Not all the packages in 1.01

  • I have installed the latest pfsense on a new machine, but now I see not all the packages are available anymore. (like squid and some more)
    But in the older pfsense those packages are still available.

    When I look at those package are in the list… so, does the new the pfsense look for another pkg_config.xml ?

    Is there a way to fix this?

    Thanks in advance...

  • If they do not show up, they where removed for some type of issue.

    The only way to fix the issue is to fix the packages.  And no, I am not volunteering by answering this.

  • Ok, but is it possible to get them back?
    Just by editing a config file to point to the older xml file?

    I need some package wich work for my older pfsense well. (I know it's not guaranteed it will work with the new pfsense version, but I wat to give it a try)

  • No, if the packages are not listed then they are broken in some way or another.

  • Ok, clear, but not being able to run squid is no option for me because it's a part of the security…
    So in iether way I must install it manually, or have another routing system wich is also not an option I prefer :)

  • You already know your options, choose wisely  ;)

    ….oh, and another option is to have a look at the squid package and fix it  ;D

  • @hoba:

    You already know your options, choose wisely  ;)

    ….oh, and another option is to have a look at the squid package and fix it  ;D

    I woke up this morning and tought, hey it's also an option to fix it.
    I'm more like a linux man, and I have looked to the pfsense scripts and stuff before, but I'm not that into it, so it will take some time to figure everything out, but I'll do my best.

  • I think I found why squid doesn't work anymore.

    I compiled and installed the latest squid version on a pfsense box, everything works fine as long as you don't want transparent proxy.

    Squid handles tansparent the proxy in an other way now, to run a transparent proxy you only have to set the http_port to 80 and add transparent after it.
    but here starts the problem with pfsense (and I think other routing projects aswell)

    In earlier version you could add the folowing lines to the config:
    httpd_accel_host virtual
    httpd_accel_port 80
    httpd_accel_with_proxy  on
    httpd_accel_uses_host_header on

    so you added a bridge, all the incomming requests on port 80 were bridged to the proxy's port.
    This "bridge" worked "before" pfsense rules, so all port 80 traffic goes right into the proxy.

    The latest squid version doesn't know httpd_accel anymore so it can't be used.
    The problem I encountered now is that all the port 80 traffic goes into pfsense's rules first and doesn't reach the proxy anymore.
    I tried to setup some NAT rules to the WAN interface, to the LAN to (localhost) but that doesn't work.

    Does anyone have an idea to make a "route" to the proxy server so that it could act as transparent proxy?
    (offcourse I've set the squid webpage port to another port instead of port 80)

  • Sounds like you're really on to something…I too have been anxiously awaiting the Squid package 're-release'.  I'm clueless when it comes to programming, but if you need any help testing count me in.  We also rely on a transparent proxy for security.

  • I'll keep you informed.

    As for now I have squid working, but I had to NAT all proxy packages to the WAN adres where squid is listening, for this test it works fine, but I don't want to enable a proxy server for the whole world.

    Also squid is running fine, but at this moment I don't run squid as daemon (I want to see what's going on in the test envoirment)

Log in to reply