I am cracking my head for an error,almost 2 weeks.Please help me to fix it.
squid: /usr/local/etc/squid/squid.conf:107 unrecognized: 'insert'
After Upgrading my pfsense to 2.2.2
Thanks In advance…
Have you tried looking at the /usr/local/etc/squid/squid.conf file at line 107 to see what it says?
Please find the squid.conf file below:**
/usr/local/etc/squid: cat squid.conf
http_port 127.0.0.1:3128 transparent
shutdown_lifetime 3 seconds
acl localnet src 192.168.10.0/255.255.255.0
cache_mem 8 MB
maximum_object_size_in_memory 32 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
cache_dir aufs /var/squid/cache 100 16 256
minimum_object_size 0 KB
maximum_object_size 4 KB
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 2851 3128 1025-65535
acl sslports port 443 563 2851
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl dynamic urlpath_regex cgi-bin ?
acl unrestricted_hosts src "/var/squid/acl/unrestricted_hosts.acl"
acl whitelist dstdom_regex -i "/var/squid/acl/whitelist.acl"
acl blacklist dstdom_regex -i "/var/squid/acl/blacklist.acl"
cache deny dynamic
http_access allow manager localhost
acl ext_manager_1 src 127.0.0.1
http_access allow manager ext_manager_1
acl ext_manager_2 src 192.168.10.2
http_access allow manager ext_manager_2
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports
http_access allow localhost
request_body_max_size 0 KB
reply_body_max_size 0 deny all
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_access 1 allow all
redirect_program /usr/pbi/squidguard-i386/bin/squidGuard -c /usr/pbi/squidguard-i386/etc/squidGuard/squidGuard.conf
url_rewrite_program /usr/pbi/squidguard-i386/bin/squidGuard -c /usr/pbi/squidguard-i386/etc/squidGuard/squidGuard.conf
url_rewrite_children 16 startup=8 idle=4 concurrency=0
http_access allow unrestricted_hosts
http_access allow whitelist
http_access deny blacklist
http_access allow localnet
http_access deny all
There is only one instance of 'insert' in the entire config. I don't think that putting the 'insert' before 'ignore_expect_100' is valid - at least I can't find any mention of it in any configs I've seen or found elsewhere. You could try removing the 'insert' bit, leaving 'ignore_expect_100' and see if that sorts it. Yes, I know the file says 'do not edit manually', but it could be worth trying just to see if it resolves the error initially. If so, find the setting in the GUI which sets this option and un-tick it.
After making changes in squid.conf I am getting below error:
May 28 12:28:18 squid: Bungled squid.conf line 77: ignore_expect_100
May 28 12:27:51 php-fpm: /rc.filter_configure_sync: SQUID is installed but not started. Not installing "filter" rules.
May 28 12:27:51 php-fpm: /rc.filter_configure_sync: SQUID is installed but not started. Not installing "pfearly" rules.
May 28 12:27:51 php-fpm: /rc.filter_configure_sync: SQUID is installed but not started. Not installing "nat" rules.
May 28 12:27:50 check_reload_status: Reloading filter
Ok, so it looks like the 'insert' is required.
When you upgraded your pfSense system did you remove the Squid package and re-install after upgrading? If you have a look at this link, there is a mention that upgrading your system without removing any packages first can lead to problems: https://doc.pfsense.org/index.php/Upgrade_Guide#Packages
If not, try removing the Squid package completely, backup your config, re-install pfSense afresh, restoring your config from the backup taken and then re-install Squid. See if that does the trick.
Can any one guide me how to setup "site to site openvpn in pfSense with DHCP".I very new to pfsense.
Thanks and regards,
KOM last edited by
Problem Solved, thanks for the support…..
I have re-installed squid package and squid gaurd
its worked charm.......