Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid - No access to uncached Sites

    Cache/Proxy
    2
    8
    1.6k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      marli
      last edited by

      Hello together,

      I am new to pfSense and tried to use squid (use of squidGuard planed).
      I´ve configured squid in the way of those HowTow tutorials, already tried different configurations.

      But as soon as squid is enabled I can not access any Website, but when I disable "allow users on Interface" and also do not enter anything to "allowed subnets" squid works. Those websites are accessible when I recheck "allow users on Interface", but "new websites" still are not.

      Being a newbie, the situation is a little bit hopeless for me, since I do not know how to do "deeper" troubleshooting.
      I would really appreciate some advise. If any further Information is needed, please let me know.

      pfSense-Version: 2.2.6-RELEASE
      squid-Version: 4.3.10
      Host: HP proliant Microserver G7 (not in VM)
      WAN goes to fritz.box
      LAN goes to switch and APs

      regards
      Marcus

      1 Reply Last reply Reply Quote 0
      • KOMK
        KOM
        last edited by

        Did you restart squid or reboot pfSense after installing squid?

        1 Reply Last reply Reply Quote 0
        • M
          marli
          last edited by

          Yes, several times, and after changeing settings too.

          1 Reply Last reply Reply Quote 0
          • KOMK
            KOM
            last edited by

            Use the console option 8 and check /var/squid/logs/cache.log and access.log.  Post screens of your squid config General page.

            1 Reply Last reply Reply Quote 0
            • M
              marli
              last edited by

              Here are my logs:
              access.log:

              1455305829.973      0 192.168.10.54 TCP_DENIED/400 1943 GET NONE:// - NONE/- text/html
              1455305830.370      0 192.168.10.54 TCP_DENIED/400 1889 GET NONE:// - NONE/- text/html
              1455305867.658      0 192.168.10.54 TCP_DENIED/400 1969 GET NONE:// - NONE/- text/html
              1455305867.905      0 192.168.10.54 TCP_DENIED/400 1889 GET NONE:// - NONE/- text/html
              
              

              cache.log:

              016/02/12 21:01:46| Reconfiguring Squid Cache (version 2.7.STABLE9)...
              2016/02/12 21:01:46| FD 16 Closing HTTP connection
              2016/02/12 21:01:46| FD 17 Closing HTTP connection
              2016/02/12 21:01:46| FD 19 Closing HTCP socket
              2016/02/12 21:01:46| FD 20 Closing SNMP socket
              2016/02/12 21:01:46| logfileClose: closing log /var/squid/logs/access.log
              2016/02/12 21:01:46| Including Configuration File: /usr/local/etc/squid/squid.conf (depth 0)
              2016/02/12 21:01:46| Cache dir '/var/squid/cache' size remains unchanged at 10485760 KB
              2016/02/12 21:01:46| Initialising SSL.
              2016/02/12 21:01:46| logfileOpen: opening log /var/squid/logs/access.log
              2016/02/12 21:01:46| Store logging disabled
              2016/02/12 21:01:46| Referer logging is disabled.
              2016/02/12 21:01:46| DNS Socket created at 0.0.0.0, port 6093, FD 13
              2016/02/12 21:01:46| Adding nameserver 127.0.0.1 from /etc/resolv.conf
              2016/02/12 21:01:46| Adding nameserver 8.8.8.8 from /etc/resolv.conf
              2016/02/12 21:01:46| Adding nameserver 8.8.4.4 from /etc/resolv.conf
              2016/02/12 21:01:46| Adding nameserver 192.168.0.1 from /etc/resolv.conf
              2016/02/12 21:01:46| Accepting proxy HTTP connections at 192.168.10.1, port 3128, FD 16.
              2016/02/12 21:01:46| Accepting transparently proxied HTTP connections at 127.0.0.1, port 3128, FD 17.
              2016/02/12 21:01:46| Accepting HTCP messages on port 4827, FD 19.
              2016/02/12 21:01:46| Accepting SNMP messages on port 3401, FD 20.
              2016/02/12 21:01:46| WCCP Disabled.
              2016/02/12 21:01:46| Loaded Icons.
              2016/02/12 21:01:46| Ready to serve requests.
              2016/02/12 21:01:46| Reconfiguring Squid Cache (version 2.7.STABLE9)...
              2016/02/12 21:01:46| FD 16 Closing HTTP connection
              2016/02/12 21:01:46| FD 17 Closing HTTP connection
              2016/02/12 21:01:46| FD 19 Closing HTCP socket
              2016/02/12 21:01:46| FD 20 Closing SNMP socket
              2016/02/12 21:01:46| logfileClose: closing log /var/squid/logs/access.log
              2016/02/12 21:01:46| Including Configuration File: /usr/local/etc/squid/squid.conf (depth 0)
              2016/02/12 21:01:46| Cache dir '/var/squid/cache' size remains unchanged at 10485760 KB
              2016/02/12 21:01:46| Initialising SSL.
              2016/02/12 21:01:46| logfileOpen: opening log /var/squid/logs/access.log
              2016/02/12 21:01:46| Store logging disabled
              2016/02/12 21:01:46| Referer logging is disabled.
              2016/02/12 21:01:46| DNS Socket created at 0.0.0.0, port 36502, FD 13
              2016/02/12 21:01:46| Adding nameserver 127.0.0.1 from /etc/resolv.conf
              2016/02/12 21:01:46| Adding nameserver 8.8.8.8 from /etc/resolv.conf
              2016/02/12 21:01:46| Adding nameserver 8.8.4.4 from /etc/resolv.conf
              2016/02/12 21:01:46| Adding nameserver 192.168.0.1 from /etc/resolv.conf
              2016/02/12 21:01:46| Accepting proxy HTTP connections at 192.168.10.1, port 3128, FD 16.
              2016/02/12 21:01:46| Accepting transparently proxied HTTP connections at 127.0.0.1, port 3128, FD 17.
              2016/02/12 21:01:46| Accepting HTCP messages on port 4827, FD 19.
              2016/02/12 21:01:46| Accepting SNMP messages on port 3401, FD 20.
              2016/02/12 21:01:46| WCCP Disabled.
              2016/02/12 21:01:46| Loaded Icons.
              2016/02/12 21:01:46| Ready to serve requests.
              
              

              What do you mean with console option 8???

              Pics attached

              squid-general_1.jpg
              squid-general_1.jpg_thumb
              squid-general_2.jpg
              squid-general_2.jpg_thumb

              1 Reply Last reply Reply Quote 0
              • KOMK
                KOM
                last edited by

                Console option 8 is the pfSense console… what you see on your monitor for your pfsense PC or appliance, not the WebGUI.

                It looks like it's running ok.  You have to allow users on the interface or nothing will work.  Which squid did you install?  Your interface looks a bit different from mine, which makes me wonder if you installed ancient squid instead of squid3.

                1 Reply Last reply Reply Quote 0
                • M
                  marli
                  last edited by

                  I installed the squid Package from the Package-Installer inside pfSense, see attached pic.

                  packages.jpg
                  packages.jpg_thumb

                  1 Reply Last reply Reply Quote 0
                  • KOMK
                    KOM
                    last edited by

                    OK, get rid of that and install the squid3 package.  That's your problem.  That package is for squid2 which is ancient and I'm not even sure it works properly.  Your eperiences seem to confirm that something weird is going on.  The squid3 package is the only one really being maintained moving forward, so you should use that one.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.