Build squid for pfsense

S. Kirschner

Hi,

I try to building a new version of squid for pfsense because some functions of squid are only available in the latest version.

To Build I use pcbsd 10.1.2 with pbi_makeport (install is described in https://forum.pfsense.org/index.php?topic=85503.0) and the FreeBSD ports collection.

What i dont understand is why the "PBI_MAKEOPTS" options would be ignored from my conf file.
Its necessary for me to give the builder some make options with it on the way, because a function like ssl are missing in the standard build.

Until now i modified the Makefile from squid , but I think these isnt what the devolpers wanted  ;) .

Also I dont get it why some files from clamav would be extracted to "./local/bin/" instead of "./bin/" where are they needed.
The strange thing is , I create a pbi for clamav (without a pbi.conf) and the file was extracted to "./bin/"

To build I use

pbi_makeport -o /usr/local/my_pbis -c /usr/local/my_pbis/www/squid www/squid

My pbi.conf

#!/bin/sh
# PBI Build Configuration
# Place over-rides and settings here
#
# XDG Desktop Menu Spec:
# http://standards.freedesktop.org/menu-spec/menu-spec-1.0.html
##############################################################################

# Program Name
PBI_PROGNAME="Squid"

# Program Website
PBI_PROGWEB="http://www.squid-cache.org"

# Program Author / Vendor
PBI_PROGAUTHOR="The Squid Team"

# Default Icon (Relative to %%PBI_APPDIR%% or resources/)
PBI_PROGICON="squid.png"

# The target port we are building
PBI_MAKEPORT="www/squid"

# Additional options for make.conf
PBI_MAKEOPTS="c-icap_SET_FORCE=LARGE_FILES;squid_SET_FORCE=ARP_ACL AUTH_LDAP AUTH_NIS AUTH_SASL CACHE_DIGESTS DELAY_POOLS FOLLOW_XFF FS_AUFS FS_DISKD GSSAPI_MIT HTCP ICAP ICMP IDENT IPV6 KQUEUE LARGEFILE LAX_HTTP SNMP SSL SSL_CRTD TP_PF WCCP WCCPV2;squid_UNSET_FORCE=AUTH_SMB AUTH_SQL DEBUG DNS_HELPER ECAP ESI FS_ROCK GSSAPI_NONE GSSAPI_BASE GSSAPI_HEIMDAL STACKTRACES TP_IPF TP_IPFW VIA_DB"

# Ports to build before / after
PBI_MKPORTBEFORE="www/libwww security/cyrus-sasl2"
PBI_MKPORTAFTER="www/squid_radius_auth security/clamav www/squidclamav security/ca_root_nss www/c-icap-modules devel/pcre"

# Exclude List
PBI_EXCLUDELIST="./share/doc ./man ./*/man ./*/*/man ./*/*/*/man ./*/*/*/*/man"

PBI_REQUIRESROOT="YES"; export PBI_REQUIRESROOT

export PBI_PROGNAME PBI_PROGWEB PBI_PROGAUTHOR PBI_PROGICON PBI_MAKEPORT PBI_MAKEOPTS PBI_MKPORTBEFORE PBI_MKPORTAFTER

S. Kirschner

I solved the issue with "PBI_MAKEOPTS" , it seems so that i used a obsolete format.

But the issue with the wrong folder of clamav still exists for me.

Here is the new part of makeopts

# Additional options for make.conf
PBI_MAKEOPTS="www_squid_SET=ARP_ACL AUTH_LDAP AUTH_NIS AUTH_SASL AUTH_SMB AUTH_SQL CACHE_DIGESTS DELAY_POOLS ECAP ESI FOLLOW_XFF FS_AUFS FS_DISKD FS_ROCK HTCP ICAP ICMP IPV6 LARGEFILE SNMP SSL SSL_CRTD LAX_HTTP TP_PF WCCP WCCPV2 DOCS EXAMPLES GSSAPI_BASE"

S. Kirschner

Again an update.

I found that a script is automatically create /usr/pbi/squid-amd64/bin/.pbi-install.sh and these call /usr/pbi/squid-amd64/bin/install-pathlinks.sh

But I still dont get it how I could manipulate the creation process of the script to create softlink in /usr/pbi/squid-amd64/bin for clamav.

Someone an Idea ?

code of .pbi-install.sh

#!/bin/sh
PBI_WRAPPERBIN="bin"
PBI_PROGDIRPATH="/usr/pbi/squid-amd64"
SYS_LOCALBASE="/usr/local"
cd "$PBI_PROGDIRPATH"
if [ `id -u` = "0" ] ; then
        /usr/pbi/squid-amd64/bin/install-pathlinks.sh
fi

code of install-pathlinks.sh

#!/bin/sh
if [ -z "$SYS_LOCALBASE" ]; then SYS_LOCALBASE="/usr/local" ; fi
if [ -z "$PBI_RCDIR" ]; then PBI_RCDIR="/usr/pbi/rc.d" ; fi
if [ -z "$PBI_MANDIR" ]; then PBI_MANDIR="/usr/pbi/man" ; fi
if [ -z "$PBI_BINDIR" ]; then PBI_BINDIR="/usr/pbi/bin" ; fi
_bd="`dirname $PBI_RCDIR/squid`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/rc.d/squid $PBI_RCDIR/squid

_bd="`dirname $PBI_BINDIR/libexec/squid/basic_db_auth`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/basic_db_auth $PBI_BINDIR/libexec/squid/basic_db_auth

_bd="`dirname $PBI_BINDIR/libexec/squid/basic_fake_auth`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/basic_fake_auth $PBI_BINDIR/libexec/squid/basic_fake_auth

_bd="`dirname $PBI_BINDIR/libexec/squid/basic_getpwnam_auth`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/basic_getpwnam_auth $PBI_BINDIR/libexec/squid/basic_getpwnam_auth

_bd="`dirname $PBI_BINDIR/libexec/squid/basic_ldap_auth`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/basic_ldap_auth $PBI_BINDIR/libexec/squid/basic_ldap_auth

_bd="`dirname $PBI_BINDIR/libexec/squid/basic_msnt_multi_domain_auth`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/basic_msnt_multi_domain_auth $PBI_BINDIR/libexec/squid/basic_msnt_multi_domain_auth

_bd="`dirname $PBI_BINDIR/libexec/squid/basic_ncsa_auth`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/basic_ncsa_auth $PBI_BINDIR/libexec/squid/basic_ncsa_auth

_bd="`dirname $PBI_BINDIR/libexec/squid/basic_nis_auth`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/basic_nis_auth $PBI_BINDIR/libexec/squid/basic_nis_auth

_bd="`dirname $PBI_BINDIR/libexec/squid/basic_pam_auth`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/basic_pam_auth $PBI_BINDIR/libexec/squid/basic_pam_auth

_bd="`dirname $PBI_BINDIR/libexec/squid/basic_pop3_auth`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/basic_pop3_auth $PBI_BINDIR/libexec/squid/basic_pop3_auth

_bd="`dirname $PBI_BINDIR/libexec/squid/basic_radius_auth`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/basic_radius_auth $PBI_BINDIR/libexec/squid/basic_radius_auth

_bd="`dirname $PBI_BINDIR/libexec/squid/basic_sasl_auth`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/basic_sasl_auth $PBI_BINDIR/libexec/squid/basic_sasl_auth

_bd="`dirname $PBI_BINDIR/libexec/squid/basic_smb_lm_auth`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/basic_smb_lm_auth $PBI_BINDIR/libexec/squid/basic_smb_lm_auth

_bd="`dirname $PBI_BINDIR/libexec/squid/cachemgr.cgi`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/cachemgr.cgi $PBI_BINDIR/libexec/squid/cachemgr.cgi

_bd="`dirname $PBI_BINDIR/libexec/squid/cert_tool`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/cert_tool $PBI_BINDIR/libexec/squid/cert_tool

_bd="`dirname $PBI_BINDIR/libexec/squid/cert_valid.pl`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/cert_valid.pl $PBI_BINDIR/libexec/squid/cert_valid.pl

_bd="`dirname $PBI_BINDIR/libexec/squid/digest_file_auth`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/digest_file_auth $PBI_BINDIR/libexec/squid/digest_file_auth

_bd="`dirname $PBI_BINDIR/libexec/squid/diskd`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/diskd $PBI_BINDIR/libexec/squid/diskd

_bd="`dirname $PBI_BINDIR/libexec/squid/ext_file_userip_acl`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/ext_file_userip_acl $PBI_BINDIR/libexec/squid/ext_file_userip_acl

_bd="`dirname $PBI_BINDIR/libexec/squid/ext_kerberos_ldap_group_acl`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/ext_kerberos_ldap_group_acl $PBI_BINDIR/libexec/squid/ext_kerberos_ldap_group_acl

_bd="`dirname $PBI_BINDIR/libexec/squid/ext_ldap_group_acl`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/ext_ldap_group_acl $PBI_BINDIR/libexec/squid/ext_ldap_group_acl

_bd="`dirname $PBI_BINDIR/libexec/squid/ext_time_quota_acl`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/ext_time_quota_acl $PBI_BINDIR/libexec/squid/ext_time_quota_acl

_bd="`dirname $PBI_BINDIR/libexec/squid/ext_unix_group_acl`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/ext_unix_group_acl $PBI_BINDIR/libexec/squid/ext_unix_group_acl

_bd="`dirname $PBI_BINDIR/libexec/squid/helper-mux.pl`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/helper-mux.pl $PBI_BINDIR/libexec/squid/helper-mux.pl

_bd="`dirname $PBI_BINDIR/libexec/squid/log_file_daemon`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/log_file_daemon $PBI_BINDIR/libexec/squid/log_file_daemon

_bd="`dirname $PBI_BINDIR/libexec/squid/negotiate_kerberos_auth`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/negotiate_kerberos_auth $PBI_BINDIR/libexec/squid/negotiate_kerberos_auth

_bd="`dirname $PBI_BINDIR/libexec/squid/negotiate_kerberos_auth_test`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/negotiate_kerberos_auth_test $PBI_BINDIR/libexec/squid/negotiate_kerberos_auth_test

_bd="`dirname $PBI_BINDIR/libexec/squid/negotiate_wrapper_auth`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/negotiate_wrapper_auth $PBI_BINDIR/libexec/squid/negotiate_wrapper_auth

_bd="`dirname $PBI_BINDIR/libexec/squid/ntlm_fake_auth`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/ntlm_fake_auth $PBI_BINDIR/libexec/squid/ntlm_fake_auth

_bd="`dirname $PBI_BINDIR/libexec/squid/ntlm_smb_lm_auth`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/ntlm_smb_lm_auth $PBI_BINDIR/libexec/squid/ntlm_smb_lm_auth

_bd="`dirname $PBI_BINDIR/libexec/squid/pinger`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/pinger $PBI_BINDIR/libexec/squid/pinger

_bd="`dirname $PBI_BINDIR/libexec/squid/ssl_crtd`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/ssl_crtd $PBI_BINDIR/libexec/squid/ssl_crtd

_bd="`dirname $PBI_BINDIR/libexec/squid/storeid_file_rewrite`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/storeid_file_rewrite $PBI_BINDIR/libexec/squid/storeid_file_rewrite

_bd="`dirname $PBI_BINDIR/libexec/squid/unlinkd`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/unlinkd $PBI_BINDIR/libexec/squid/unlinkd

_bd="`dirname $PBI_BINDIR/libexec/squid/url_fake_rewrite`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/url_fake_rewrite $PBI_BINDIR/libexec/squid/url_fake_rewrite

_bd="`dirname $PBI_BINDIR/libexec/squid/url_fake_rewrite.sh`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/url_fake_rewrite.sh $PBI_BINDIR/libexec/squid/url_fake_rewrite.sh

_bd="`dirname $PBI_BINDIR/purge`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/purge $PBI_BINDIR/purge

_bd="`dirname $PBI_BINDIR/squid`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/squid $PBI_BINDIR/squid

_bd="`dirname $PBI_BINDIR/squidclient`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/squidclient $PBI_BINDIR/squidclient

_bd="`dirname $PBI_BINDIR/libexec/squid/squid_radius_auth`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/squid_radius_auth $PBI_BINDIR/libexec/squid/squid_radius_auth

_bd="`dirname $PBI_BINDIR/clamav-config`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/clamav-config $PBI_BINDIR/clamav-config

_bd="`dirname $PBI_BINDIR/clambc`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/clambc $PBI_BINDIR/clambc

_bd="`dirname $PBI_BINDIR/clamconf`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/clamconf $PBI_BINDIR/clamconf

_bd="`dirname $PBI_BINDIR/clamdscan`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/clamdscan $PBI_BINDIR/clamdscan

_bd="`dirname $PBI_BINDIR/clamdtop`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/clamdtop $PBI_BINDIR/clamdtop

_bd="`dirname $PBI_BINDIR/clamscan`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/clamscan $PBI_BINDIR/clamscan

_bd="`dirname $PBI_BINDIR/clamsubmit`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/clamsubmit $PBI_BINDIR/clamsubmit

_bd="`dirname $PBI_BINDIR/freshclam`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/freshclam $PBI_BINDIR/freshclam

_bd="`dirname $PBI_BINDIR/sigtool`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/sigtool $PBI_BINDIR/sigtool

_bd="`dirname $PBI_RCDIR/clamav-clamd`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/rc.d/clamav-clamd $PBI_RCDIR/clamav-clamd

_bd="`dirname $PBI_RCDIR/clamav-freshclam`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/rc.d/clamav-freshclam $PBI_RCDIR/clamav-freshclam

_bd="`dirname $PBI_BINDIR/clamd`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/clamd $PBI_BINDIR/clamd

_bd="`dirname $PBI_BINDIR/libexec/squidclamav/clwarn.cgi`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/clwarn.cgi $PBI_BINDIR/libexec/squidclamav/clwarn.cgi

_bd="`dirname $PBI_BINDIR/libexec/squidclamav/clwarn.cgi.de_DE`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/clwarn.cgi.de_DE $PBI_BINDIR/libexec/squidclamav/clwarn.cgi.de_DE

_bd="`dirname $PBI_BINDIR/libexec/squidclamav/clwarn.cgi.en_EN`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/clwarn.cgi.en_EN $PBI_BINDIR/libexec/squidclamav/clwarn.cgi.en_EN

_bd="`dirname $PBI_BINDIR/libexec/squidclamav/clwarn.cgi.fr_FR`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/clwarn.cgi.fr_FR $PBI_BINDIR/libexec/squidclamav/clwarn.cgi.fr_FR

_bd="`dirname $PBI_BINDIR/libexec/squidclamav/clwarn.cgi.pt_BR`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/clwarn.cgi.pt_BR $PBI_BINDIR/libexec/squidclamav/clwarn.cgi.pt_BR

_bd="`dirname $PBI_BINDIR/libexec/squidclamav/clwarn.cgi.ru_RU`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/clwarn.cgi.ru_RU $PBI_BINDIR/libexec/squidclamav/clwarn.cgi.ru_RU

_bd="`dirname $PBI_BINDIR/pcre-config`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/pcre-config $PBI_BINDIR/pcre-config

_bd="`dirname $PBI_BINDIR/pcregrep`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/pcregrep $PBI_BINDIR/pcregrep

_bd="`dirname $PBI_BINDIR/pcretest`"
if [ ! -d "$_bd" ] ; then mkdir -p "${_bd}"; fi
ln -fs /usr/pbi/squid-amd64/bin/pcretest $PBI_BINDIR/pcretest

S. Kirschner

I got it  ;D

had to create an file called "external-links" in same folder where is the pbi.conf

external-links

# Files to be Sym-Linked into the default LOCALBASE
# One per-line, relative to %%PBI_APPDIR%% and LOCALBASE
# Defaults to keeping any existing files in LOCALBASE
# Use action binary for binaries that need wrapper functionality

# TARGET                LINK IN LOCALBASE       ACTION
#etc/rc.d/servfoo       etc/rc.d/servfoo        keep
#include/libfoo.h       include/libfoo.h        replace
#bin/appfoo             bin/appfoo              binary,nocrash
#bin/appfoo2            bin/appfoo-test         binary
bin/clamconf            clamconf                binary