WPAD questions and problems
-
I have the problem that i can't get autodiscover to work.
But now i wonder if it makes sense to use wpad cause you still have to configure
the browser or devices cause autodiscover is not on by default.
I think it does not make a difference if i go to the browser settings to select
autodiscover or to put a ip and port in there?Then i was reading you can port forward any traffic directed at port 80 to the proxy (Squid).
So why should i use wpad (which does not work) - i'm missing something? -
But now i wonder if it makes sense to use wpad cause you still have to configure the browser or devices cause autodiscover is not on by default.
All major browsers have shipped with auto-discovery enabled for several years now. Mobile devices may vary, but the trend is to enable auto-discovery.
I think it does not make a difference if i go to the browser settings to select autodiscover or to put a ip and port in there?
Sure, if you only have a tiny number of devices to worry about. Get back to me on your method when you have a LAN with a couple of hundred/thousand clients.
Then i was reading you can port forward any traffic directed at port 80 to the proxy (Squid). So why should i use wpad (which does not work) - i'm missing something?
What you're describing is called Transparent Mode. It's great until you need to intercept HTTPS traffic, which involves installing a trusted certificate on every client and then doing what's essentially a Man in the Middle attack.
Trust me, WPAD is the way to go. How is it not working for you?
-
@KOM:
All major browsers have shipped with auto-discovery enabled for several years now.
All tutorials say the opposite.
@KOM:
What you're describing is called Transparent Mode.
This tut about wpad still says NAT redirect at the bottom: http://irj972.co.uk/articles/pfSense-WPAD-PAC-configuration
I did setup the vHosts package with:
wpad.mydomain.net
I have:
wpad.pfsense.mydomain.net wpad.mydomain.net
in the DNS resolver.
In the DHCP server LAN i have:252 txt http://wpad.mydomain.net/wpad.dat 252 txt http://wpad.mydomain.net/wpad.da 252 txt http://wpad.mydomain.net/proxy.pac
I can download the files if i point the browser to:
http://wpad.mydomain.net/wpad.dat
But Firefox and IE do not use the file with auto-discovery.
-
All tutorials say the opposite.
I'm not really looking to argue. I'm trying to help you with knowledge that I have which I know works for a fact and is recommended by every other volunteer here.
All of the major browsers most certainly do work with WPAD. I have seen a few instances where a user's browser had to be manually set from auto-detect to specified server and port, but this is rare in my experience. I don't know why you went wandering off with some random tutorial when pfSense already has a full document on how to get it working which I know works because I used it myself.
This tut about wpad still says NAT redirect at the bottom:
It is idiotic to have a proxy server online but leave ports 80 and 443 open. If users can go around the proxy then what is the point of having it in the first place?
-
@KOM:
I don't know why you went wandering off with some random tutorial when pfSense already has a full document on how to get it working
The pfSense docu was the first thing i was looking at.
But it was not working and for a newbie allot of the docu is not clear/specific enough.
I'm not the only one who has problems get it running and after searching the forum i found
out that it is recommended to use a second webserver and lighttpd because if not you have
to use a certificate.The tutorial i linked is just something i found when i was searching the web to find out
why i can't get it running.As i wrote i can download the file with
http://wpad.mydomain.net/wpad.dat
but auto-discovery is not using it.
Why is that?
How can i figure out what the problem is?
How do i make sure clients do not bypass the proxy? -
How do i make sure clients do not bypass the proxy?
Create a Ports Alias (Firewall - Aliases - Ports) called WebPorts or WWW_Ports and set it to 80,443. Create a firewall rule on LAN that blocks Source Any, Destination Any, Destination port range (Other) and then put your alias in the red box beside the (Other) combobox. See attached.
but auto-discovery is not using it. Why is that? How can i figure out what the problem is?
First block off the ports as shown above. Then manually set your browser to the proxy to ensure the proxy is working by going to a few sites. Can you show me your wpad.dat file? Loading the file and processing the file are two different things. If you have a bug in your code, then it won't work.
-
Thanks KOM
The proxy is working if i use
http://wpad.mydomain.net/wpad.dat
in Firefox "Automatic proxy configuration URL"
and test it with http://www.lagado.com/proxy-testwpad.dat:
function FindProxyForURL(url,host) { return "PROXY 192.168.0.1:3128"; }
-
The auto-discovery should work if you have a DNS entry for the host WPAD on your local domain, or a DHCP 252 entry in DHCP. On your DNS server, create a WPAD host entry and point it to your pfSense LAN IP address. Then every browser set to automatic discovery should be able to find it since they do a DNS lookup on wpad.YourDomain.foo and then load the wpad.dat file via HTTP from that host.
-
As you can see in my second post the DNS and DHCP entries are already there.
I added now the Firewall rules - if i do that my Internet stops working… (sure Firefox is set to the proxy). -
If you do an nslookup on WPAD, does it resolve to the proxy LAN address?
-
nslookup wpad.mydomain.net:
Server: pfsense.mydomain.net Address: 192.168.0.1 Name: wpad.mydomain.net Address: 192.168.0.1
nslookup wpad:
Server: pfsense.mydomain.net Address: 192.168.0.1 Name: wpad Address: 192.168.0.1
nslookup wpad.pfsense.mydomain.net:
Server: pfsense.mydomain.net Address: 192.168.0.1 Name: wpad.pfsense.mydomain.net Address: 192.168.0.1
But if something would be wrong here why is the proxy working as long as i not block http in the firewall?
-
Because something isn't working. If the browser is set to auto-detect, then it will try to go straight out the gateway. If it can't, then it tries to detect the proxy using WPAD. When you unblock LAN, it can go straight out. When you block LAN, it can't go out so it tries to detect the proxy and use it. This is where your problem is. Either the browser isn't detecting the proxy at all, or it is and the proxy isn't working. Is your WebGUI using HTTP or HTTPS? If I remember, you can't use pfSense under HTTPS to host the WPAD file.
-
you can't use the default lightppd intstance to serve the WPAD file, its tied up to port 80 for serving webconfigurator stuff. You need the second lightppd instance. If you webconfigurator is running on port 80 and not a custom port you won't be able to bind it so you need a custom port for the webconfiguator lightppd instance in order for the second lightppd to server the file on port 80.
whats the output of "ps aux | grep "light"?
-
you can't use the default lightppd intstance to serve the WPAD file
I'm fairly sure that you can, considering that's exactly how I'm doing it and that's how it's documented ;D
From WPAD Autoconfigure for Squid
"Now upload that file to pfSense or another locally accessible web server with scp, or create it using the built-in file editor. The file must go in /usr/local/www/…"
Port 80 isn't "tied up" with WebGUI. It will serve the GUI as the default page, but if you give it an explicit URL then it will serve anything, including wpad.dat.
-
yes, you are right, sorry. I dont allow HTTP to my pfsense box. I'll keep out of it, you carry on….I suspect you are nearly there :)
-
yes, you are right, sorry.
Hey, no problem. I've never let a lack of knowledge or incorrect information stop me from trying to help someone. Even when I am wrong (and I've been wrong in these forums many times), I learn something. It bruises the ego a bit, but you become better for it. Thanks for contributing. A community is only as strong as its members.
-
Step by step…
Forget the wpad for a while.
What i was saying is:
If i enable the firewall rule to block http and use 192.168.0.1:3128 (not wpad) in the browser then the internet stops working.
If i disable the rule then it works again and uses the proxy. -
If you block 80/443 and manually set your browser to use the proxy at the specified address:port and nothing works and you're positive you didn't make a typo, your Squid install is broken. Look in your System log, as well as /var/squid/logs/access.log and cache.log.
Can you please remind me as to what version of pfSense and Squid you are using?
-
Ok, found out something.
The whole time i was just using google for testing.
But this time i used another site and it's just HTTPS (google) that is not working if i enable the firewall rule.
HTTP works with pointing the browser to address:port.
BUT if i set the browser to auto-discovery then also HTTP is not working.pfSense 2.2
squid3 3.4.10_2 pkg 0.2.6 -
Do you run IPv6?
-
IPv6 is none in LAN and WAN.
And the output of ps aux | grep "light" is:
root 17216 0.0 0.3 50796 5888 - S 12Feb15 0:25.97 /usr/local/sbin/lighttpd -f /var/etc/ root 89081 0.0 0.2 40392 4416 - S 12Feb15 0:21.07 /usr/local/sbin/lighttpd -f /var/etc/ root 94646 0.0 1.5 232612 31596 - I 10:10AM 0:00.22 php-fpm: pool lighty (php-fpm) root 49032 0.0 0.1 18884 2356 0 S+ 10:13AM 0:00.00 grep light
As i said i use the vHost package to host the wpad that i can run the WebGUI over HTTPS
but don't need a certificate for the wpad.Tomorrow when i have time i will make some tests step by step with checking the logs after every step.
But today i have a date and no time ;-) -
Good luck on your date 8) :-*
-
Ok time to get it working.
Blocking https and using the proxy does not work.
This is what happens if the browser is set to the proxy and http and https are blocked in Firewall > Rules > LAN:
http = YES working
https = NO does not work -
You have it set to standard mode (not transparent)? You do NOT have it set to intercept SSL? You have a wpad.dat file accessible via an HTTP server that can be found by a DNS lookup of wpad.yourdomain?
-
I'm just looking to get https working if i block it in the firewall without looking a the wpad (proxy ip/port manually set in the browser).
Transparent HTTP proxy = unchecked
HTTPS/SSL interception = uncheckedSee attachment…



 -
Your settings look good but I notice that squidGuard is in the mix. OK, sometimes these weird issues with squid can be fixed with a reboot, so I would do that first. Next, I would look at /var/log/squid/access.log and see what's happening. Also look at cache.log for any obvious errors. Lastly, I would get rid of squidGuard to make sure it isn't interfering. Mare sure when you're testing to do a force refresh with ctrl-F5 or whatever your browser uses.
-
Ok I first deleted the logs to get fresh ones and restarted.
After blocking 80/443 and accessing one http and one https site i get this:
/var/squid/logs/access.log1430081870.198 476 192.168.0.70 TCP_MISS/200 18530 GET http://winfuture.de/ - HIER_DIRECT/212.53.132.4 text/html 1430081870.327 72 192.168.0.70 TCP_MISS/200 8032 GET http://i.wfcdn.de/teaser/328/6945.jpg - HIER_DIRECT/162.159.246.58 image/jpeg 1430081870.336 73 192.168.0.70 TCP_MISS/200 5999 GET http://i.wfcdn.de/teaser/128/15219.jpg - HIER_DIRECT/162.159.246.58 image/jpeg 1430081870.341 78 192.168.0.70 TCP_MISS/200 6489 GET http://i.wfcdn.de/teaser/128/65.jpg - HIER_DIRECT/162.159.246.58 image/jpeg 1430081870.341 76 192.168.0.70 TCP_MISS/200 5749 GET http://i.wfcdn.de/teaser/128/415.jpg - HIER_DIRECT/162.159.246.58 image/jpeg 1430081870.344 64 192.168.0.70 TCP_MISS/200 2756 GET http://i.wfcdn.de/videos/128/14406.jpg - HIER_DIRECT/162.159.246.58 image/jpeg 1430081870.344 88 192.168.0.70 TCP_MISS/200 5272 GET http://i.wfcdn.de/teaser/128/12165.jpg - HIER_DIRECT/162.159.246.58 image/jpeg 1430081870.347 56 192.168.0.70 TCP_MISS/200 6398 GET http://i.wfcdn.de/teaser/210/15205.jpg - HIER_DIRECT/162.159.246.58 image/jpeg 1430081870.351 72 192.168.0.70 TCP_MISS/200 2607 GET http://i.wfcdn.de/videos/128/14411.jpg - HIER_DIRECT/162.159.246.58 image/jpeg 1430081870.351 58 192.168.0.70 TCP_MISS/200 8325 GET http://i.wfcdn.de/teaser/210/14525.jpg - HIER_DIRECT/162.159.246.58 image/jpeg 1430081870.571 310 192.168.0.70 TCP_MISS/200 2831 GET http://i.wfcdn.de/teaser/128/454.1.jpg - HIER_DIRECT/162.159.246.58 image/jpeg 1430081870.573 315 192.168.0.70 TCP_MISS/200 3785 GET http://i.wfcdn.de/teaser/128/14997.jpg - HIER_DIRECT/162.159.246.58 image/jpeg 1430081870.577 61 192.168.0.70 TCP_MISS/200 536 GET http://winfuture.de/ajax/now? - HIER_DIRECT/212.53.132.4 application/json 1430081873.324 3029 192.168.0.70 TCP_MISS/200 8941 GET http://i.wfcdn.de/teaser/210/15209.jpg - HIER_DIRECT/162.159.246.58 image/jpeg 1430081873.355 3057 192.168.0.70 TCP_MISS/200 14746 GET http://i.wfcdn.de/teaser/210/15196.png - HIER_DIRECT/162.159.246.58 image/png 1430081873.417 3122 192.168.0.70 TCP_MISS/200 23704 GET http://videos.winfuture.de/14408.jpg - HIER_DIRECT/212.53.132.3 image/jpeg 1430081883.494 51 192.168.0.70 TCP_MISS/200 575 GET http://winfuture.de/ajax/ca/1/6801 - HIER_DIRECT/212.53.132.4 text/html 1430081893.581 69 192.168.0.70 TCP_MISS/200 575 GET http://winfuture.de/ajax/ca/2/5891 - HIER_DIRECT/212.53.132.4 text/html 1430081894.166 25 192.168.0.70 TCP_MISS/200 1460 GET http://i.wfcdn.de/5/favicon.ico - HIER_DIRECT/162.159.246.58 image/x-icon 1430081903.665 60 192.168.0.70 TCP_MISS/200 575 GET http://winfuture.de/ajax/ca/3/2270 - HIER_DIRECT/212.53.132.4 text/html 1430081913.751 68 192.168.0.70 TCP_MISS/200 575 GET http://winfuture.de/ajax/ca/4/0245 - HIER_DIRECT/212.53.132.4 text/html 1430081923.810 45 192.168.0.70 TCP_MISS/200 575 GET http://winfuture.de/ajax/ca/5/2352 - HIER_DIRECT/212.53.132.4 text/html 1430081933.875 53 192.168.0.70 TCP_MISS/200 575 GET http://winfuture.de/ajax/ca/6/8629 - HIER_DIRECT/212.53.132.4 text/html 1430081943.944 57 192.168.0.70 TCP_MISS/200 575 GET http://winfuture.de/ajax/ca/7/9718 - HIER_DIRECT/212.53.132.4 text/html
/var/squid/logs/cache.log
2015/04/26 22:57:14 kid1| Starting Squid Cache version 3.4.10 for amd64-portbld-freebsd10.1... 2015-04-26 22:57:14 [26308] /usr/local/bin/squidGuard: can't write to logfile /var/log/squidGuard/squidGuard.log 2015-04-26 22:57:14 [26308] New setting: logdir: /var/squidGuard/log 2015-04-26 22:57:14 [26308] New setting: dbhome: /var/db/squidGuard 2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_ads/domains 2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_ads/domains.db 2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_blasphemy/domains 2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_blasphemy/domains.db 2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_chanology/domains 2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_chanology/domains.db 2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_cp/domains 2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_cp/domains.db 2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_dating/domains 2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_dating/domains.db 2015-04-26 22:57:14 [24879] /usr/local/bin/squidGuard: can't write to logfile /var/log/squidGuard/squidGuard.log 2015-04-26 22:57:14 [24879] New setting: logdir: /var/squidGuard/log 2015-04-26 22:57:14 [24879] New setting: dbhome: /var/db/squidGuard 2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_ads/domains 2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_ads/domains.db 2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_blasphemy/domains 2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_blasphemy/domains.db 2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_chanology/domains 2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_chanology/domains.db 2015-04-26 22:57:14 [26572] /usr/local/bin/squidGuard: can't write to logfile /var/log/squidGuard/squidGuard.log 2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_cp/domains 2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_cp/domains.db 2015-04-26 22:57:14 [26572] New setting: logdir: /var/squidGuard/log 2015-04-26 22:57:14 [26572] New setting: dbhome: /var/db/squidGuard 2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_ads/domains 2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_ads/domains.db 2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_dating/domains 2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_dating/domains.db 2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_dyn/domains 2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_dyn/domains.db 2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_file/domains 2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_file/domains.db 2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_freeWeb/domains 2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_freeWeb/domains.db 2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_gambling/domains 2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_gambling/domains.db 2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_gaming/domains 2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_gaming/domains.db 2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_image/domains 2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_image/domains.db 2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_malicious/domains 2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_malicious/domains.db 2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_pharmaRX/domains 2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_pharmaRX/domains.db 2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_blasphemy/domains 2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_blasphemy/domains.db 2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_chanology/domains 2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_chanology/domains.db 2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_cp/domains 2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_cp/domains.db 2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_dating/domains 2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_dating/domains.db 2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_dyn/domains 2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_dyn/domains.db 2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_file/domains 2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_file/domains.db 2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_dyn/domains 2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_dyn/domains.db 2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_file/domains 2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_file/domains.db 2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_freeWeb/domains 2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_freeWeb/domains.db 2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_gambling/domains 2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_gambling/domains.db 2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_gaming/domains 2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_gaming/domains.db 2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_piracy/domains 2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_piracy/domains.db 2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_porn/domains 2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_porn/domains.db 2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_prime/domains 2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_prime/domains.db 2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_proxies/domains 2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_proxies/domains.db 2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_freeWeb/domains 2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_freeWeb/domains.db 2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_gambling/domains 2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_gambling/domains.db 2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_gaming/domains 2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_gaming/domains.db 2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_image/domains 2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_image/domains.db 2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_malicious/domains 2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_malicious/domains.db 2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_smedia/domains 2015-04-26 22:57:14 [24879] loading dbfile /var/db/squidGuard/blk_smedia/domains.db 2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_pharmaRX/domains 2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_pharmaRX/domains.db 2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_piracy/domains 2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_piracy/domains.db 2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_porn/domains 2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_porn/domains.db 2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_prime/domains 2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_prime/domains.db 2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_proxies/domains 2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_proxies/domains.db 2015-04-26 22:57:14 [26572] init domainlist /var/db/squidGuard/blk_smedia/domains 2015-04-26 22:57:14 [26572] loading dbfile /var/db/squidGuard/blk_smedia/domains.db 2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_image/domains 2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_image/domains.db 2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_malicious/domains 2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_malicious/domains.db 2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_pharmaRX/domains 2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_pharmaRX/domains.db 2015-04-26 22:57:14 [24879] init domainlist /var/db/squidGuard/blk_tlds_new/domains 2015-04-26 22:57:14 [24666] /usr/local/bin/squidGuard: can't write to logfile /var/log/squidGuard/squidGuard.log 2015-04-26 22:57:14 [27008] /usr/local/bin/squidGuard: can't write to logfile /var/log/squidGuard/squidGuard.log 2015-04-26 22:57:14 [26308] init domainlist /var/db/squidGuard/blk_piracy/domains 2015-04-26 22:57:14 [26308] loading dbfile /var/db/squidGuard/blk_piracy/domains.db 2015-04-26 22:57:14 [24666] New setting: logdir: /var/squidGuard/log 2015-04-26 22:57:14 [24666] New setting: dbhome: /var/db/squidGuard
/var/squidGuard/log/squidGuard.log
2015-04-26 22:57:14 [24666] squidGuard 1.4 started (1430081834.410) 2015-04-26 22:57:14 [24666] squidGuard ready for requests (1430081834.439) 2015-04-26 22:57:14 [24879] squidGuard 1.4 started (1430081834.368) 2015-04-26 22:57:14 [24879] squidGuard ready for requests (1430081834.441) 2015-04-26 22:57:14 [26572] squidGuard 1.4 started (1430081834.370) 2015-04-26 22:57:14 [26572] squidGuard ready for requests (1430081834.444) 2015-04-26 22:57:14 [26308] squidGuard 1.4 started (1430081834.361) 2015-04-26 22:57:14 [26308] squidGuard ready for requests (1430081834.451) 2015-04-26 22:57:14 [25549] squidGuard 1.4 started (1430081834.462) 2015-04-26 22:57:14 [25549] squidGuard ready for requests (1430081834.473) 2015-04-26 22:57:14 [27008] squidGuard 1.4 started (1430081834.415) 2015-04-26 22:57:14 [27008] squidGuard ready for requests (1430081834.482) 2015-04-26 22:57:14 [28268] squidGuard 1.4 started (1430081834.462) 2015-04-26 22:57:14 [28268] squidGuard ready for requests (1430081834.489) 2015-04-26 22:57:14 [24592] squidGuard 1.4 started (1430081834.450) 2015-04-26 22:57:14 [24592] squidGuard ready for requests (1430081834.491) 2015-04-26 22:57:15 [24592] squidGuard stopped (1430081835.986) 2015-04-26 22:57:15 [25549] squidGuard stopped (1430081835.986) 2015-04-26 22:57:15 [26308] squidGuard stopped (1430081835.986) 2015-04-26 22:57:15 [28268] squidGuard stopped (1430081835.987) 2015-04-26 22:57:15 [24666] squidGuard stopped (1430081835.988) 2015-04-26 22:57:15 [24879] squidGuard stopped (1430081835.988) 2015-04-26 22:57:15 [26572] squidGuard stopped (1430081835.988) 2015-04-26 22:57:15 [27008] squidGuard stopped (1430081835.988) 2015-04-26 22:57:16 [60436] squidGuard 1.4 started (1430081836.432) 2015-04-26 22:57:16 [60436] squidGuard ready for requests (1430081836.447) 2015-04-26 22:57:16 [60750] squidGuard 1.4 started (1430081836.466) 2015-04-26 22:57:16 [60750] squidGuard ready for requests (1430081836.480) 2015-04-26 22:57:16 [62581] squidGuard 1.4 started (1430081836.476) 2015-04-26 22:57:16 [62581] squidGuard ready for requests (1430081836.487) 2015-04-26 22:57:16 [60430] squidGuard 1.4 started (1430081836.466) 2015-04-26 22:57:16 [60430] squidGuard ready for requests (1430081836.497) 2015-04-26 22:57:16 [61883] squidGuard 1.4 started (1430081836.483) 2015-04-26 22:57:16 [61883] squidGuard ready for requests (1430081836.498) 2015-04-26 22:57:16 [63879] squidGuard 1.4 started (1430081836.501) 2015-04-26 22:57:16 [63879] squidGuard ready for requests (1430081836.517) 2015-04-26 22:57:16 [61344] squidGuard 1.4 started (1430081836.502) 2015-04-26 22:57:16 [61344] squidGuard ready for requests (1430081836.519) 2015-04-26 22:57:16 [63184] squidGuard 1.4 started (1430081836.507) 2015-04-26 22:57:16 [63184] squidGuard ready for requests (1430081836.521)
I did shorten the cache.log because:
/usr/local/bin/squidGuard: can't write to logfile /var/log/squidGuard/squidGuard.log New setting: logdir: /var/squidGuard/log New setting: dbhome: /var/db/squidGuard
is repeated multiple times?
And no https shows up in the log.
Also find out that if i block port 80 that i can't access my wpad.dat
http://wpad.mydomain.net/wpad.dat
-
Also find out that if i block port 80 that i can't access my wpad.dat
http://wpad.mydomain.net/wpad.dat
Pretty obvious ;)
You must have some granularity and control in the way you allow or block prtocols, especially if you have services running at FW level (like HTTP server)
This can be easily achieved, e.g. by adding rule before the one denying access so that access to FW on port 80 (in order to access wpad.dat) is authorized. -
/usr/local/bin/squidGuard: can't write to logfile /var/log/squidGuard/squidGuard.log
Why is this happening? Are you out of disk space?
Start small and build up. Get WPAD and just Squid working, then move on to squidGuard.
-
Pretty obvious ;)
Not to me cause i thought the FW just blocks stuff going out to the Internet (WAN)
This can be easily achieve, e.g. by adding rule before the one denying access so that access to FW on port 80 (in order to access wpad.dat) is authorized.
Can you explain what to do?
You can see my settings in the attachment above.
If my thoughts are right to i need to put port 80 to the Anti-Lockout Rule?@KOM:
/usr/local/bin/squidGuard: can't write to logfile /var/log/squidGuard/squidGuard.log
Why is this happening? Are you out of disk space?
No "ufs: 23% of 18G"
It already was pain to get it running: https://forum.pfsense.org/index.php?topic=87591.0
Is there a way to temporarily disable squidGuard? -
Is there a way to temporarily disable squidGuard?
Uncheck the Enable box?