Tinc package on 2.3
-
Hi,
I believe it should work basically on any architecture, the package I prepared is not hard-wired for anything special, it just depends on the tinc package itself. As long as the original package is available for i386, I think it should work. I don't have such a system to test though.
-
Building a new pfSense right now… If TINC could be on there, it'd be great, since it's currently on a different machine in the network and being routed through it... It works... mostly...
Having it on the pfSense box should make it much easier, as I'd no longer have to depend on another box and vague routing glitches... ;)
-
dmegyesi, i checked the pull request, i'm not that familiar with github, but theres a CLA logo next to it. does it mean its waiting for you to accept a contributor license agreement?
-
It means it's verified that I have already accepted the CLA. So right now it's waiting for review and merge by the pfSense team. As I see there isn't much progress with some older pull requests neither, so I believe they might be busy.
-
Hello everyone,
in order to see the connected clients in tinc, syslog has to know about /var/log/tinc.log. At this point, it's not included by default in the pfSense syslog.conf. I have submitted a PR to fix this: https://github.com/pfsense/pfsense/pull/3023
Until then, a workaround is to add the following 2 lines in /var/etc/syslog.conf:
!tinc *.* %/var/log/tinc.logPlease note the syslog.conf is regenerated automatically at each syslog package update / syslog reset. (Those details come from /etc/inc/system.inc. The PR is supposed to fix this for the future.)
You can find the latest working version here to test: https://dl.dropboxusercontent.com/u/4512442/pfSense-pkg-tinc-1.0.28.txz
-
Hello everyone,
in order to see the connected clients in tinc, syslog has to know about /var/log/tinc.log. At this point, it's not included by default in the pfSense syslog.conf. I have submitted a PR to fix this: https://github.com/pfsense/pfsense/pull/3023
Until then, a workaround is to add the following 2 lines in /var/etc/syslog.conf:
!tinc *.* %/var/log/tinc.logPlease note the syslog.conf is regenerated automatically at each syslog package update / syslog reset. (Those details come from /etc/inc/system.inc. The PR is supposed to fix this for the future.)
You can find the latest working version here to test: https://dl.dropboxusercontent.com/u/4512442/pfSense-pkg-tinc-1.0.28.txz
Thanks a lot for you support!
Finally, I can use 2.3.1.
Uploaded your pfSense-pkg-tinc-1.0.28.txz first, http://pkg.freebsd.org/freebsd:10:x86:64/latest/All/tinc-1.0.28.txz second. Existing configuration picked up and all works fine
I use tinc with Quagga routing, tap mode. Everything is good
There is a minor thing, Status->Tinc VPN does not show any status. Empty "Connection List …" etc
-
Fetching tinc-1.0.28.txz: …....... done
Installing tinc-1.0.28...
pkg: wrong architecture: FreeBSD:10:amd64 instead of FreeBSD:10:i386Failed to install the following 1 package(s): http://pkg.freebsd.org/freebsd:10:x86:64/latest/All/tinc-1.0.28.txz
pkg add http://pkg.freebsd.org/freebsd:10:x86:32/latest/All/tinc-1.0.28.txz:
Fetching tinc-1.0.28.txz: …....... done
Installing tinc-1.0.28...
the most recent version of tinc-1.0.28 is already installedI'm runnig my PFsense on an old Watchguard x750.
Now I have successfully installed tinc, but how can I get a webinterface for tinc?
:(
-
There is a minor thing, Status->Tinc VPN does not show any status. Empty "Connection List …" etc
Did you do the syslog.conf modification? After that, you need to restart syslogd. (killall syslogd && syslogd)
The syslog modification won't persist through reboots. The fix is already submitted to the pfSense repo, waiting for the pull request to be merged.
-
Now I have successfully installed tinc, but how can I get a webinterface for tinc?
:(
It's actually 2 packages: the tinc software itself + the web interface. Now you have installed the base software; the web interface will be the package I provided, see some posts before with the Dropbox link.
-
Did you do the syslog.conf modification? After that, you need to restart syslogd. (killall syslogd && syslogd)
Thank you!
Restarting syslog without reboot makes tinc status page working
-
Any further progress on an making the Tinc package official for 2.3.2?
-
please. I beg you if you know anyone that works at pfsense, harass them luckman212.
I've spoken to a staff member on irc, and unfortunately its above his paygrade, on GitHub no one will ever pick it up apparently. so I don't know who to bug.
tired of waiting.. for someone to click merge. its ridiculous. -
I wish I had some insider pull but … I don't. Sorry that this is taking so long, believe me I would like to see it merged too. I can only assume that people are still scrambling a bit and reshuffling responsibilities after Chris Buechler's departure. So hopefully the development pace will pick back up soon.
-
Whats the status here? Will be TINC one time again a official PFSense Package? I follow the installation instruction for 3 firewalls - one working fine, on the two others with the same installations not. I haven't any TINC entry under VPN.
-
Whats the status here? Will be TINC one time again a official PFSense Package? I follow the installation instruction for 3 firewalls - one working fine, on the two others with the same installations not. I haven't any TINC entry under VPN.
I installed on 5 firewalls, all worked smooth
And yesterday, I've guided one case. It didn't work. Mistake was, "pkg add" was called from pfSense UI, the way I never used myself
Doing it the common way I did, via ssh with
sudo pkg add -f ...Fixed the situation. Precondition: sudo package must be installed
If you tried with gui, you can try with putty or ssh, just do not forget '-f' to force reinstall
-
I have a question about tinc HA, I got two pfsense box setup and implement active/passive, any possbile to implement tinc as active/passive way?
-
Hi,
I believe it should work basically on any architecture, the package I prepared is not hard-wired for anything special, it just depends on the tinc package itself. As long as the original package is available for i386, I think it should work. I don't have such a system to test though.
I think it doesn't:
pkg add https://dl.dropboxusercontent.com/u/4512442/pfSense-pkg-tinc-1.0.28.txz Fetching pfSense-pkg-tinc-1.0.28.txz: 100% 18 KiB 18.3kB/s 00:01 Installing pfSense-pkg-tinc-1.0.28... pkg: wrong architecture: FreeBSD:10:amd64 instead of FreeBSD:10:i386 Failed to install the following 1 package(s): https://dl.dropboxusercontent.com/u/4512442/pfSense-pkg-tinc-1.0.28.txzAny ideas how to install it on a 32bit system?
-
Great news, indeed, there is a progress.
dmegyesi, thank you for your work and persistence!
As for, "Added to 2.4.0 and 2.3.3 snapshots, after more testing it can be added to 2.3.2. Thanks!"
I assume, it will be some new release, like "2.3.2-RELEASE-p2" with a tinc included, right?
-
I'm runnig my PFsense on an old Watchguard x750.
Now I have successfully installed tinc, but how can I get a webinterface for tinc?
:(
now upload the pfSense-pkg-tinc-1.0.28 via Diagnostics -> Command Prompt
then run pkg add /tmp/pfSense-pkg-tinc-1.0.28.txz
restart the box & you should see the menu
-
Hi dmegyesi,
I gave it a quick little check on 1 pfSense test machine (without actually connecting anywhere) as i'm not actively using tinc. So i have not fully tested its workings, but my guess is you have already done that.
From what i see it looks valid except you should indeed drop 'tincd' binary from the pfSense package 'makefile' the package dependency will indeed take care of that.
For testing i used "pkg add http://pkg.freebsd.org/freebsd:10:x86:64/release_3/All/tinc-1.0.26_1.txz" to add that package from the FreeBSD repository.. I suppose i could have used http://pkg.freebsd.org/freebsd:10:x86:64/latest/All/tinc-1.0.28.txz as well.. But anyway package looks like i remember it from 2.2 and tincd daemon seems to be properly started with some basic configurations.
If you can send pullrequest on github that would be great :) (dont forget to sign the 2 pfSense contributer licence agreements)
Regards,
PiBa-NLi tried to install the tinc-1.0.28.txz but i got this error (alos with tinc-1.0.29.txz)
pkg: Missing dependency 'openssl'
strange but openssl is very much a part of pfsense
Then i installed tinc-1.0.26_1.txz & it worked.
Any ideas why?
