Tinc package on 2.3
-
It means it's verified that I have already accepted the CLA. So right now it's waiting for review and merge by the pfSense team. As I see there isn't much progress with some older pull requests neither, so I believe they might be busy.
-
Hello everyone,
in order to see the connected clients in tinc, syslog has to know about /var/log/tinc.log. At this point, it's not included by default in the pfSense syslog.conf. I have submitted a PR to fix this: https://github.com/pfsense/pfsense/pull/3023
Until then, a workaround is to add the following 2 lines in /var/etc/syslog.conf:
!tinc *.* %/var/log/tinc.logPlease note the syslog.conf is regenerated automatically at each syslog package update / syslog reset. (Those details come from /etc/inc/system.inc. The PR is supposed to fix this for the future.)
You can find the latest working version here to test: https://dl.dropboxusercontent.com/u/4512442/pfSense-pkg-tinc-1.0.28.txz
-
Hello everyone,
in order to see the connected clients in tinc, syslog has to know about /var/log/tinc.log. At this point, it's not included by default in the pfSense syslog.conf. I have submitted a PR to fix this: https://github.com/pfsense/pfsense/pull/3023
Until then, a workaround is to add the following 2 lines in /var/etc/syslog.conf:
!tinc *.* %/var/log/tinc.logPlease note the syslog.conf is regenerated automatically at each syslog package update / syslog reset. (Those details come from /etc/inc/system.inc. The PR is supposed to fix this for the future.)
You can find the latest working version here to test: https://dl.dropboxusercontent.com/u/4512442/pfSense-pkg-tinc-1.0.28.txz
Thanks a lot for you support!
Finally, I can use 2.3.1.
Uploaded your pfSense-pkg-tinc-1.0.28.txz first, http://pkg.freebsd.org/freebsd:10:x86:64/latest/All/tinc-1.0.28.txz second. Existing configuration picked up and all works fine
I use tinc with Quagga routing, tap mode. Everything is good
There is a minor thing, Status->Tinc VPN does not show any status. Empty "Connection List …" etc
-
Fetching tinc-1.0.28.txz: …....... done
Installing tinc-1.0.28...
pkg: wrong architecture: FreeBSD:10:amd64 instead of FreeBSD:10:i386Failed to install the following 1 package(s): http://pkg.freebsd.org/freebsd:10:x86:64/latest/All/tinc-1.0.28.txz
pkg add http://pkg.freebsd.org/freebsd:10:x86:32/latest/All/tinc-1.0.28.txz:
Fetching tinc-1.0.28.txz: …....... done
Installing tinc-1.0.28...
the most recent version of tinc-1.0.28 is already installedI'm runnig my PFsense on an old Watchguard x750.
Now I have successfully installed tinc, but how can I get a webinterface for tinc?
:(
-
There is a minor thing, Status->Tinc VPN does not show any status. Empty "Connection List …" etc
Did you do the syslog.conf modification? After that, you need to restart syslogd. (killall syslogd && syslogd)
The syslog modification won't persist through reboots. The fix is already submitted to the pfSense repo, waiting for the pull request to be merged.
-
Now I have successfully installed tinc, but how can I get a webinterface for tinc?
:(
It's actually 2 packages: the tinc software itself + the web interface. Now you have installed the base software; the web interface will be the package I provided, see some posts before with the Dropbox link.
-
Did you do the syslog.conf modification? After that, you need to restart syslogd. (killall syslogd && syslogd)
Thank you!
Restarting syslog without reboot makes tinc status page working
-
Any further progress on an making the Tinc package official for 2.3.2?
-
please. I beg you if you know anyone that works at pfsense, harass them luckman212.
I've spoken to a staff member on irc, and unfortunately its above his paygrade, on GitHub no one will ever pick it up apparently. so I don't know who to bug.
tired of waiting.. for someone to click merge. its ridiculous. -
I wish I had some insider pull but … I don't. Sorry that this is taking so long, believe me I would like to see it merged too. I can only assume that people are still scrambling a bit and reshuffling responsibilities after Chris Buechler's departure. So hopefully the development pace will pick back up soon.
-
Whats the status here? Will be TINC one time again a official PFSense Package? I follow the installation instruction for 3 firewalls - one working fine, on the two others with the same installations not. I haven't any TINC entry under VPN.
-
Whats the status here? Will be TINC one time again a official PFSense Package? I follow the installation instruction for 3 firewalls - one working fine, on the two others with the same installations not. I haven't any TINC entry under VPN.
I installed on 5 firewalls, all worked smooth
And yesterday, I've guided one case. It didn't work. Mistake was, "pkg add" was called from pfSense UI, the way I never used myself
Doing it the common way I did, via ssh with
sudo pkg add -f ...Fixed the situation. Precondition: sudo package must be installed
If you tried with gui, you can try with putty or ssh, just do not forget '-f' to force reinstall
-
I have a question about tinc HA, I got two pfsense box setup and implement active/passive, any possbile to implement tinc as active/passive way?
-
Hi,
I believe it should work basically on any architecture, the package I prepared is not hard-wired for anything special, it just depends on the tinc package itself. As long as the original package is available for i386, I think it should work. I don't have such a system to test though.
I think it doesn't:
pkg add https://dl.dropboxusercontent.com/u/4512442/pfSense-pkg-tinc-1.0.28.txz Fetching pfSense-pkg-tinc-1.0.28.txz: 100% 18 KiB 18.3kB/s 00:01 Installing pfSense-pkg-tinc-1.0.28... pkg: wrong architecture: FreeBSD:10:amd64 instead of FreeBSD:10:i386 Failed to install the following 1 package(s): https://dl.dropboxusercontent.com/u/4512442/pfSense-pkg-tinc-1.0.28.txzAny ideas how to install it on a 32bit system?
-
Great news, indeed, there is a progress.
dmegyesi, thank you for your work and persistence!
As for, "Added to 2.4.0 and 2.3.3 snapshots, after more testing it can be added to 2.3.2. Thanks!"
I assume, it will be some new release, like "2.3.2-RELEASE-p2" with a tinc included, right?
-
I'm runnig my PFsense on an old Watchguard x750.
Now I have successfully installed tinc, but how can I get a webinterface for tinc?
:(
now upload the pfSense-pkg-tinc-1.0.28 via Diagnostics -> Command Prompt
then run pkg add /tmp/pfSense-pkg-tinc-1.0.28.txz
restart the box & you should see the menu
-
Hi dmegyesi,
I gave it a quick little check on 1 pfSense test machine (without actually connecting anywhere) as i'm not actively using tinc. So i have not fully tested its workings, but my guess is you have already done that.
From what i see it looks valid except you should indeed drop 'tincd' binary from the pfSense package 'makefile' the package dependency will indeed take care of that.
For testing i used "pkg add http://pkg.freebsd.org/freebsd:10:x86:64/release_3/All/tinc-1.0.26_1.txz" to add that package from the FreeBSD repository.. I suppose i could have used http://pkg.freebsd.org/freebsd:10:x86:64/latest/All/tinc-1.0.28.txz as well.. But anyway package looks like i remember it from 2.2 and tincd daemon seems to be properly started with some basic configurations.
If you can send pullrequest on github that would be great :) (dont forget to sign the 2 pfSense contributer licence agreements)
Regards,
PiBa-NLi tried to install the tinc-1.0.28.txz but i got this error (alos with tinc-1.0.29.txz)
pkg: Missing dependency 'openssl'
strange but openssl is very much a part of pfsense
Then i installed tinc-1.0.26_1.txz & it worked.
Any ideas why?
-
Probably because your not 'supposed' to install stuff from the freebsd repositories.. pfSense has its own repository with all binaries of ports that are made available for use on pfSense. I dont think tinc is currently part of that list though.
-
tinc is available on 2.3.3 and 2.4. No need to do any such hacks like installing from non-pfSense repos.
-
Oh it is :o ,i thought is was 'rejected' because of undefined issues. I was wrong and should have re-checked before writing assuming that to still be valid because people where still trying to install manually. Thanks for the correction :D.
