Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - elenagilbert

Pages1
#1
Web Proxy Filtering and Caching / Re: Squid Web Proxy services error - 25.4.1 Business Edition - chaos for our company
June 07, 2025, 05:21:06 AM
Quote from: Wuensch-AG-Adm on June 05, 2025, 10:11:57 AMDear Community and OPNsense Team,

we have bought a Deciso / OPNsense Appliance the Business Edition to receive every time a stable version of the system and the plugins too (normally they're tested on the community version).
Today during the maintenance, we have upgraded our appliance to the version 25.4.1 and after the reboot the squid plugin doesn't work anymore
Version: os-squid 1.2
A segmentation fault warning, and it's not the first time we've seen something like this, and each time we've solved the problems by making a few changes to the parameters.
This time it simply doesn't work and our company have no Internet without chaotic passthrough that I need the set up in urgence.

The first question: Shouldn't the Business Edition be tested better with plugin integration? (the minimum requirements for the business functions)
If no for the Business customer we need the list of the Business plugin that we can use (when we are buying the appliance for example)

here the infos on the warning message:

template reload Deciso/Proxy: OK
template reload OPNsense/ProxySSO: OK
Segmentation fault
Performing sanity check on squid configuration.
2025/06/05 08:30:13| Processing Configuration File: /usr/local/etc/squid/squid.conf (depth 0)
2025/06/05 08:30:13| Starting Authentication on port 127.0.0.1:3128
2025/06/05 08:30:13| Disabling Authentication on port 127.0.0.1:3128 (interception enabled)
2025/06/05 08:30:13| Starting Authentication on port [::1]:3128
2025/06/05 08:30:13| Disabling Authentication on port [::1]:3128 (interception enabled)
2025/06/05 08:30:13| Starting Authentication on port 127.0.0.1:3129
2025/06/05 08:30:13| Disabling Authentication on port 127.0.0.1:3129 (interception enabled)
2025/06/05 08:30:13| Starting Authentication on port [::1]:3129
2025/06/05 08:30:13| Disabling Authentication on port [::1]:3129 (interception enabled)
2025/06/05 08:30:19| Processing Configuration File: /usr/local/etc/squid/pre-auth/20-negotiate.auth.conf (depth 1)
2025/06/05 08:30:19| Processing Configuration File: /usr/local/etc/squid/pre-auth/40-snmp.conf (depth 1)
2025/06/05 08:30:19| Processing Configuration File: /usr/local/etc/squid/pre-auth/dummy.conf (depth 1)
2025/06/05 08:30:19| Processing Configuration File: /usr/local/etc/squid/pre-auth/parentproxy.conf (depth 1)
2025/06/05 08:30:19| Processing Configuration File: /usr/local/etc/squid/auth/10-opnproxy-ext.auth.conf (depth 1)
2025/06/05 08:30:19| Processing Configuration File: /usr/local/etc/squid/auth/dummy.conf (depth 1)
2025/06/05 08:30:19| Processing Configuration File: /usr/local/etc/squid/post-auth/dummy.conf (depth 1)
2025/06/05 08:30:19| WARNING: use of 'reload-into-ims' in 'refresh_pattern' violates HTTP
2025/06/05 08:30:19| WARNING: HTTP requires the use of Via
2025/06/05 08:30:19| Set Current Directory to /var/squid/cache
Segmentation fault

segmentation fault is quite general. Where can we see the detailed error message?
We have a backup of the configuration. Is there a link to the procedure for an emergency plan? If we need to quickly restore.
I've found this website: https://www.thomas-krenn.com/de/wiki/OPNsense_Konfiguration_wiederherstellen Retro Bowl College

We have tried to disable the squid proxy but the problem is still the same because of the NAT that squid proxy is creating when there's a transparent proxy.
We are currently being blocked by our OPNsense.

Thank you ahead for you help.

Regards,

Joel.

Hi Joel, did you happen to check whether there's a core dump or crash log generated from the Squid process after the segmentation fault?
#2
25.1, 25.4 Production Series / Re: NUT is in a Shutdown loop and has other odd behavior
June 07, 2025, 05:14:23 AM
Quote from: vk2him on May 21, 2025, 09:07:07 AMI'm running the latest OPNsense 25.1.7_2-amd64 and the issues below occurred on the previous 25.1.6

I had NUT running fine for quite a while in Netclient mode connected to a Cyberpower UPS that is connected to a Synology NAS.
Block Blast
I got a second CyberPower UPS this week with the OPNsense NUC now being powered by it (previously it wasn't UPS protected as it's on a different floor to the Synology). So now I wanted OPNsense to work in Standalone mode connected to the USB UPS that's right next to it.

In the NUT UPS Type tab I unticked Netclient, saved and restarted the service, then Enabled Standalone and the USB-HID Driver option, plugged in the USB into the OPNsense NUC and restarted the service.

The Diagnostics shows it's still connected to the Netclient mode UPS in the garage and it won't recognise the standalone UPS plugged into the USB port. I tried all sorts of combinations and it always showed it was still connected via netclient.

So I uninstalled NUT, reinstalled it and rebooted OPNsense. Immediately when OPNsense starts up, it shuts down. It look me a few restarts to quickly go into the GUI and disable NUT to prevent the loop.

Here's the log when it starts then shuts down - 192.168.1.252 is the Synology NAS
Code Select

2025-05-21T14:47:52    Notice    kernel    ---<<BOOT>>---   
2025-05-21T14:47:52    Notice    syslog-ng    syslog-ng starting up; version='4.8.2'   
2025-05-21T14:46:19    Notice    kernel    <6>ovpns1: link state changed to DOWN   
2025-05-21T14:46:18    Notice    syslog-ng    syslog-ng shutting down; version='4.8.2'   
2025-05-21T14:45:56    Notice    upsmon    Auto logout and shutdown proceeding   
2025-05-21T14:45:56    Critical    upsmon    Executing automatic power-fail shutdown   
2025-05-21T14:45:56    Notice    upsmon    UPS ups@192.168.1.252:3493: forced shutdown in progress   
2025-05-21T14:45:51    Notice    configctl    event @ 1747802750.95 exec: system event config_changed response: OK   
2025-05-21T14:45:51    Error    upsmon    Login on UPS [ups@192.168.1.252:3493] failed - got [ERR ACCESS-DENIED]

So even though I have disabled Netclient mode, it's still trying to connect, it fails, then 5 seconds later it decides to shutdown.

Looking at the logs, at one stage it did recognise the UPS via USB, but disconnected/attempted again which I discovered by googling that some Cyberpower UPS do this until they connect to the driver?

Code Select
2025-05-21T14:34:59    Notice    kernel    ugen0.2: <CPS BR1200ELCD> at usbus0 (disconnected)   
2025-05-21T14:34:59    Notice    kernel    ugen0.2: <CPS BR1200ELCD> at usbus0   
2025-05-21T14:34:59    Notice    kernel    ugen0.2: <CPS BR1200ELCD> at usbus0 (disconnected)   
2025-05-21T14:34:59    Notice    kernel    ugen0.2: <CPS BR1200ELCD> at usbus0   
2025-05-21T14:34:59    Notice    kernel    ugen0.2: <CPS BR1200ELCD> at usbus0 (disconnected)   
2025-05-21T14:34:59    Notice    kernel    ugen0.2: <CPS BR1200ELCD> at usbus0
Any suggestions would be appreciated - I'm not too keen to re-enable NUT as I think it will shutdown as soon as I enable it?

You can fix the issue by manually clearing old NUT config files via SSH and setting up a fresh standalone configuration for your USB-connected UPS. You can then verify detection with usbconfig and configure ups.conf, upsmon.conf, and nut.conf to avoid fallback to the previous Netclient setup.
Pages1