Bug #10768
closedSquidguard overwrites Advanced Config from Squid Proxy in HA Configurations
0%
Description
If you are using a PFsense HA configuration with a virtual HA_IP, you have to add these HA virtual IP to the advanced configuration settings in the Squid advanced config section for example http_port xx.xx.xxx:8080 on each HA Member.
If in this Configuration SQuidguard starts to reconfig or refresh its blacklists it will overwrite the whole Squidporxy advanced config section and deletes the http_port config. In addition this will sync to all the HA Members and all clients that try to connect to the virtual HA_ip will fail, because Squid is not listening on the HA_ip..
SquidGuard should be adding, not overwriting this configsection and if changes occurs just change his config section. To do this perhaps add some comments to get the Squidguard section and just change this section.
Updated by Viktor Gurov about 5 years ago
If you are using a PFsense HA configuration with a virtual HA_IP, you have to add these HA virtual IP to the advanced configuration settings in the Squid advanced config section for example http_port xx.xx.xxx:8080 on each HA Member.
In the latest Squid package versions you can select HA_IP in the 'Proxy Interface(s)' list,
see https://forum.netgate.com/topic/154406/squid-ha-support
Updated by Viktor Gurov about 5 years ago
- Status changed from New to Rejected
+ squidGuard doesn't remove Custom Options (Before Auth), Custom Options (After Auth) and Custom Options (SSL/MITM)