How to Read SquidGuard Logs, what does this logs mean to me?



  • Hi guys,

    Im new to PFSense i Setup squid+squidguard.
    both service are running, but squidguard is not blocking sites, i decided to check the logs, but i dont understand what it means. please help me just to read the logs. thanks!

    this is for squid cache.log (partial)
    2015/07/12 15:10:56| Accepting proxy HTTP connections at 192.168.0.1, port 3128, FD 17.
    2015/07/12 15:10:56| Accepting transparently proxied HTTP connections at 127.0.0.1, port 3128, FD 18.
    2015/07/12 15:10:56| Accepting HTCP messages on port 4827, FD 19.
    2015/07/12 15:10:56| Accepting SNMP messages on port 3401, FD 22.
    2015/07/12 15:10:56| WCCP Disabled.
    2015/07/12 15:10:56| Ready to serve requests.
    2015/07/12 15:10:56| Done reading /cache swaplog (585 entries)
    2015/07/12 15:10:56| Finished rebuilding storage from disk.
    2015/07/12 15:10:56|      585 Entries scanned
    2015/07/12 15:10:56|        0 Invalid entries.
    2015/07/12 15:10:56|        0 With invalid flags.
    2015/07/12 15:10:56|      585 Objects loaded.
    2015/07/12 15:10:56|        0 Objects expired.
    2015/07/12 15:10:56|        0 Objects cancelled.
    2015/07/12 15:10:56|        0 Duplicate URLs purged.
    2015/07/12 15:10:56|        0 Swapfile clashes avoided.
    2015/07/12 15:10:56|  Took 0.3 seconds (2130.4 objects/sec).
    2015/07/12 15:10:56| Beginning Validation Procedure
    2015/07/12 15:10:56|  Completed Validation Procedure
    2015/07/12 15:10:56|  Validated 585 Entries
    2015/07/12 15:10:56|  store_swap_size = 12570k
    2015/07/12 15:10:56| storeLateRelease: released 0 objects
    2015/07/12 17:33:32| parseHttpRequest: Unsupported method 'USR'
    2015/07/12 17:33:32| clientTryParseRequest: FD 40 (192.168.0.111:49943) Invalid Request
    2015/07/12 17:34:51| parseHttpRequest: Unsupported method 'USR'
    2015/07/12 17:34:51| clientTryParseRequest: FD 68 (192.168.0.111:50010) Invalid Request
    2015/07/12 17:34:54| parseHttpRequest: Unsupported method 'LSM'
    2015/07/12 17:34:54| clientTryParseRequest: FD 50 (192.168.0.111:50015) Invalid Request
    2015/07/12 17:38:04| parseHttpRequest: Unsupported method 'USR'
    2015/07/12 17:38:04| clientTryParseRequest: FD 28 (192.168.0.111:50126) Invalid Request
    2015/07/12 17:38:08| parseHttpRequest: Unsupported method 'USR'
    2015/07/12 17:38:08| clientTryParseRequest: FD 34 (192.168.0.111:50134) Invalid Request
    2015/07/12 17:40:19| parseHttpRequest: Unsupported method 'USR'
    2015/07/12 17:40:19| clientTryParseRequest: FD 35 (192.168.0.111:50203) Invalid Request
    2015/07/12 17:40:29| parseHttpRequest: Unsupported method 'LSM'
    2015/07/12 17:40:29| clientTryParseRequest: FD 15 (192.168.0.111:50209) Invalid Request
    2015/07/12 17:42:29| parseHttpRequest: Unsupported method 'USR'
    2015/07/12 17:42:29| clientTryParseRequest: FD 29 (192.168.0.111:50223) Invalid Request
    2015/07/12 17:42:31| parseHttpRequest: Unsupported method 'LSM'
    2015/07/12 17:42:31| clientTryParseRequest: FD 35 (192.168.0.111:50226) Invalid Request
    2015/07/12 17:44:20| parseHttpRequest: Unsupported method 'USR'
    2015/07/12 17:44:20| clientTryParseRequest: FD 28 (192.168.0.111:50239) Invalid Request
    2015/07/12 17:44:29| parseHttpRequest: Unsupported method 'LSM'
    2015/07/12 17:44:29| clientTryParseRequest: FD 56 (192.168.0.111:50245) Invalid Request
    2015/07/12 17:46:27| parseHttpRequest: Unsupported method 'USR'
    2015/07/12 17:46:27| clientTryParseRequest: FD 35 (192.168.0.111:50262) Invalid Request
    2015/07/12 17:46:33| parseHttpRequest: Unsupported method 'LSM'
    2015/07/12 17:46:33| clientTryParseRequest: FD 29 (192.168.0.111:50269) Invalid Request
    2015/07/12 17:59:52| parseHttpRequest: Unsupported method 'USR'
    2015/07/12 17:59:52| clientTryParseRequest: FD 76 (192.168.0.104:49666) Invalid Request
    2015/07/12 18:00:19| parseHttpRequest: Unsupported method 'USR'
    2015/07/12 18:00:19| clientTryParseRequest: FD 29 (192.168.0.104:49699) Invalid Request
    2015/07/12 18:00:24| parseHttpRequest: Unsupported method 'USR'
    2015/07/12 18:00:24| clientTryParseRequest: FD 63 (192.168.0.104:49708) Invalid Request
    2015/07/12 18:03:18| parseHttpRequest: Unsupported method 'USR'
    2015/07/12 18:03:18| clientTryParseRequest: FD 15 (192.168.0.104:49720) Invalid Request
    2015/07/12 18:03:21| parseHttpRequest: Unsupported method 'USR'
    2015/07/12 18:03:21| clientTryParseRequest: FD 35 (192.168.0.104:49725) Invalid Request



  • Start from the beginning.  Which version of pfSense, squid, squidguard?  Start with squid first.  Get it to the point where it's processing properly by shelling in and checking /var/squid/logs/access.log in realtime.  Once you know squid is processing, then install and configure squidguard.  Don't use transparent mode, use explicit mode with WPAD instead.


Log in to reply