Messages

Let me be clear I have never setup squid before.  So, when I look at this I am not seeing what I need to see. Thanks for any help provided. 

[cnutter@OPNsense ~]$ squid -k parse
2025/06/26 11:48:38| Processing Configuration File: /usr/local/etc/squid/squid.conf (depth 0)
2025/06/26 11:48:38| Processing: acl ftp proto FTP
2025/06/26 11:48:38| Processing: http_access allow ftp
2025/06/26 11:48:38| Processing: acl localnet src fc00::/7       # RFC 4193 local private network range
2025/06/26 11:48:38| Processing: acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines
2025/06/26 11:48:38| Processing: acl PURGE method PURGE
2025/06/26 11:48:38| Processing: http_access allow localhost PURGE
2025/06/26 11:48:38| Processing: http_access deny PURGE
2025/06/26 11:48:38| Processing: acl SSL_ports port 443 # https
2025/06/26 11:48:38| Processing: acl Safe_ports port 80 # http
2025/06/26 11:48:38| Processing: acl Safe_ports port 21 # ftp
2025/06/26 11:48:38| Processing: acl Safe_ports port 443 # https
2025/06/26 11:48:38| Processing: acl Safe_ports port 70 # gopher
2025/06/26 11:48:38| Processing: acl Safe_ports port 210 # wais
2025/06/26 11:48:38| Processing: acl Safe_ports port 1025-65535 # unregistered ports
2025/06/26 11:48:38| Processing: acl Safe_ports port 280 # http-mgmt
2025/06/26 11:48:38| Processing: acl Safe_ports port 488 # gss-http
2025/06/26 11:48:38| Processing: acl Safe_ports port 591 # filemaker
2025/06/26 11:48:38| Processing: acl Safe_ports port 777 # multiling http
2025/06/26 11:48:38| Processing: acl CONNECT method CONNECT
2025/06/26 11:48:38| Processing: icap_enable on
2025/06/26 11:48:38| Processing: icap_service_failure_limit -1
2025/06/26 11:48:38| Processing: icap_default_options_ttl 60
2025/06/26 11:48:38| Processing: adaptation_send_client_ip on
2025/06/26 11:48:38| Processing: adaptation_send_username off
2025/06/26 11:48:38| Processing: icap_client_username_encode off
2025/06/26 11:48:38| Processing: icap_client_username_header X-Username
2025/06/26 11:48:38| Processing: icap_preview_enable on
2025/06/26 11:48:38| Processing: icap_preview_size 1024
2025/06/26 11:48:38| Processing: icap_service response_mod respmod_precache icap://[::1]:1344/avscan
2025/06/26 11:48:38| Processing: icap_service request_mod reqmod_precache icap://[::1]:1344/avscan
2025/06/26 11:48:38| Processing: include /usr/local/etc/squid/pre-auth/*.conf
2025/06/26 11:48:38| Not currently OK to rewrite swap log.
2025/06/26 11:48:38| storeDirWriteCleanLogs: Operation aborted.
2025/06/26 11:48:38| FATAL: Unable to find configuration file: /usr/local/etc/squid/pre-auth/*.conf: (13) Permission denied
2025/06/26 11:48:38| Squid Cache (Version 6.12): Terminated abnormally.
CPU Usage: 0.007 seconds = 0.000 user + 0.007 sys
Maximum Resident Size: 58288 KB
Page faults with physical i/o: 0

Bump.

Anyone want to give me a pointer on how to solve this?  I have tried several times to re walk though the steps and it keeps giving me this error no matter what i tried.

Hello, all I currently have a new install of OPNsense setup as a Transparent Filtering Bridge. I would like to do some AV scanning and went to setup  C-ICAP / ClamAV / Squid Web Proxy plugins.  c-icap and clamav run just fine.  But when I go to start the squid web proxy it errors out. 

I see the errros but I could you a bit of help here sorting them. 

Here or the logs.

2025-06-24T19:19:34       squid   | Removing PID file (/var/run/squid/squid.pid)   
            Page faults with physical i/o: 0   
            Maximum Resident Size: 570720 KB   
            CPU Usage: 0.060 seconds = 0.026 user + 0.034 sys   
2025-06-24T19:19:34       squid   kid1| Squid Cache (Version 6.12): Terminated abnormally.   
2025-06-24T19:19:34       squid   kid1| FATAL: mimeLoadIcon: cannot parse internal URL: http://opnsense.localdomain:0/squid-internal-static/icons/silk/image.png   
2025-06-24T19:19:34       squid   kid1| storeDirWriteCleanLogs: Operation aborted.   
2025-06-24T19:19:34       squid   kid1| Not currently OK to rewrite swap log.   
2025-06-24T19:19:34       squid   kid1| ERROR: No forward-proxy ports configured.

Thanks for your help.

Right so you are still conneceted via the console to the same ip as the UI. Sorry I missed that before.
Surely is not that you are connecting with http instead of https and you've tried both, right?
What message do you get on the web-browser exactly?

This is what I get when it fails to connect. 
Unable to connect

An error occurred during a connection to 192.168.1.1.

    The site could be temporarily unavailable or too busy. Try again in a few moments.
    If you are unable to load any pages, check your computer's network connection.
    If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the web.

I would not use the Wizard on first login. Simply abort it by pressing on the logo. Set your WAN to static manually, leave the LAN untouched (as it is apparently working, otherwise no GUI, or?) and see what happenz next...

OK, to be clear. I have tried console to setup. Web GUI will not connect even though it indicated as loaded. When both WAN and LAN as configured.

I tried the wizard AND if the WAN and LAN are configured the Web GUI will not connect even though it was Just working. IE on reload of the page or saving the changes.

Doing it with out the wizard via the Web GUI works fine until WAN and LAn are configured and again will not connect. 

IF I leave just LAN configured I can connect via the LAN side to the Web GUI.  Not problem but as soon as I bring up the WAN side and save it fails to connect. 

I have to be missing something easy or stupid.  I admit this is my first time out with OPNsense.

Yes it does.
And you are connecting to the appliance how during and after physical installation?
I wonder if you have your machine needing to renew the dhcp lease as it might have a different from the old assignment?

On Console,  It prompts for WAN first. Then  Connected indicates UP do the config  Then LAN connected indicates UP the do the config

At this point the Web GUI becomes unreachable.   Leaving only console with keyboard as root.

FYI When booting it gives no errors for hardware same with when I did the fresh install.

What precisely are you configuring for LAN?

LAN port is configured default showing 192.168.1.1.

This is a hardware appliance, right? Or a virtual machine? How many ports are there on it?
You should not need to do anything with any OPT interfaces at this point.
If you're following the normal setup and not working, I suspect something related to the hardware you're using. It would be good to know what it is or how is it connected to the rest of your setup.

Hardware Appliance: Hardware as follows.
X86 Fanless Mini PC Intel Celeron J4125 Quad Core 2x i226 Intel-V 2.5G Nics 16gb RAM. 256gb NVME.2 USB 3.O.  So 2 nic ports.   

Setup as follows:  Windstream Modem to  WAN PORT ( OPNsense Appliance ) --- LAN PORT (Unmanged Switch)  --- The rest of my network.

Windstream is static IP.   OPNSense is setup as static on WAN.  --- DHCP on LAN. --- Unamanged Switch -- ALL Clients setup to DHCP.

Hope this helps.

Why are you trying to switch the interfaces? On a brand new default configuration OPNsense

• the first interface is LAN
• the second interface is WAN

Why don't you just use the box that way? Plug into the first port and you get connectivity to your OPNsense UI. Plug the second port into your uplink and configure that one according to the needs of your connection/ISP. Done.

Unable to connect

An error occurred during a connection to 192.168.1.1.

    The site could be temporarily unavailable or too busy. Try again in a few moments.
    If you are unable to load any pages, check your computer's network connection.
    If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the web.

IT first asks to configure WAN.  Then LAN.  If I configure WAN first I can access the Web GUI.   IF I then configure LAN it will NOT ALLOW me to connect to the web gui on either interface.    IF I skip WAN and configure LAN it will not allow me to connect to the web gui even if i configure the WAN second.

I am not trying to change interfaces I have tried doing this every way and still nothing. 

Any ideas?  This is really getting frustrating. 

Why are you trying to switch the interfaces? On a brand new default configuration OPNsense

• the first interface is LAN
• the second interface is WAN

Why don't you just use the box that way? Plug into the first port and you get connectivity to your OPNsense UI. Plug the second port into your uplink and configure that one according to the needs of your connection/ISP. Done.

I will try it in that order and see what happens.

This is how it is setup:

Interfaces: [OPT1] (This would be LAN BUT its not enabled or labled.)

Enable    Enable Interface (NOT ENABLED because as soon as it is everything becomes unreachable)
Lock    Prevent interface removal (NOT Locked)
igc0
The real device name of this interface.
Description    
OPT1  (as soon as it is named LAN or the interface is added everything becomes unreachable)
Enter a description (name) for the interface here.

...more likely than not you simply choose the wrong interface for WAN/LAN. Try via console with "auto detection" and plug in an RJ45 (connected to a computer on the other end...) to the respective port when asked for...

chemlud: yeah, I rechecked again and its correct.

igc0 is set to WAN
igc1 When I set it to LAN it seems to lock out the Web GUI

By default that would be backwards. Opnsense uses the first interface as LAN, so you really are probably reversing them as said.
Config it the way you want it, then reverse the cables.

Again, no. I reset redid it both ways twice now.  Also tried the cable idea.  It has not worked.

Neither IP is reachable.  LAN OR WAN Can not ping them or connect to them.

...more likely than not you simply choose the wrong interface for WAN/LAN. Try via console with "auto detection" and plug in an RJ45 (connected to a computer on the other end...) to the respective port when asked for...

chemlud: yeah, I rechecked again and its correct.

igc0 is set to WAN
igc1 When I set it to LAN it seems to lock out the Web GUI

Nothing.  Both Links show as up.  But I can not access the Web GUI.

I have to reset to factory default to be able to connect to it.