What do you want to see in the pfSense package system?
-
Colin,
I had several ideas that I shared with you before, but one that seems to be increasingly important due to continuous ensuring pfSense is secure is some sort of package upgrade option rather than complete new installations. In the case of the Squid package I'm working on, there have been a few security updates that did not impact the actual package (i.e., xml/php), but did not require reinstallation of the entire package to apply the binaries and such only applicable to Squid_Stable. Any ideas how to accomplish this? Thanks!
Mike
-
Could something like this be accomplished with rsynch using binary diffs?
-
@submicron:
Could something like this be accomplished with rsynch using binary diffs?
Possibly, the only problem would config variables changing names….any new additions could be appended to the configs but changes to existing would require parsing and replacement in the configs.
-
@submicron:
This second type would be a group of different software installations intended to work together to perform a specific function, with a unifying user interface. With packages of this type it would be fairly easy to develop very specialized types of pfsense installs. Is this a goal for the packaging system – to enable users to build very specialized pfsense installs?
The new package system should make it easy to make both types of packages. A 'master' package XML file could be made (with or without GUI fields) that would simply tie all the XML and software dependencies together into a single package. This XML file would then be passed to repomaker instead of all of the 'subpackages', allowing a single package entry to be presented to the client.
I will also try to mesh the package system as closely as possible with the base, though full integration may not be available right away.
I like the idea of the modular system where it would add the software to the specified directories but be implemented in the web-interface vi a pre-set modular interface where adding 1 to 10 or more modules would show up in the menus in one of two styles; the first being meshed in with the rest of the items and the second would be a menu that says Modules or something and all the loaded modules would be in the list.
Adding additional menu sections would be tricky, particularly with 'metallic' and similar themes. If the look and feel of the webGUI is made more easily customizable I may be able to look at this feature.
I had several ideas that I shared with you before, but one that seems to be increasingly important due to continuous ensuring pfSense is secure is some sort of package upgrade option rather than complete new installations. In the case of the Squid package I'm working on, there have been a few security updates that did not impact the actual package (i.e., xml/php), but did not require reinstallation of the entire package to apply the binaries and such only applicable to Squid_Stable. Any ideas how to accomplish this? Thanks!
The 'installed packages' page already provides buttons for upgrading either the software or XML dependencies, though this process isn't very intelligent just yet. I would like to eventually make 'installed packages' a basic summary page with important data about the package and provide a link to view more detailed information and provide a variety of ways to manipulate the installed package.
@submicron:
Could something like this be accomplished with rsynch using binary diffs?
Although bdiffs could theoretically be used in the future to provide smaller updates for packages, I would like to avoid using them for the time being.
-
Adding additional menu sections would be tricky, particularly with 'metallic' and similar themes. If the look and feel of the webGUI is made more easily customizable I may be able to look at this feature.
Possibly making the words in menus text and have css to change the text on mouse-over and possibly do an image swap for the background. Would be similar but not exactly the same. Also would cut down on the number of different graphics being loaded.
-
Adding additional menu sections would be tricky, particularly with 'metallic' and similar themes. If the look and feel of the webGUI is made more easily customizable I may be able to look at this feature.
Possibly making the words in menus text and have css to change the text on mouse-over and possibly do an image swap for the background. Would be similar but not exactly the same. Also would cut down on the number of different graphics being loaded.
Just to clarify. You can add package items to any existing menu. However, adding a new menu is not supported at the moment.
-
Adding additional menu sections would be tricky, particularly with 'metallic' and similar themes. If the look and feel of the webGUI is made more easily customizable I may be able to look at this feature.
Possibly making the words in menus text and have css to change the text on mouse-over and possibly do an image swap for the background. Would be similar but not exactly the same. Also would cut down on the number of different graphics being loaded.
Just to clarify. You can add package items to any existing menu. However, adding a new menu is not supported at the moment.
Adding complete new menus would break our maintheme (metallic). If adding complete new menus this is something that has to be supported by the theme as well. So it's not only a packagesystem thing but a theme thing as well if such a functionality is added. We would have to overthink this if we make this an option.
-
Might be a good idea to think about this kind of thing now rater than later, when things are more complicated. Are there any other reasons we would want to add more menus later on? Sounds like a strucural question that will probably be needed at some point later and should be planned for now to me.
-
I too like the idea of a modular system where people can create other little tools for it that can be installed on a user-needed basis. Kind of like the Firefox model where you can install different extensions based on what you want. If people can add their own "widgets" and have functionality that may not be originally in the package, or forseen during the making of pfsense, then it could be VERY successful.
-
Since it seems like pfsense is going to end up moving in a direction towards very specialized setups, the ability to add new menus would be helpful. Some of the packages that are being requested, would require fairly extensive GUI items. Squid could eventually get to the point where a menu for it makes sense, and a SPAM filtering package certainly could. I realize we're all pushing for the 1.0 release right now, and I hate scope creep as much as anyone so this is probably something that'll be better off being considered post 1.0, but this would be a very useful addition to the UI.
-
Print server function
-
Hi
I hope the freenas package work that was fine. :)
-
The package system as it stands is good, however the lack of documentation hinders development of additional packages by outsiders. I've found some documentation but nothing thats complete. Also some of the xml tags are confusing and not self explanatory.
For example
custom_add_php_command
When does this command run. I read something that stated it runs after the package install, however it also runs when changing the settings on a package. So when is this section useful when using the custom_php_install_command and custom_php_resync_config_command fields. Seems it would just duplicate things.
-
php_add is run after a item is changed in the gui.
resync runs on bootup, etc so that the rc.d files are setup from a fresh state (bootup).
Yes the docs are hurting. We hope to get them in better shape very soon.
-
Hi,
it would be nice to implement a timelimitpackage.
I need to give users or Ip addresses access on a given hour.For example: (Ip address 1) on Monday-Fryday between 9:00 and 11:00 pm
(Ip address 2) on Saturday between 2:00-3:00, and so ongreetings, hoster :)
-
trackerd(tracks MACs to IPs) would be nice
http://freshmeat.net/projects/trackerd
integrates into snortsam/snort or stand alone -
Quagga/ospfd
-
Routing protocols - OSPF - RIP
64 Bit support..T1, T3 card support (digium and zapata, etc)
BCP (http://www3.ietf.org/proceedings/99nov/slides/pppext-bridge-99nov/) -
HI,
I'd quite like to see squidGuard for automatic URL filtering. With the ability to have the rules auto synced via rsync to squidguard.mesd.k12.or.us::filtering or similar.
RegardsBen
-
Hello
I would like some way (don't know if any package/script does this) to create an iso file of my pfsense install, so that when I boot with a CD created with that install, all the packages, rules, configurations etc. of my original configurations are pre-installed and when I install pfsense from that CD it simply recreates my original pfsense machine with no question asked.
Also, I would like to see pfsense store two-three copies of its configurations, so that if it loses its configuration file due to some sudden power-failure it can simply restore the configuration from the backup instead of giving a configuration file not found error and requiring a reinstall in some cases and configuration restore in some.
I would even place a bounty on it. Can someone tell me what needs to be done?
With regards.
Sanjay.