Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Unsupported packages on unsupported architectures

    Scheduled Pinned Locked Moved pfSense Packages
    3 Posts 2 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      anomaly0617
      last edited by

      Hi all!,

      Recently I've been using Netgate ALIX2D3 desktop kits to deploy IPSec capable pfSense 2.0.1 firewalls out to remotes offices with fewer than 20 users in them. These work wonderfully for our purposes and I'm quite happy with them as a product, except for the fact that Lightsquid is not a supported package on ALIX/nanoBSD processors.

      This is the case because the compact flash card cannot handle the volume of writes that would occur when lightsquid parses the squid access logs, which is understandable. But the ALIX boards have USB ports on the back of them, and if I plug in a thumb drive or other similar flash drive, I can see the drive and theoretically mount it. So if I could mount it as /var/lightsquid, I would be able to write the lightsquid output there and not affect the stability of my firewall…. So here's some thoughts pursuant to that line of thought:

      • I've seen other posts where folks have mounted a variety of drives within the pfSense shell. In fact here's a guy asking about it now. It seems to me that you could perfect this and then define it as a <shellcmd>so it would mount every time the firewall started.</shellcmd>

      • Once the above was accomplished and it mounts itself as /var/lightsquid, Lightsquid writing a file every half hour or so wouldn't be an issue. Even if the thumb drive ran out of space, it would not affect the stability of the firewall. This would eliminate the reason for not having lightsquid available as a package on the nanoBSD architectures.

      • Of course, since the above concept is theoretically sound but lightsquid is still not available as a package to install because of the architecture, I can't test it. With that in mind it would be nice if there was a very hard-to-navigate-to checkbox in the WebGUI or variable in a config file I could edit somewhere so I could gain access these unsupported packages… with the obvious understanding that if I break or brick my firewall it's my own stupid fault.

      Make sense? Thoughts?

      Thanks!
      -Anomaly0617

      Hope this Helps!

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by

        USB flash has the same write limits as CF. The only option would be to add an external hard drive for such storage, which is difficult and not supported for a variety of reasons, primarily because the partitions can't easily be split up in the fashion that would be required.

        1 Reply Last reply Reply Quote 0
        • A
          anomaly0617
          last edited by

          @cmb:

          USB flash has the same write limits as CF.

          Agreed, however if the USB flash drive exceeds the max. number of writes that it can handle, it will crash and burn without crashing the entire firewall in the process. At worst it would stop showing up as a drive, and pfSense could fall back to using the flash RAM to store the files. In theory, that is. :-)

          @cmb:

          The only option would be to add an external hard drive for such storage, which is difficult and not supported for a variety of reasons, primarily because the partitions can't easily be split up in the fashion that would be required.

          Hmm.. I'm interested in the background on why external drives aren't supported, but I have a feeling that goes outside the scope of this post. If you're so inclined, PM me with the details. If not, I certainly understand.

          For the sake of argument, let's forget about external storage entirely. What about network-based storage? For instance, what if I could hypothetically mount a NFS or SMB share from pfSense to a NAS device, like FreeNAS? In that scenario the amount of storage would be virtually limitless since squidguard/squid log files are not large in the grand scheme of file storage.

          As you can see, the gears in my head are turning. These devices are incredibly useful. pfSense is incredibly useful. If there's any way to overcome the finer points of using the appliance instead of a PC, I'm all about it.

          Thanks (as always) in advance!

          Hope this Helps!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.