Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
17.1 Legacy Series
»
Proxy won't start
« previous
next »
Print
Pages: [
1
]
Author
Topic: Proxy won't start (Read 9720 times)
emilio.b
Newbie
Posts: 20
Karma: 1
Proxy won't start
«
on:
May 11, 2017, 10:44:21 am »
Hello all
just setup the proxy on a 17.1.5 following exactly the howto.
When i try to start the service, that simply doesn't start.
Any idea?
TIA
OPNsense 17.1.5-amd64
FreeBSD 11.0-RELEASE-p8
Logged
fabian
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: Proxy won't start
«
Reply #1 on:
May 11, 2017, 11:09:25 am »
Please run squid -k parse on the shell and post the output - there may be an error in the generated config (Bug). Or it is simply not correctly displayed.
Logged
emilio.b
Newbie
Posts: 20
Karma: 1
Re: Proxy won't start
«
Reply #2 on:
May 11, 2017, 04:26:18 pm »
Hello,
here's the output of the command:
root@opnsense:~ # squid -k parse
2017/05/11 16:10:14| Startup: Initializing Authentication Schemes ...
2017/05/11 16:10:14| Startup: Initialized Authentication Scheme 'basic'
2017/05/11 16:10:14| Startup: Initialized Authentication Scheme 'digest'
2017/05/11 16:10:14| Startup: Initialized Authentication Scheme 'negotiate'
2017/05/11 16:10:14| Startup: Initialized Authentication Scheme 'ntlm'
2017/05/11 16:10:14| Startup: Initialized Authentication.
2017/05/11 16:10:14| Processing Configuration File: /usr/local/etc/squid/squid.conf (depth 0)
2017/05/11 16:10:14| Processing: http_port 127.0.0.1:3128 intercept
2017/05/11 16:10:14| Starting Authentication on port 127.0.0.1:3128
2017/05/11 16:10:14| Disabling Authentication on port 127.0.0.1:3128 (interception enabled)
2017/05/11 16:10:14| Processing: http_port [::1]:3128 intercept
2017/05/11 16:10:14| Starting Authentication on port [::1]:3128
2017/05/11 16:10:14| Disabling Authentication on port [::1]:3128 (interception enabled)
2017/05/11 16:10:14| Processing: http_port 192.168.1.200:3128
2017/05/11 16:10:14| Processing: acl ftp proto FTP
2017/05/11 16:10:14| Processing: http_access allow ftp
2017/05/11 16:10:14| Processing: acl localnet src 192.168.1.0/24 # Possible internal network
2017/05/11 16:10:14| Processing: acl localnet src fc00::/7 # RFC 4193 local private network range
2017/05/11 16:10:14| Processing: acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
2017/05/11 16:10:14| Processing: acl subnets src 192.168.1.0/24
2017/05/11 16:10:14| Processing: acl remoteblacklist_UT1 dstdomain "/usr/local/etc/squid/acl/UT1"
2017/05/11 16:10:18| Processing: acl remoteblacklist_Shalla dstdomain "/usr/local/etc/squid/acl/Shalla"
2017/05/11 16:10:23| Processing: acl Safe_ports port 80 # http
2017/05/11 16:10:23| Processing: acl Safe_ports port 21 # ftp
2017/05/11 16:10:23| Processing: acl Safe_ports port 443 # https
2017/05/11 16:10:23| Processing: acl Safe_ports port 1025-65535 # unregistered ports
2017/05/11 16:10:23| Processing: acl CONNECT method CONNECT
2017/05/11 16:10:23| Processing: icap_enable off
2017/05/11 16:10:23| Processing: include /usr/local/etc/squid/pre-auth/*.conf
2017/05/11 16:10:23| Processing Configuration File: /usr/local/etc/squid/pre-auth/dummy.conf (depth 1)
2017/05/11 16:10:23| Processing: http_access deny remoteblacklist_UT1
2017/05/11 16:10:23| Processing: http_access deny remoteblacklist_Shalla
2017/05/11 16:10:23| Processing: http_access deny !Safe_ports
2017/05/11 16:10:23| Processing: http_access deny CONNECT !SSL_ports
2017/05/11 16:10:23| ACL not found: SSL_ports
FATAL: Bungled /usr/local/etc/squid/squid.conf line 77: http_access deny CONNECT !SSL_ports
Squid Cache (Version 3.5.24): Terminated abnormally.
CPU Usage: 9.670 seconds = 9.529 user + 0.142 sys
Maximum Resident Size: 743248 KB
Page faults with physical i/o: 2
root@opnsense:~ #
it seems that if no SSL port is present in the Access control list>Allowed SSL ports, squid doesn't start.
After set up a simple 443:https in the field and applied the config, squid was happy.
Forget me if is my mistake...
Thank you!
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
17.1 Legacy Series
»
Proxy won't start