Good afternoon,
--
I am trying to setup squid with SSL inspection. I'm currently running the following OS and squid versions.
lsb_release -a
Distributor ID: Ubuntu
Description: Ubuntu 18.04.1 LTS
Release: 18.04
Codename: bionic
squid -v
Squid Cache: Version 3.5.28
Service Name: squid
This binary uses OpenSSL 1.0.2n 7 Dec 2017. For legal restrictions on distribution see https://www.openssl.org/source/license.html
configure options: '--enable-linux-netfilter' '--enable-icap-client' '--enable-ssl' '--with-filedescriptors=65536' '--with-large-files' '--prefix=/usr' '--localstatedir=/var' '--libexecdir=/lib/squid' '--srcdir=.' '--datadir=/share/squid' '--sysconfdir=/etc/squid' '--enable-ssl-crtd' '--with-openssl' --enable-ltdl-convenience
When I start squid or check squid while using sudo I get the following errors.
squid -s
WARNING: Cannot write log file: /var/logs/cache.log
/var/logs/cache.log: Permission denied
messages will be sent to 'stderr'.
systemctl status squid
● squid.service - LSB: Squid HTTP Proxy version 3.x
Loaded: loaded (/etc/init.d/squid; generated)
Active: active (exited) since Fri 2018-10-05 20:48:20 UTC; 4 days ago
Docs: man:systemd-sysv-generator(8)
Process: 1387 ExecStart=/etc/init.d/squid start (code=exited, status=0/SUCCESS)
Oct 05 20:48:26 orthotnproxy (squid-1)[1937]: UFSSwapDir::openLog: Failed to open swap log.
Oct 05 20:48:26 orthotnproxy squid[1625]: Squid Parent: (squid-1) process 1937 exited with status 1
Oct 05 20:48:29 orthotnproxy squid[1625]: Squid Parent: (squid-1) process 1946 started
Oct 05 20:48:29 orthotnproxy (squid-1)[1946]: UFSSwapDir::openLog: Failed to open swap log.
Oct 05 20:48:29 orthotnproxy squid[1625]: Squid Parent: (squid-1) process 1946 exited with status 1
Oct 05 20:48:32 orthotnproxy squid[1625]: Squid Parent: (squid-1) process 1955 started
Oct 05 20:48:32 orthotnproxy (squid-1)[1955]: UFSSwapDir::openLog: Failed to open swap log.
Oct 05 20:48:32 orthotnproxy squid[1625]: Squid Parent: (squid-1) process 1955 exited with status 1
Oct 05 20:48:32 orthotnproxy squid[1625]: Squid Parent: (squid-1) process 1955 will not be restarted due to repeated, frequent failures
Oct 05 20:48:32 orthotnproxy squid[1625]: Exiting due to repeated, frequent failures
The SSL part of my config is: (I can and will post more of the squid.conf file if needed)
http_port 3128 ssl-bump cert=/etc/squid/ssl_cert/proxyCA.pem generate-host-certificates=on dynamic_cert_mem_cache_size=4MB
acl step1 at_step SslBump1
ssl_bump peek step1
ssl_bump bump all
sslproxy_cafile /usr/local/openssl/cabundle.file
I'm lost and appreciate any help.
Thank you
Mike
--------------------------------------------
Michael Barnes
Operations Supervisor
OrthoTennesseeMichael Barnes
Operations Supervisor
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
