Re: [pfSense Support] Please help
How to get fbsd portcollection working: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ports-using.html (personally I don't play with ports on my pfS boxes. There're precompiled packages often that are a _more_ safe option. Compiling can cause headache if you don't know what you're doin) and there are mc packages ready you can use. I suggest the light option if you don't want perl and loads of other pkgs. try something like # pkg_add -r mc-light-4.1.40.p9_5 /bkw On 8/17/05, Vladimir [EMAIL PROTECTED] wrote: I install pfSense-Full-Update-0.75. And i want to know, how i can install Midnight Commander (eror gcc cc compiler)? And how i can install posrts for FreeBSD. This version can't find bsd on ftp. -- ## BKW - Bachman Kharazmi bahkha AT gmail DOT com uin: #24089491 SWEDEN ## - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Pfsense only router
squid is beta, there are no gui (yet...) but it should be ready for transperant proxy. AFAIK NAT works without any problems, I leave the trafficshaping for somebody else who tested it lately. (I'am sure there are earlier answers in the ML-archive) /bkw On 8/17/05, Roberto Pereyra [EMAIL PROTECTED] wrote: Hi I would like to use Pfsense only like router (NAT) and traffic shapper. Maybe squid also. There are those functions stables or are beta ? Thanks in advance. roberto - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- ## BKW - Bachman Kharazmi bahkha AT gmail DOT com uin: #24089491 SWEDEN ## - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] pfSense 0.76.2: No rdr rule for Squid Transparent Proxy
I've now tried squid. I works well for me running 0.76.4 The installation succeeds and the squid process starts in right order. The rdr rules 'DOES' exist in my rules.debug and has been enabled. I've read all squid logs and it does transperant caching out of the box. Now I'll leave the process running for a few hours while using inet and see what happens... /bkw On 8/17/05, Scott Ullrich [EMAIL PROTECTED] wrote: SQUID should not be dying. If it is then I need to deactivate the package until a new one is released on the freebsd site. Scott On 8/16/05, Albert Miles Enabe [EMAIL PROTECTED] wrote: No need to file a ticket. Thanks for the swift action. I'll wait till next release then. Also, I am concerned of the Squid process dying for any reason and the rdr rule for transparent proxying is still in effect. This will block http traffic to the internet. Any solution for this? Thanks again. Miles --- Scott Ullrich [EMAIL PROTECTED] wrote: The solution here is to set the filter dirty flag in the squid startup script. This will force the rules to be reloaded and then squid will be running. I'll take care of it shortly. Scott On 8/16/05, Bill Marquette [EMAIL PROTECTED] wrote: Albert, can you file a ticket on this at http://cvstrac.pfsense.com/ ? I'd rather not delay boot until squid is up, but I suppose that's open for debate. Without looking at the code, I'm wondering if we're even starting up squid before the filter. Can you insert a sleep(); statement before the is_process_running statement and tell us how long you have to sleep for to get reliable results? Also, what speed hardware is this on? Thanks --Bill On 8/16/05, Albert Miles Enabe [EMAIL PROTECTED] wrote: I think it is actually a BUG in the script /etc/inc/filter.inc that checks for the squid process at boot time which will return FALSE because no package is loaded during this time yet. See the /etc/rc script for the loading sequence. The /etc/rc.bootup script that initializes the pf rules is called before executing rc.d items. Please see the /etc/rc script. As a solution, the if(is_process_running(squid)) at line no. 1134 of the file /etc/inc/filter.inc must be commented out. Cheers! --- Bachman Kharazmi [EMAIL PROTECTED] wrote: When the squid package has installed properly without any errors type: # pfctl -sr | grep rdr if that returns a rule and trans.proxy still doesn't work (make sure the squid process is running) then I would suggest you read the squid logs to findout why it doesn't cache. /bkw On 8/16/05, Albert Miles Enabe [EMAIL PROTECTED] wrote: Hi! The rdr (nat) rule for squid transparent proxy is missing on pfsense 0.76.2 which causes transparent proxying NOT to function properly. The corresponding pass rules are present however. The problem is corrected by commenting out line# 1134 of /etc/inc/filter.inc: if (is_package_installed(squid) == 1) //if (is_process_running(squid)) Could it be because this function was called at the time when squid has not fully loaded itself? If this is the case, then it would be better if the rc loader for squid be given enough time to sleep for a while before exiting. Thanks. Miles __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- ## BKW - Bachman Kharazmi bahkha AT gmail DOT com uin: #24089491 SWEDEN ## - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED
Re: [pfSense Support] pfSense 0.76.2: No rdr rule for Squid Transparent Proxy
sounds fun and useful atm. I'll search and see what I can find, I'am pretty sure there are tools for that.. /bkw On 8/17/05, Scott Ullrich [EMAIL PROTECTED] wrote: BKW, Any chance of doing some type of automated web browsing from a machine and let it run overnight? IE: the client machine would keep randomly surfing to sites.. Scott On 8/17/05, Bachman Kharazmi [EMAIL PROTECTED] wrote: I've now tried squid. I works well for me running 0.76.4 The installation succeeds and the squid process starts in right order. The rdr rules 'DOES' exist in my rules.debug and has been enabled. I've read all squid logs and it does transperant caching out of the box. Now I'll leave the process running for a few hours while using inet and see what happens... /bkw On 8/17/05, Scott Ullrich [EMAIL PROTECTED] wrote: SQUID should not be dying. If it is then I need to deactivate the package until a new one is released on the freebsd site. Scott On 8/16/05, Albert Miles Enabe [EMAIL PROTECTED] wrote: No need to file a ticket. Thanks for the swift action. I'll wait till next release then. Also, I am concerned of the Squid process dying for any reason and the rdr rule for transparent proxying is still in effect. This will block http traffic to the internet. Any solution for this? Thanks again. Miles --- Scott Ullrich [EMAIL PROTECTED] wrote: The solution here is to set the filter dirty flag in the squid startup script. This will force the rules to be reloaded and then squid will be running. I'll take care of it shortly. Scott On 8/16/05, Bill Marquette [EMAIL PROTECTED] wrote: Albert, can you file a ticket on this at http://cvstrac.pfsense.com/ ? I'd rather not delay boot until squid is up, but I suppose that's open for debate. Without looking at the code, I'm wondering if we're even starting up squid before the filter. Can you insert a sleep(); statement before the is_process_running statement and tell us how long you have to sleep for to get reliable results? Also, what speed hardware is this on? Thanks --Bill On 8/16/05, Albert Miles Enabe [EMAIL PROTECTED] wrote: I think it is actually a BUG in the script /etc/inc/filter.inc that checks for the squid process at boot time which will return FALSE because no package is loaded during this time yet. See the /etc/rc script for the loading sequence. The /etc/rc.bootup script that initializes the pf rules is called before executing rc.d items. Please see the /etc/rc script. As a solution, the if(is_process_running(squid)) at line no. 1134 of the file /etc/inc/filter.inc must be commented out. Cheers! --- Bachman Kharazmi [EMAIL PROTECTED] wrote: When the squid package has installed properly without any errors type: # pfctl -sr | grep rdr if that returns a rule and trans.proxy still doesn't work (make sure the squid process is running) then I would suggest you read the squid logs to findout why it doesn't cache. /bkw On 8/16/05, Albert Miles Enabe [EMAIL PROTECTED] wrote: Hi! The rdr (nat) rule for squid transparent proxy is missing on pfsense 0.76.2 which causes transparent proxying NOT to function properly. The corresponding pass rules are present however. The problem is corrected by commenting out line# 1134 of /etc/inc/filter.inc: if (is_package_installed(squid) == 1) //if (is_process_running(squid)) Could it be because this function was called at the time when squid has not fully loaded itself? If this is the case, then it would be better if the rc loader for squid be given enough time to sleep for a while before exiting. Thanks. Miles __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- ## BKW - Bachman Kharazmi bahkha AT gmail
