Squid 3.4.4 is out - who creates the pkg?



  • Hello,
    i am new to pfsense and had a look at the packages for squid. As i saw squid3 in Version 3.1.20, i looked at the project site and found squid3 in version 3.4.4. i asked myself how updates the package for pfsense and when? How is the workflow?

    thx



  • It's marcelloc, but he seems to be a bit less active with package management than he once was. It's a lot of work and responsibility and I'm sure he has other things to do so it's understandable.



  • Squid has been on the skids for some months now. The volunteer maintainer Marcelloc may be busy with other projects.



  • Hi,
    ok and thx for the information. How is the workflow or is there a list with priority which he works through? Should i inform him, or how does it work? For the Squid3 i read lot or some problems with pfsense or the content caching and i thing it is solved in newest version. so it whould great to use that instead an obviously bugy one.



  • Well, he's a volunteer so he doesn't have to do anything. But he might notice your thread anyway and comment in here if he chooses to. Or else you could send him a message and ask him. If you speak Portuguese he seems to spend more time in that forum.



  • Of course i understand that he do it in his freetime and i am thankfull for guys like him…



  • Marcello is also doing the "bind" package, but I don't know why? Because freebsd even dropped bind and taken up unbound as a default. (because of security issues with bind on every release)

    I'm no coder but I can find my way around squid conf syntax. I will help when I can.
    But with 14 hour work days, I'm not always in the mood to do anything…

    I suppose if the conf syntax hasn't changed much (3.3.10 --> 3.4.4) generating the squid.conf file should be compatible with the old package GUI.



  • Someone should ask Marcello because off unbound. It would be a waste of time and could make pfsense less secure…. I understand you, i have +12 hours a day too and thanks for your offer. If i have had this time to make a package and would know how, i would do it for the community. i did not install one of these versions but i think they are very similar. my last installation of squid was for a few years under debian, but i dont know how it work under FreeBSD.

    i am really new with pfsense and dont know how things works and managed behind all, but i think that such packages(squid, antivirus, filter and so on, and not rrd ones or colored buttens) and mainfeatures like bind or unbound should have a higher priority. if not and a security hole would exists it would very bad for an security product like pfsense. i am also a bit worried that only one person do dns and other stuff for pfsense, but as i said i dont know the control mechs behind all.



  • Hi people. My free time nowadays are near to zero, that's why I'm not working hard on these packages.

    I've sent some weeks ago a message to squid maintainer on freebsd ports, buy I think he is busy too.

    To update the package on pfsense, I need firt to have it on freebsd ports
    http://www.freebsd.org/cgi/ports.cgi?query=squid3&stype=all&sektion=all

    The bind first release package on pfsense was a contribution from portuguese forum users but the package was incomplete. That's why I decided to improve and finish it.
    I've never used unbound so I'm not the best person to write a package for it.

    Contributions are always welcome, if you have fixes or workaround for squid packages, send it on for and/or to github. This way I can check and merge it on next release.



  • Hello marcelloc,

    and thanks for reply in youre zero time ;). you are right with the package on freebsd and i did not thought about it, while i was looking only on the squid page. i understand that you want to finish the bind release.

    as long as i have also zero time for try to make a package i think i have to wait. this leads to me to think about pfsense as an secure and stable firewall because of to less good developer and perhaps to less testings and controll mechanism <- thats how it looks actually for me ;(

    thanks marcelloc



  • You can core team to develop or improve anything on pfsense.  The point is that will cost you some money.

    Package contribution depends on community but some packages are maintained by pfsense core team.



  • @marcelloc:

    Contributions are always welcome, if you have fixes or workaround for squid packages, send it on for and/or to github. This way I can check and merge it on next release.

    Where exactly do you want  fixes or workaround to be sent? In my last post I suggested to blacklist localhost by default in order to prevent looping. I can send this separately if you tell me where (some github repository for squid?)



  • You can core team to develop or improve anything on pfsense.  The point is that will cost you some money.

    Package contribution depends on community but some packages are maintained by pfsense core team.

    Hi,
    as i said i dont know the detailed structure of developers and the project it works. And you are right, the core team should dev core function and packages by the community or perhaps another package team. what i want to say is that if only one person dev a package with not much time it would be in any case lead to a bad situation in cases he as zero time. the point is, that there are a lot of good packages like squid or dansguard / harvp or maybe snort too which i think make sense to use on pfsense in private or soho, but if these packages doesnt dev well or the support for fast and good tested updates (in security situation or major bugs) are not guranteed it whould be a bad idea to install it on product networkds. we talk about a security product….
    at this point thanks for all who dev or help to dev ;) to make pfsense a good and free open source product



  • I understand your point.  But on pfsense you can get help from core team (paid support) to fix packages in that situation or to fast develop new ones.

    Community help as much as free time permits  :)


Log in to reply