Hi all,
I am following this tutorial to set up web filtering on my OPNsense instance: https://docs.opnsense.org/manual/how-tos/proxywebfilter.html
But UT1 blacklist is not showing any category after I successfully download and apply the list.
Please help!
Now I can't even start Squid service. Here's the error message:
Starting squid.
CPU Usage: 5.075 seconds = 4.996 user + 0.079 sys
Maximum Resident Size: 1308160 KB
Page faults with physical i/o: 0
2024/12/10 13:27:02| Processing Configuration File: /usr/local/etc/squid/squid.conf (depth 0)
2024/12/10 13:27:02| Starting Authentication on port 127.0.0.1:3128
2024/12/10 13:27:02| Disabling Authentication on port 127.0.0.1:3128 (interception enabled)
2024/12/10 13:27:02| Starting Authentication on port [::1]:3128
2024/12/10 13:27:02| Disabling Authentication on port [::1]:3128 (interception enabled)
2024/12/10 13:27:02| Starting Authentication on port 127.0.0.1:3129
2024/12/10 13:27:02| Disabling Authentication on port 127.0.0.1:3129 (interception enabled)
2024/12/10 13:27:02| Starting Authentication on port [::1]:3129
2024/12/10 13:27:02| Disabling Authentication on port [::1]:3129 (interception enabled)
2024/12/10 13:27:02| WARNING: empty ACL: acl bump_nobumpsites ssl::server_name "/usr/local/etc/squid/nobumpsites.acl"
2024/12/10 13:27:02| Starting Authentication on port 127.0.0.1:2121
2024/12/10 13:27:02| Disabling Authentication on port 127.0.0.1:2121 (interception enabled)
2024/12/10 13:27:02| Starting Authentication on port [::1]:2121
2024/12/10 13:27:02| Disabling Authentication on port [::1]:2121 (interception enabled)
2024/12/10 13:27:07| ERROR: '.ai-nude.adult' is a subdomain of '.adult'
2024/12/10 13:27:07| ERROR: You need to remove '.ai-nude.adult' from the ACL named 'remoteblacklist_ut1'
2024/12/10 13:27:07| Not currently OK to rewrite swap log.
2024/12/10 13:27:07| storeDirWriteCleanLogs: Operation aborted.
2024/12/10 13:27:07| FATAL: Bungled /usr/local/etc/squid/squid.conf line 72: acl remoteblacklist_ut1 dstdomain "/usr/local/etc/squid/acl/ut1"
2024/12/10 13:27:07| Squid Cache (Version 6.10): Terminated abnormally.
/usr/local/etc/rc.d/squid: WARNING: failed to start squid
You are correct, that seems like a bug. Obviously, the UI does not correctly extract the categories after download of the ACLs. One can see that they are fetched correctly by looking at more /usr/local/etc/squid/acl/UT1.index.
You should raise an issue here (https://github.com/opnsense/plugins).
The second error is a misconfiguration and the error messages clearly state which.
@Q3tNHn - I have same error when i upgraded my OPNSense to 24.7.10.
I thought my proxy corrupted and now i can see not only me.
Please OPnsense, help us fix this bug please
I can almost guarantee you that there will be no fix unless someone reports a bug on Github. I do not use that feature, so I won't.
Issue has been submitted and confirmed: https://github.com/opnsense/plugins/issues/4392
Edit 2024-12-27: By the way, I manage an other OPNSense firewall in 24.1 version and it's able to manage categories, read list and so on... a bug is probably the cause in 24.7 version.
Hello,
I also have the same issue with the 24.7.11_2.
Cross finger that will be fixed soon 🤞
Me too.
Using 25.1.4 version and list UT1: categories are back.
Seems to be ok now.