Thanks for your reply.
In the access log the http site does get logged correct one time.
The second time nothing is logged. When i call the https one line get logged with a time out i gues.
In the access log i get two errors that FD22 an FD24 already in use is.
2012/06/27 19:32:11| Starting Squid Cache version 3.1.20 for amd64-portbld-freebsd8.1...
2012/06/27 19:32:11| Process ID 2482
2012/06/27 19:32:11| With 11095 file descriptors available
2012/06/27 19:32:11| Initializing IP Cache...
2012/06/27 19:32:11| DNS Socket created at [::], FD 11
2012/06/27 19:32:11| DNS Socket created at 0.0.0.0, FD 12
2012/06/27 19:32:11| Adding domain annamaria.nl from /etc/resolv.conf
2012/06/27 19:32:11| Adding nameserver 127.0.0.1 from /etc/resolv.conf
2012/06/27 19:32:11| Adding nameserver 194.151.228.18 from /etc/resolv.conf
2012/06/27 19:32:11| Adding nameserver 172.16.2.22 from /etc/resolv.conf
2012/06/27 19:32:11| Adding nameserver 172.16.2.20 from /etc/resolv.conf
2012/06/27 19:32:11| Adding nameserver 194.151.228.34 from /etc/resolv.conf
2012/06/27 19:32:11| User-Agent logging is disabled.
2012/06/27 19:32:11| Referer logging is disabled.
2012/06/27 19:32:11| Unlinkd pipe opened on FD 17
2012/06/27 19:32:11| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
2012/06/27 19:32:11| Store logging disabled
2012/06/27 19:32:11| Swap maxSize 102400 + 8192 KB, estimated 8507 objects
2012/06/27 19:32:11| Target number of buckets: 425
2012/06/27 19:32:11| Using 8192 Store buckets
2012/06/27 19:32:11| Max Mem size: 8192 KB
2012/06/27 19:32:11| Max Swap size: 102400 KB
2012/06/27 19:32:11| Version 1 of swap file with LFS support detected...
2012/06/27 19:32:11| Rebuilding storage in /var/squid/cache (DIRTY)
2012/06/27 19:32:11| Using Least Load store dir selection
2012/06/27 19:32:11| Current Directory is /etc
2012/06/27 19:32:11| Loaded Icons.
2012/06/27 19:32:11| helperOpenServers: Starting 0/0 'ssl_crtd' processes
2012/06/27 19:32:11| helperOpenServers: No 'ssl_crtd' processes needed.
2012/06/27 19:32:11| Accepting HTTP connections at 172.16.0.23:8090, FD 20.
2012/06/27 19:32:11| Accepting accelerated HTTP connections at xx.xx.xx.xx:80, FD 21.
2012/06/27 19:32:11| commBind: Cannot bind socket FD 22 to xx.xx.xx.xx:80: (48) Address already in use
2012/06/27 19:32:11| Accepting HTTPS connections at xx.xx.xx.xx:443, FD 23.
2012/06/27 19:32:11| commBind: Cannot bind socket FD 24 to xx.xx.xx.xx:443: (48) Address already in use
2012/06/27 19:32:11| Accepting ICP messages at [::]:7, FD 25.
2012/06/27 19:32:11| HTCP Disabled.
2012/06/27 19:32:11| Configuring Parent 172.16.2.48/8080/0
2012/06/27 19:32:11| Configuring Parent 172.16.2.48/8443/0
2012/06/27 19:32:11| Ready to serve requests.
2012/06/27 19:32:11| Done reading /var/squid/cache swaplog (263 entries)
2012/06/27 19:32:11| Finished rebuilding storage from disk.
2012/06/27 19:32:11| 263 Entries scanned
2012/06/27 19:32:11| 0 Invalid entries.
2012/06/27 19:32:11| 0 With invalid flags.
2012/06/27 19:32:11| 263 Objects loaded.
2012/06/27 19:32:11| 0 Objects expired.
2012/06/27 19:32:11| 0 Objects cancelled.
2012/06/27 19:32:11| 0 Duplicate URLs purged.
2012/06/27 19:32:11| 0 Swapfile clashes avoided.
2012/06/27 19:32:11| Took 0.03 seconds (9953.83 objects/sec).
2012/06/27 19:32:11| Beginning Validation Procedure
2012/06/27 19:32:11| Completed Validation Procedure
2012/06/27 19:32:11| Validated 551 Entries
2012/06/27 19:32:11| store_swap_size = 742
2012/06/27 19:32:12| storeLateRelease: released 0 objects
So i still cannot find what i'am doing wrong. Can you help me more?
# This file is automatically generated by pfSense
# Do not edit manually !
http_port 172.16.0.23:8090
icp_port 7
pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
error_default_language nl
icon_directory /usr/local/etc/squid/icons
visible_hostname localhost
cache_mgr admin@localhost
access_log /var/squid/logs/access.log
cache_log /var/squid/logs/cache.log
cache_store_log none
sslcrtd_children 0
logfile_rotate 14
shutdown_lifetime 3 seconds
# Allow local network(s) on interface(s)
acl localnet src 172.16.0.0/16
uri_whitespace strip
# Break HTTP standard for flash videos. Keep them in cache even if asked not to.
refresh_pattern -i \.flv$ 10080 90% 999999 ignore-no-cache override-expire ignore-private
# Let the clients favorite video site through with full caching
acl youtube dstdomain .youtube.com
cache allow youtube
cache_mem 8 MB
maximum_object_size_in_memory 32 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
cache_dir ufs /var/squid/cache 100 16 256
minimum_object_size 0 KB
maximum_object_size 4 KB
offline_mode offcache_swap_low 90
cache_swap_high 95
acl donotcache dstdomain "/var/squid/acl/donotcache.acl"
cache deny donotcache
# Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
# No redirector configured
#Remote proxies
# Setup some default acls
acl allsrc src all
acl localhost src 127.0.0.1/32
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 85 3128 1025-65535
acl sslports port 443 563 85
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl allowed_subnets src 172.16.0.0/16 172.17.20.0/24 172.17.30.0/24 172.17.40.0/24 172.17.50.0/24 172.17.60.0/24 172.17.70.0/24 172.17.80.0/24
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports
# Always allow localhost connections
http_access allow localhost
quick_abort_min -1 KB
quick_abort_max 0 KB
request_body_max_size 0 KB
reply_body_max_size 4194304 KB allsrc
delay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_initial_bucket_level 100
# Throttle extensions matched in the url
acl throttle_exts urlpath_regex -i "/var/squid/acl/throttle_exts.acl"
delay_access 1 allow throttle_exts
delay_access 1 deny allsrc
# Reverse Proxy settings
http_port xx.xx.xx:80 accel defaultsite=vibe.domain.ext vhost
https_port xx.xx.xx.xx:443 accel cert=/usr/local/etc/squid/4fe475cabe502.crt key=/usr/local/etc/squid/4fe475cabe502.key defaultsite=vibe.domain.ext
http_port xx.xx.xx.xx:80 accel defaultsite=vibe.domain.ext vhost
https_port xx.xx.xx.xx:443 accel cert=/usr/local/etc/squid/4fe475cabe502.crt key=/usr/local/etc/squid/4fe475cabe502.key defaultsite=vibe.domain.ext#
cache_peer 172.16.2.48 parent 8080 0 proxy-only no-query originserver login=PASS name=HOST1
#
cache_peer 172.16.2.48 parent 8443 0 proxy-only no-query originserver login=PASS ssl sslflags=DONT_VERIFY_PEER front-end-https=auto name=HOST2
acl URI1 url_regex -i
http://vibe.domain.ext/.*$
acl URI2 url_regex -i
https://vibe.domain.ext/.*$
cache_peer_access HOST1 allow URI1
cache_peer_access HOST2 allow URI2
cache_peer_access HOST1 deny allsrc
cache_peer_access HOST2 deny allsrc
never_direct allow URI1
never_direct allow URI2
http_access allow URI1
http_access allow URI2
deny_info TCP_RESET allsrc
# Custom options
# Setup allowed acls
# Allow local network(s) on interface(s)
http_access allow allowed_subnets
http_access allow localnet
# Default block all to be sure
http_access deny allsrc
pfSense Forum
