My favorite is: http://php.net/manual/en/pcre.pattern.php

Along with:

$regex_sub_pattern_x = "something_x"; $regex_sub_pattern_y = "something_y"; $regex_sub_pattern_z = "something_z"; $regex_pattern = $sub_pattern_x . $sub_pattern_y . $sub_pattern_z;

Kind of torn between the alternatives.

Found this quote interesting.  Never thought of the opcache.
http://stackoverflow.com/questions/7147305/performance-of-variable-expansion-vs-sprintf-in-php

Ultimately the 1st is the fastest when considering the context of a single variable assignment which can be seen by looking at various benchmarks. Perhaps though, using the sprintf flavor of core PHP functions could allow for more extensible code and be better optimized for bytecode level caching mechanisms like opcache or apc. In other words, a particular sized application could use less code when utilizing the sprintf method. The less code you have to cache into RAM, the more RAM you have for other things or more scripts. However, this only matters if your scripts wouldn't properly fit into RAM using evaluation.

Sounds like single quote (nowdocs) catenation may be fastest when only a single var.  But then there is that opcache thing and memory mentioned in the quote.

Have at it… I see zero reason for such a thing..  Its a firewall, pretty sure will know what cpu it has on it before I set it up ;)  After that would have zero reason to look at this info..

if did need any such info, could just read dmesg or sysctl

[2.3.2-RELEASE][root@pfsense.local.lan]/root: sysctl hw.model hw.machine hw.ncpu
hw.model: AMD Turion™ II Neo N40L Dual-Core Processor
hw.machine: amd64
hw.ncpu: 2

Service is killed normally as part of uninstall, see function uninstall_package() in pkg-utils.inc

I'm completely confused with the daemonize stuff or whatever you mention, pretty sure that's not the problem. Put some log_error() stuff in place (or use /usr/bin/logger in the .sh script) and see how many times the service is (re)started on reinstall.

I seek the same:

Is there a manual available how to create my own pfSense and pfsense package repository for pfSense 2.3?

I can find some stuff for 2.1 and older, but not for 2.3, where is a lot changed.

Thanks in advance!

Huh, thanks. I've probably mistyped something since I've grepped entire /usr/local as well, and got nothing. After that, I've searched GitHub, found nothing. Even looked at php56-pfSense-module  (and of course found nothing there ::))

Yes, that's fine. I fully understand that if you are going to modify a component written in a compiled language then you need to have a working build process somewhere and easy way to deploy the changed executables to a test system. I was just pointing out that a lot of contributions can be developed and tested without needing that environment set up.

@doktornotor:

There is no iptables on pfSense in the first place.

Thanks for your reply, because I'm new to BSD and pfsense would you be able to help me set TCPcrypt up, as I see you are very clued on to pfsense setup and you have already saved me with with the code you did on setting up firewalls and there lists.

Got it. The BUILD_AS_NON_ROOT did the trick.

Thank you.

you could probably create a package that hooks into the data of Status_Traffic_Totals (vnstrat) to monitor the usage and disable the interface when a certain amount of gigabytes is transferred.

you could submit a feature request on redmine.pfsense.org to see if the main developers are interested and/or create a bounty for some of the community members

@doktornotor:

Oh well… I'll delete the entire repo and see if it helps.

Hmmmm, that worked. Not exactly an ideal "fix".  >:(

glad to be of some use, every once in a while  8)

Thanks for that pointer, I will check this package out.

I suppose the system I authenticate against is kinda arcane. I run pfsense to manage the network on a leisure flying airport. Our club uses a cloud based system to manage reservations, flights, licenses etc - the whole 9 yards. This system has a REST interface against which I authenticate pilots wanting to access our network. This system is in use roughly by about 250 clubs in Germany. So, it is not completely arcane - but on a global scale it's probably completely irrelevant :-)

cheers
Torsten

Most of the code is just interpreted PHP and bash scripts… So just use the normal installers to install a VM. Then you can GitSync it (see the console menu pfSense tools option, palyback gitsync...)

You can then edit files however you like (for small things, I just use the Diagnostics->Edit in the GUI, and cut-paste from a "real" editor on my laptop).

Then submit the changes to a git clone branch and make a pull request (lots of ways to achieve this - e.g. I have a fork on GitHub, cloned to my laptop, make branches on the laptop, push them up to GitHub when they are good, then make the pull request).

For the most unusual case that you need to compile something, then you will have to work out how to have a "real" build environment.

I've got quite similar issues. By default working with 6rd and my providers gateway, i had lots of fragmented packages as well as packet loss. Therefore connecting to encrypted ipv6 websites was real slow. After analyzing the traffic with wireshark, my provider told me to set the mtu for ipv6 traffic to 1472.

I configured this by setting the mtu on the wan_stf interface and have the radv service distribute this mtu value with its route advertisements. Since pfsense seems to be unable to do such things by default, I used the patch plugin (https://doc.pfsense.org/index.php/System_Patches) and applied the following crude patch:

BEWARE: Only apply this patch, if you are able to deduct its consequences. I am only using the 6rd gateway of my provider for any IPv6 traffic. This might not apply to you. I applied this patch to version 2.3.2-RELEASE-p1

diff --git a/src/etc/inc/interfaces.inc b/src/etc/inc/interfaces.inc index 4388ef9..4e8e970 100644 --- a/src/etc/inc/interfaces.inc +++ b/src/etc/inc/interfaces.inc @@ -3756,6 +3756,7 @@ function interface_6rd_configure($interface = "wan", $wancfg) {         pfSense_interface_flags($stfiface, IFF_LINK2);         mwexec("/sbin/ifconfig {$stfiface} inet6 {$rd6prefix}/{$rd6prefixlen}");         mwexec("/sbin/ifconfig {$stfiface} stfv4br " . escapeshellarg($wancfg['gateway-6rd'])); +      mwexec("/sbin/ifconfig {$stfiface} mtu 1472");         if ($wancfg['prefix-6rd-v4plen'] >= 0 && $wancfg['prefix-6rd-v4plen'] <= 32) {                 mwexec("/sbin/ifconfig {$stfiface} stfv4net {$ip4address}/" . escapeshellarg($wancfg['prefix-6rd-v4plen']));         } diff --git a/src/etc/inc/services.inc b/src/etc/inc/services.inc index 64c40af..46d10be 100644 --- a/src/etc/inc/services.inc +++ b/src/etc/inc/services.inc @@ -161,7 +161,7 @@ function services_radvd_configure($blacklist = array()) {                 $mtu = get_interface_mtu($realif);                 if (is_numeric($mtu)) { -                      $radvdconf .= "\tAdvLinkMTU {$mtu};\n"; +                      $radvdconf .= "\tAdvLinkMTU 1472;\n";                 } else {                         $radvdconf .= "\tAdvLinkMTU 1280;\n";                 } @@ -363,7 +363,7 @@ function services_radvd_configure($blacklist = array()) {                 }                 $mtu = get_interface_mtu($realif);                 if (is_numeric($mtu)) { -                      $radvdconf .= "\tAdvLinkMTU {$mtu};\n"; +                      $radvdconf .= "\tAdvLinkMTU 1472;\n";                 } else {                         $radvdconf .= "\tAdvLinkMTU 1280;\n";                 }

I hope this might help someone with similar issues. Of course it would be nice if the mtu could be adapted on the pfSense web interface.

Not using the portlint command I go ahead and copied the package to my pfsense box and install it successfully.

So this is it.  Thank you all for your help.