The pfSense Store

Author Topic: squid3 - New GUI with sync, normal and reverse proxy  (Read 106045 times)

0 Members and 1 Guest are viewing this topic.

Offline marcelloc

  • Hero Member
  • *****
  • Posts: 9930
    • View Profile
squid3 - New GUI with sync, normal and reverse proxy
« on: April 13, 2012, 11:53:53 pm »
Hi all,

I've merged squid-rever and squid3 in only one package for pfsense 2.0 with reverse options in a brand new service-> reverse proxy menu as well XMLRPC sync options.

Before package install/reinstall/upgrade, backup you config(just in case) especially reverse proxy config.

I've tested 02 days without issues.  :)

att,
Marcello Coutinho
« Last Edit: April 14, 2012, 12:20:52 am by marcelloc »

Offline Donny

  • Jr. Member
  • **
  • Posts: 71
    • View Profile
Re: squid3 - New GUI with sync, normal and reverse proxy
« Reply #1 on: April 14, 2012, 01:53:33 am »
Hello, I have some question. The screenshot above are reference to use for Web Server. For environment network without web server, Can I use its for regular normal with Sarg, Squid proxy and Dansguardian?
(at Reverse Proxy server: General > General tab) I am a little bit confused.

Thank u

Offline marcelloc

  • Hero Member
  • *****
  • Posts: 9930
    • View Profile
Re: squid3 - New GUI with sync, normal and reverse proxy
« Reply #2 on: April 14, 2012, 04:52:52 am »
For normal proxy use proxy server menu. Reverse proxy is just to publish your web servers to internet.

Offline Matthias

  • Jr. Member
  • **
  • Posts: 71
    • View Profile
Re: squid3 - New GUI with sync, normal and reverse proxy
« Reply #3 on: April 14, 2012, 06:23:47 pm »
Crashes if I try to access either the Services > Proxy Server or Services > Reverse Proxy with this error:

Warning: dir(/usr/local/etc/squid/errors/): failed to open dir: No such file or directory in /etc/inc/pfsense-utils.inc on line 432 Fatal error: Call to a member function read() on a non-object in /etc/inc/pfsense-utils.inc on line 433

Offline marcelloc

  • Hero Member
  • *****
  • Posts: 9930
    • View Profile
Re: squid3 - New GUI with sync, normal and reverse proxy
« Reply #4 on: April 14, 2012, 07:07:19 pm »
What pfsense version are you using?

Pfsense util calls are the same from squid2

Offline Matthias

  • Jr. Member
  • **
  • Posts: 71
    • View Profile
Re: squid3 - New GUI with sync, normal and reverse proxy
« Reply #5 on: April 14, 2012, 07:09:19 pm »
2.1-DEVELOPMENT (i386)
built on Fri Apr 13 21:32:08 EDT 2012
FreeBSD 8.3-RELEASE

Offline marcelloc

  • Hero Member
  • *****
  • Posts: 9930
    • View Profile
Re: squid3 - New GUI with sync, normal and reverse proxy
« Reply #6 on: April 14, 2012, 07:20:23 pm »
2.1-DEVELOPMENT (i386)
built on Fri Apr 13 21:32:08 EDT 2012
FreeBSD 8.3-RELEASE

I've tested right now with

2.1-DEVELOPMENT (amd64)
built on Fri Apr 13 16:24:04 EDT 2012
FreeBSD 8.3-RELEASE

with no issues.

Squid 3 do not have pfsense 2.1 pbi packages yet, so you need to manual install squid3.

i386
pkg_add -rf http://files.pfsense.org/packages/8/All/squid-3.1.19.tbz

amd64
pkg_add -rf http://files.pfsense.org/packages/amd64/8/All/squid-3.1.19.tbz
« Last Edit: April 14, 2012, 07:36:02 pm by marcelloc »

Offline Matthias

  • Jr. Member
  • **
  • Posts: 71
    • View Profile
Re: squid3 - New GUI with sync, normal and reverse proxy
« Reply #7 on: April 14, 2012, 07:27:52 pm »
Seems to be working so far.

Offline Nachtfalke

  • Hero Member
  • *****
  • Posts: 2752
    • View Profile
Re: squid3 - New GUI with sync, normal and reverse proxy
« Reply #8 on: April 15, 2012, 05:17:07 am »
hi marcelloc,

nice to see that there is now just only one package and not two like it was with squid2 and squid-reverse.
If I am not completely wrong - you made some changes on the GUI (re-order some options), right ? But you didn't add any relevant new options?

Another question is:

I am using squid2 at the moment with squidguard and many custom options.
If I update to squid3 - should I pay attention on the custom options ? In the new GUI there are two text boxes - one for custom options - and another one for squidguard / havp options. Will they be "imported" correctly when updating?

PS: Not really related to this topic - but will there be a dansguardian version which uses squid3 or better not forces any version of squid ?

Thank you for the very hard work - on all the many different packages :-)

Offline Donny

  • Jr. Member
  • **
  • Posts: 71
    • View Profile
Re: squid3 - New GUI with sync, normal and reverse proxy
« Reply #9 on: April 15, 2012, 06:38:54 am »
Hello all, I just clean install pfSense (i386) and also I have installed Squid3 and Dansguardian. After that I reboot pfsense system. I got some warning on pfSense console like this:

Waring: Invalid argument supplied for foreach() in /usr/local/pkg/squid_reverse.inc on line 103
Waring: Invalid argument supplied for foreach() in /usr/local/pkg/squid_reverse.inc on line 146

There is some bug in Squid3 (squid_reverse.inc) on the line 103 and 146.
Again for Dansguardian does not appear on services menu (Services > .......),after I installed. I have to reinstall it and then appear on the services menu.

Also Squid and Perl have two version installed. Uninstall and reinstall, it is the same.

Any idea.
« Last Edit: April 15, 2012, 08:22:28 am by Donny »

Offline harish

  • Newbie
  • *
  • Posts: 3
    • View Profile
Re: squid3 - New GUI with sync, normal and reverse proxy
« Reply #10 on: April 15, 2012, 08:03:26 am »
me too having this issue

Waring: Invalid argument supplied for foreach() in /usr/local/pkg/squid_reverse.inc on line 103
Waring: Invalid argument supplied for foreach() in /usr/local/pkg/squid_reverse.inc on line 146

and squidguard service does not startup in my case

Offline marcelloc

  • Hero Member
  • *****
  • Posts: 9930
    • View Profile
Re: squid3 - New GUI with sync, normal and reverse proxy
« Reply #11 on: April 15, 2012, 08:09:14 am »
nice to see that there is now just only one package and not two like it was with squid2 and squid-reverse.
If I am not completely wrong - you made some changes on the GUI (re-order some options), right ? But you didn't add any relevant new options?
There are new options just on reverse menu. Instead of text config, squid-reverse has config screens for peers and mappings.

I am using squid2 at the moment with squidguard and many custom options.
If I update to squid3 - should I pay attention on the custom options ?In the new GUI there are two text boxes - one for custom options - and another one for squidguard / havp options. Will they be "imported" correctly when updating?
They will stay all on Integration field.
After squid3 install, you can move your options from integration field to custom fields using a better viewing one per line option.
example:
integration field:
Code: [Select]
auth_param ntlm program /usr/lib/squid/ntlm_auth --helper-protocol=squid-2.5-ntlmssp;auth_param basic program /usr/lib/squid/ntlm_auth --helper-protocol=squid-2.5-basic;auth_param basic children 5;auth_param basic realm Squid;proxy-caching web server;auth_param basic credentialsttl 2 hours
can be moved to:
Code: [Select]
#ntlm auth
auth_param ntlm program /usr/lib/squid/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param basic program /usr/lib/squid/ntlm_auth --helper-protocol=squid-2.5-basic
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
on custom field

PS: Not really related to this topic - but will there be a dansguardian version which uses squid3 or better not forces any version of squid ?

You can use this if you remeber to install squid3 after dansguardian or squidguard.
« Last Edit: April 15, 2012, 08:31:53 am by marcelloc »

Offline marcelloc

  • Hero Member
  • *****
  • Posts: 9930
    • View Profile
Re: squid3 - New GUI with sync, normal and reverse proxy
« Reply #12 on: April 15, 2012, 08:11:26 am »
Waring: Invalid argument supplied for foreach() in /usr/local/pkg/squid_reverse.inc on line 103
Waring: Invalid argument supplied for foreach() in /usr/local/pkg/squid_reverse.inc on line 146

and squidguard service does not startup in my case

I'll check it today.

Try to apply squidguard config again and then re-apply squid config.

To workaround squid-reverse error, just select a interface on in and fill up host fqdn. It will not enable reverse proxy but will create xml config that stops inc errors at line 103 and 146.


I've included some checks on squid-reverse.inc file. I'm just doing some tests before publishing this patch.

Thanks for your feedback.
« Last Edit: April 15, 2012, 08:16:31 am by marcelloc »

Offline marcelloc

  • Hero Member
  • *****
  • Posts: 9930
    • View Profile
Re: squid3 - New GUI with sync, normal and reverse proxy
« Reply #13 on: April 15, 2012, 08:25:27 am »
Also Squid and Perl have two version installed. Uninstall and reinstall, it is the same.

Squidguard as well dansguardian force squid2 install.

To avoid squid3 overwrite, install squid3 package after squidguard or dansguardian.

Offline marcelloc

  • Hero Member
  • *****
  • Posts: 9930
    • View Profile
Re: squid3 - New GUI with sync, normal and reverse proxy
« Reply #14 on: April 15, 2012, 08:29:20 am »
I've just pushed squid_reverse.inc fix.

Upgrade to squid3 pkg v 2.0.1 and see if it fixes inc errors.