Did the recent pbi rebuild build right?



  • Its late so I dont have full details but I did a full firmware update today and noticed 2 of my main packages dont work correctly. Snort and Squid. I've seen these kind of errors before and if i remember correctly, certain options weren't compiled into the binaries.

    snort:

    
    barnyard2[17606]: FATAL ERROR: If this build of snort was obtained as a binary distribution (e.g., rpm, or Windows), then check for alternate builds that contains the necessary 'mysql' support. If this build of snort was compiled by you, then re-run the the ./configure script using the '--with-mysql' switch. For non-standard installations of a database, the '--with-mysql=DIR' syntax may need to be used to specify the base directory of the DB install. See the database documentation for cursory details (doc/README.database). and the URL to the most recent database plugin documentation.
    
    Dec 19 22:54:32 	snort[17544]: FATAL ERROR: Failed to load /usr/local/etc/snort/snort_60770_em3/dynamicpreprocessor/libsf_ftptelnet_preproc.so: Shared object "libmysqlclient.so.18" not found, required by "libsf_ftptelnet_preproc.so"
    Dec 19 22:54:32 	snort[17544]: FATAL ERROR: Failed to load /usr/local/etc/snort/snort_60770_em3/dynamicpreprocessor/libsf_ftptelnet_preproc.so: Shared object "libmysqlclient.so.18" not found, required by "libsf_ftptelnet_preproc.so"
    Dec 19 22:54:32 	snort[17544]: Loading dynamic preprocessor library /usr/local/etc/snort/snort_60770_em3/dynamicpreprocessor/libsf_ftptelnet_preproc.so...
    Dec 19 22:54:32 	snort[17544]: Loading dynamic preprocessor library /usr/local/etc/snort/snort_60770_em3/dynamicpreprocessor/libsf_ftptelnet_preproc.so...
    
    

    squid:

    
    hp: /pkg_edit.php: The command '/usr/pbi/squid-i386/sbin/squid -k reconfigure -f /usr/pbi/squid-i386/etc/squid/squid.conf' returned exit code '1', the output was '2012/12/19 22:58:48| WARNING: (B) '127.0.0.1' is a subnetwork of (A) '127.0.0.1' 2012/12/19 22:58:48| WARNING: because of this '127.0.0.1' is ignored to keep splay tree searching predictable 2012/12/19 22:58:48| WARNING: You should probably remove '127.0.0.1' from the ACL named 'ext_manager' 2012/12/19 22:58:48| WARNING: (B) '127.0.0.1' is a subnetwork of (A) '127.0.0.1' 2012/12/19 22:58:48| WARNING: because of this '127.0.0.1' is ignored to keep splay tree searching predictable 2012/12/19 22:58:48| WARNING: You should probably remove '127.0.0.1' from the ACL named 'ext_manager' squid: ERROR: No running copy'
    
    

  • Rebel Alliance Developer Netgate

    The snort error is probably from the rebuild.

    No idea about squid. Unless I somehow missed an option, but squid didn't require any changes like that though, snort did. (If you're using squid3, it did bump up to a higher version, so it's possible that's due to a change in squid.)


  • Rebel Alliance Developer Netgate

    Snort has been rebuild and uploaded again, looks like it should have the correct options on it this time.



  • thanks Jim, Snort is working again!

    For squid.. i'll have to do some more testing but sslcrtd, delay_pool isn't compiled into the options i think

    
    php: /pkg_edit.php: The command '/usr/pbi/squid-i386/sbin/squid -f /usr/pbi/squid-i386/etc/squid/squid.conf' returned exit code '6', the output was '2012/12/20 09:04:33| cache_cf.cc(381) parseOneConfigFile: squid.conf:17 unrecognized: 'sslcrtd_children' 2012/12/20 09:04:33| WARNING: (B) '127.0.0.1' is a subnetwork of (A) '127.0.0.1' 2012/12/20 09:04:33| WARNING: because of this '127.0.0.1' is ignored to keep splay tree searching predictable 2012/12/20 09:04:33| WARNING: You should probably remove '127.0.0.1' from the ACL named 'ext_manager' 2012/12/20 09:04:33| WARNING: (B) '127.0.0.1' is a subnetwork of (A) '127.0.0.1' 2012/12/20 09:04:33| WARNING: because of this '127.0.0.1' is ignored to keep splay tree searching predictable 2012/12/20 09:04:33| WARNING: You should probably remove '127.0.0.1' from the ACL named 'ext_manager' 2012/12/20 09:04:33| cache_cf.cc(381) parseOneConfigFile: squid.conf:73 unrecognized: 'delay_pools' 2012/12/20 09:04:33| cache_cf.cc(381) parseOneConfigFile: squid.
    
    

  • Rebel Alliance Developer Netgate

    I rebuild and uploaded squid 2.7.x a few minutes ago. Squid3 is rebuilding now.



  • thanks again… I'll try it out in a couple of hours


  • Rebel Alliance Developer Netgate

    new squid3 is up now.



  • @jimp:

    new squid3 is up now.

    we are almost there! dns_v4_first isn't complied. Since its hardcoded in squid.inc and it add an option in squid.conf,.. Its going to be needed….

    add option --enable-internal-dns

    
    Dec 20 10:26:36 	php: /pkg_edit.php: The command '/usr/pbi/squid-i386/sbin/squid -f /usr/pbi/squid-i386/etc/squid/squid.conf' returned exit code '1', the output was '2012/12/20 10:26:36| cache_cf.cc(381) parseOneConfigFile: squid.conf:6 unrecognized: 'dns_v4_first''
    
    

    and thanks again!!


  • Rebel Alliance Developer Netgate

    The squid build options include WITH_SQUID_DNS_HELPER, which in the squid31 Makefile, does this:

    .if defined(WITH_SQUID_DNS_HELPER)
    CONFIGURE_ARGS+=        --disable-internal-dns
    libexec+=       dnsserver
    .endif
    

    I can change that to WITHOUT_SQUID_DNS_HELPER I suppose, but I'm not sure if that will have the intended effect. I don't use squid3 or keep an eye on its development so I'm not sure how good of an idea that is.


  • Rebel Alliance Developer Netgate

    Looks like squid 2.x uses the WITHOUT_ version of that setting. Not sure why squid3 uses WITH_


  • Rebel Alliance Developer Netgate

    Looks like marcelloc did that in commit ba47052140bc2e2430ffb2731f70f008baece090 so you'd have to ping him to find out why.





  • @Cino:

    I'll ping marcelloc

    I'm really busy these days but I'll take a look on it.


  • Rebel Alliance Developer Netgate

    the fix on the repo end of things (just change WITH to WITHOUT) is easy, I just don't know if that will have a negative impact on other features that squid3 needs.



  • I've disabled  the SQUID_DNS_HELPER to compile dns_v4_first option


  • Rebel Alliance Developer Netgate

    ok the builders are in the middle of a full run right now but once that finishes I'll do a manual build for squid3 to pick up the change.



  • ok, thanks jimp :)



  • Thanks everyone


  • Rebel Alliance Developer Netgate

    FYI there should be a new squid3 pbi build up, I ran it last night.



  • thanks jim,  –enable-internal-dns wasn't built in this run, its currently has --disable-internal-dns.


  • Rebel Alliance Developer Netgate

    ah perhaps I forgot to update the package xml before re-running the pbi build. I fired it off just as I was going to sleep. I'll do another.



  • Seems to work for me.



  • @jimp:

    ah perhaps I forgot to update the package xml before re-running the pbi build. I fired it off just as I was going to sleep. I'll do another.

    thanks jim!!! reinstalled this evening and all is well again.


Locked