidGuard 1.4 started (1430081836.483)
                                                          2015-04-26 22:57:16 [61883] squidGuard ready for requests (1430081836.498)
                                                          2015-04-26 22:57:16 [63879] squidGuard 1.4 started (1430081836.501)
                                                          2015-04-26 22:57:16 [63879] squidGuard ready for requests (1430081836.517)
                                                          2015-04-26 22:57:16 [61344] squidGuard 1.4 started (1430081836.502)
                                                          2015-04-26 22:57:16 [61344] squidGuard ready for requests (1430081836.519)
                                                          2015-04-26 22:57:16 [63184] squidGuard 1.4 started (1430081836.507)
                                                          2015-04-26 22:57:16 [63184] squidGuard ready for requests (1430081836.521)
                                                          

                                                          I did shorten the cache.log because:

                                                          /usr/local/bin/squidGuard: can't write to logfile /var/log/squidGuard/squidGuard.log
                                                          New setting: logdir: /var/squidGuard/log
                                                          New setting: dbhome: /var/db/squidGuard
                                                          

                                                          is repeated multiple times?

                                                          And no https shows up in the log.

                                                          Also find out that if i block port 80 that i can't access my wpad.dat

                                                          http://wpad.mydomain.net/wpad.dat
                                                          
                                                          1 Reply Last reply Reply Quote 0
                                                          • C
                                                            chris4916 last edited by

                                                            @MrGlasspoole:

                                                            Also find out that if i block port 80 that i can't access my wpad.dat

                                                            http://wpad.mydomain.net/wpad.dat
                                                            

                                                            Pretty obvious  ;)
                                                            You must have some granularity and control in the way you allow or block prtocols, especially if you have services running at FW level (like HTTP server)
                                                            This can be easily achieved, e.g. by adding rule before the one denying access so that access to FW on port 80 (in order to access wpad.dat) is authorized.

                                                            1 Reply Last reply Reply Quote 0
                                                            • KOM
                                                              KOM last edited by

                                                              /usr/local/bin/squidGuard: can't write to logfile /var/log/squidGuard/squidGuard.log

                                                              Why is this happening?  Are you out of disk space?

                                                              Start small and build up.  Get WPAD and just Squid working, then move on to squidGuard.

                                                              1 Reply Last reply Reply Quote 0
                                                              • M
                                                                MrGlasspoole last edited by

                                                                @chris4916:

                                                                Pretty obvious  ;)

                                                                Not to me cause i thought the FW just blocks stuff going out to the Internet (WAN)

                                                                @chris4916:

                                                                This can be easily achieve, e.g. by adding rule before the one denying access so that access to FW on port 80 (in order to access wpad.dat) is authorized.

                                                                Can you explain what to do?
                                                                You can see my settings in the attachment above.
                                                                If my thoughts are right to i need to put port 80 to the Anti-Lockout Rule?

                                                                @KOM:

                                                                /usr/local/bin/squidGuard: can't write to logfile /var/log/squidGuard/squidGuard.log

                                                                Why is this happening?  Are you out of disk space?

                                                                No "ufs: 23% of 18G"

                                                                It already was pain to get it running: https://forum.pfsense.org/index.php?topic=87591.0
                                                                Is there a way to temporarily disable squidGuard?

                                                                1 Reply Last reply Reply Quote 0
                                                                • KOM
                                                                  KOM last edited by

                                                                  Is there a way to temporarily disable squidGuard?

                                                                  Uncheck the Enable box?

                                                                  1 Reply Last reply Reply Quote 0
                                                                  • First post
                                                                    Last post

                                                                  Products

                                                                  • Platform Overview
                                                                  • TNSR
                                                                  • pfSense Plus
                                                                  • Appliances

                                                                  Services

                                                                  • Training
                                                                  • Professional Services

                                                                  Support

                                                                  • Subscription Plans
                                                                  • Contact Support
                                                                  • Product Lifecycle
                                                                  • Documentation

                                                                  News

                                                                  • Media Coverage
                                                                  • Press
                                                                  • Events

                                                                  Resources

                                                                  • Blog
                                                                  • FAQ
                                                                  • Find a Partner
                                                                  • Resource Library
                                                                  • Security Information

                                                                  Company

                                                                  • About Us
                                                                  • Careers
                                                                  • Partners
                                                                  • Contact Us
                                                                  • Legal
                                                                  Our Mission

                                                                  We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                                                                  Subscribe to our Newsletter

                                                                  Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                                                                  © 2021 Rubicon Communications, LLC | Privacy Policy