OPNsense Forum

English Forums => Web Proxy Filtering and Caching => Topic started by: rbarceloss on January 18, 2018, 01:31:19 pm

Title: Squid don´t feed access.log file
Post by: rbarceloss on January 18, 2018, 01:31:19 pm
I have a problem with my fresh new OPNsense, I just start to play with OPNsense at 2 days ago, and after some configs and updates to the last realese version I activate WebProxy. But my /var/log/squid/access.log still clean. cache.log and store.log have data. I already activated the proxy, and local cache, I surf by these proxy and no data of access. Someone have any clue about my problem?

File /usr/local/etc/squidsquid.conf
Code: [Select]
#
# Automatic generated configuration for Squid.
# Do not edit this file manually.
#


# Setup transparent mode listeners on loopback interfaces
http_port 127.0.0.1:3128 intercept
http_port [::1]:3128 intercept

# Setup regular listeners configuration
http_port 189.84.217.165:3128 
http_port 10.10.10.5:3128 


acl ftp proto FTP
http_access allow ftp


# Setup ftp proxy

# Rules allowing access from your local networks.
# Generated list of (internal) IP networks from where browsing
# should be allowed. (Allow interface subnets).
acl localnet src 189.84.217.160/29 # Possible internal network (interfaces v4)
acl localnet src 10.10.10.0/24 # Possible internal network (interfaces v4)
# Default allow for local-link and private networks
acl localnet src fc00::/7       # RFC 4193 local private network range
acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines

# ACL lists

# ACL - Remote fetched Blacklist (remoteblacklist)
acl remoteblacklist_ShallaBlackList dstdomain "/usr/local/etc/squid/acl/ShallaBlackList"

# ACL - Block browser/user-agent - User defined (browser)

# ACL - SSL ports, default are configured in config.xml
# Configured SSL ports (if defaults are not listed, then they have been removed from the configuration!):
acl SSL_ports port 443 # https

# Default Safe ports are now defined in config.xml
# Configured Safe ports (if defaults are not listed, then they have been removed from the configuration!):
# ACL - Safe_ports
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

# ICAP SETTINGS
# disable icap
icap_enable off

# Pre-auth plugins
include /usr/local/etc/squid/pre-auth/*.conf

# Authentication Settings





# ACL list (Deny) remoteblacklist_ShallaBlackList
http_access deny remoteblacklist_ShallaBlackList



# Deny requests to certain unsafe ports

http_access deny !Safe_ports
# Deny CONNECT to other than secure SSL ports

http_access deny CONNECT !SSL_ports

# Only allow cachemgr access from localhost
http_access allow localhost manager
http_access deny manager

# We strongly recommend the following be uncommented to protect innocent
# web applications running on the proxy server who think the only
# one who can access services on "localhost" is a local user
http_access deny to_localhost


# Auth plugins
include /usr/local/etc/squid/auth/*.conf

#
# Access Permission configuration:
#
# Deny request from unauthorized clients

#
# ACL - localnet - default these include ranges from selected interfaces (Allow local subnets)
http_access allow localnet

# ACL - localhost
http_access allow localhost

# Deny all other access to this proxy
http_access deny all
# Post-auth plugins
include /usr/local/etc/squid/post-auth/*.conf

# Caching settings
cache_mem 256 MB
cache_dir ufs /var/squid/cache 100 16 256

# Leave coredumps in the first cache dir
coredump_dir /var/squid/cache

#
# Add any of your own refresh_pattern entries above these.
#

# http://wiki.squid-cache.org/SquidFaq/WindowsUpdate
refresh_pattern -i microsoft.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip)     4320 80% 129600 reload-into-ims
refresh_pattern -i windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 129600 reload-into-ims
refresh_pattern -i windows.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip)       4320 80% 129600 reload-into-ims

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320

# Squid Options

logformat opnsense      %>a %[ui %>eui %[un [%tl] "%rm %ru HTTP/%rv" %>Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
access_log stdio:/var/log/squid/access.log opnsense
cache_store_log stdio:/var/log/squid/store.log
# URI hanlding with Whitespaces (default=strip)
uri_whitespace strip
# Disable squid logfile rotate to use system defaults
logfile_rotate 0
# Define visible hostname
visible_hostname localhost
# Define visible email
cache_mgr admin@localhost.local
Title: Re: Squid don´t feed access.log file
Post by: franco on January 19, 2018, 05:02:05 pm
Do you have the NAT rules in place?


Cheers,
Franco
Title: Re: Squid don´t feed access.log file
Post by: fabian on January 20, 2018, 11:07:41 am
And have you enabled the log file?
Title: Re: Squid don´t feed access.log file
Post by: franco on January 20, 2018, 08:46:43 pm
Access log should be enabled by default. Use it for making sure the traffic hits the transparent proxy. ;)