Messages

Thanks, Franko ! It's working now.

Thanks !

Looks like it's working. I have another question, though: should i uninstall the patch before installing the next update, or can is install the update right away once it is released ?

Tor binds only to interface's main IP, but not to virtual IP. Please provide the possibility to bind TOR to virtual IPs to make it usable in HA scenario.

Sorry, i'm stupid. But also, that's an unfinished feature from developer side.

Well, tor binds to interface main address, but not to virtual ip. While i have a HA config with CARP, i tried to use a CARP ip, so i subsequently got nothing.

Due to this i've got a feature request: please make tor bindable to virtual IPs.

Sorry. It had started after second reboot. But now i can't use it. I've created an ACL for my LAN network, Configured browser to use GW address with port 9050 as proxy, but it's not working. I've got only timeouts.

Well, i installed the plugin, rebooted, assigned interfaces like it was said in howto, enabled service, and... "root: /usr/local/etc/rc.d/tor: WARNING: failed to start tor". I don't have a clue what i should to to make it start. I can't even find it's logs.

Please advise.

Looks like this does the trick.

Also, while i was waiting for the answer, i looked into c-icap configs and found string "virus_scan?allow204=on&mode=simple", that also worked.

Request and response string is now "icap://127.0.0.1:1344/avscan/".

access.log:
--------------------------------------------------------
18/Oct/2017:18:21:48 +0300, 127.0.0.1 127.0.0.1 OPTIONS avscan/ 404
18/Oct/2017:18:24:29 +0300, 127.0.0.1 127.0.0.1 OPTIONS avscan/ 404
--------------------------------------------------------

Looks like it is still not working.

Here they are:

Server.log:

Tue Oct 17 22:00:10 2017, main proc, Possibly a term signal received. Monitor process going to term all children
Tue Oct 17 22:00:12 2017, main proc, Error converting ipv6 address to the network byte order
Tue Oct 17 22:00:12 2017, main proc, WARNING! Error binding to an ipv6 address. Trying ipv4...
Tue Oct 17 22:00:13 2017, 14669/348217344, recomputing istag ...
Tue Oct 17 22:00:13 2017, 15001/348217344, recomputing istag ...
Tue Oct 17 22:00:13 2017, 15222/348217344, recomputing istag ...
Tue Oct 17 22:05:53 2017, main proc, Possibly a term signal received. Monitor process going to term all children
Tue Oct 17 22:10:14 2017, main proc, Error converting ipv6 address to the network byte order
Tue Oct 17 22:10:14 2017, main proc, WARNING! Error binding to an ipv6 address. Trying ipv4...
Tue Oct 17 22:10:49 2017, 68377/687955968, recomputing istag ...
Tue Oct 17 22:10:49 2017, 68409/687955968, recomputing istag ...
Tue Oct 17 22:10:49 2017, 68251/687955968, recomputing istag ...

Access.log:

17/Oct/2017:22:00:55 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:04:55 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:16:28 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:20:44 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:23:44 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:26:44 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:29:44 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:33:49 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:36:49 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:40:18 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:44:18 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:48:18 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:52:47 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:22:55:47 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:23:00:18 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:23:04:47 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:23:10:18 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:23:15:18 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:23:20:18 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:23:25:18 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:23:30:18 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:23:33:55 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404
17/Oct/2017:23:36:55 +0300, 127.0.0.1 127.0.0.1 OPTIONS reqmod 404

Installed 2 opn 17.7.5 boxes in HA config. The problem came up when i tried to attach ClamAV to Squid. Well, i installed Web Proxy, C-icap and ClamAV plugins, enabled c-icap, told Squid to use c-icap... And got an error:

------------------------------------------------------------------------
The following error was encountered while trying to retrieve the URL: http://www.ya.ru/


ICAP protocol error.

The system returned: [No Error]

This means that some aspect of the ICAP communication failed.

Some possible problems are:

•The ICAP server is not reachable.

•An Illegal response was received from the ICAP server.
------------------------------------------------------------------------

Well, i entered the OPN console, launched netstat... And, as i thought, there was nobody listening at icap port.  The web GUI is showing the c-icap service running though, that is strange.

What should i do to get the thing running ?

The sync is not always executed on web proxy settings changes.

But why ?

Furthermore, I don't believe the proxy is being restarted automatically

Squid service restart doesn't do the trick, only the full reboot. And even this doesn't help every time.

Hi guys.

Installed two 17.7.4 boxes in HA mode and had encountered strange behavior. When i change some settings (fw rules, nat rules, gw settings, etc.) on main box it replicates to backup box instantly except one thing: web proxy. When i change web proxy settings on main box, they keep unchanged on the backup box until reboot, or even do not replicate at all. Is that a bug, or maybe i have forgotten to do something ?