Dansguardian on FreeBSD / ALIX



  • Hello All!

    I have installed Dansguardian on an ALIX box running FreeBSD and up to date:

    2.2.2-RELEASE (i386)
    built on Mon Apr 13 20:10:33 CDT 2015
    FreeBSD 10.1-RELEASE-p9

    I have NOT installed SQUID as yet because DansG is not running with the following log error::

    php-fpm[12165]: /pkg_edit.php: The command '/usr/local/etc/rc.d/dansguardian.sh start' returned exit code '1', the output was 'kern.ipc.somaxconn: 128 -> 16384 kern.maxfiles: 7151 -> 131072 kern.maxfilesperproc: 6435 -> 104856 kern.threads.max_threads_per_proc: 1500 -> 4096 Starting dansguardian. Illegal instruction (core dumped) /usr/local/etc/rc.d/dansguardian.sh: WARNING: failed to start dansguardian'

    Am I correct in assuming that the OS is incapable of running DansG because it has been paired down?  Is there a tweak I can use to get around this or am I bashing my head against a virtual brickwall???

    Any and all advice welcomed.

    Me.  :)



  • Am I correct in assuming that the OS is incapable of running DansG because it has been paired down?

    Yes, from what I understand.

    Is there a tweak I can use to get around this or am I bashing my head against a virtual brickwall???

    Not that I know of.



  • wait for E2guardian?



  • Waiting for E2Guardian won't help.  Those ALIX appliances are RAM-limited, and web caching & filtering can take up a lot of RAM.  Plus there can be other issues.  On ALIX, for example, the squidguard blacklists are kept in /tmp which is a RAM disk, so every reboot of the unit and you lose your blacklists.



  • @KOM:

    Am I correct in assuming that the OS is incapable of running DansG because it has been paired down?

    Yes, from what I understand.

    No, our package will run.

    But trying to run it on an ALIX is pointless, it just doesn't have enough RAM to do so especially given it has to run some of its filesystems out of RAM since the CF can't (or ideally shouldn't) be kept mounted rw all the time.



  • Thank you ALL for your replies….......

    @cmb:
    Thank you.  I understand the limitation of RAM in ALIX boxes which to put it plainly is a shame as it sinks what I had planned [hoped] to do.  Any alternatives that you [or any reader] are aware of for low-power devices that will fly DansG effectively?  Beyond that, I agree having the CF mounted and 'rw' all the time is not ideal  [well, less than] but for the purpose of the exercise, is it possible and how may I ask?  Even a non-reduced OS would still have the RAM demands.  :'(

    In the meantime, I will look into other filtering solutions and packages…...though I am very reluctant to run a full-blown PC.  pfBlockerNG perhaps?  Though not the same I acknowledge.

    Again, thanks!

    Oz.



  • though I am very reluctant to run a full-blown PC.

    There is a ton of selection between an ALIX-type unit and a full PC.  Some people are using smaller systems like the Intel NUC or other minicomputers.





  • Thanks KOM and aGeekHere for your replies.

    I confess to having seen the PC Engine 1D4 and its greater RAM, and therefore imagine it will fly the E2G software.  Loss of blacklists due to being stored on RAMD~/tmp remains a pest.  Shall rethink use of SquadGuard…..

    WRT the other minis, single LAN [which most appear to be] is problematic though with the USB not insurmountable given some modems have USB ports or at a pinch use an adpator.

    Mind you, with my VW Golf exploding last night, I am a little distracted so forgive me if I missed anything.  Still happy for suggestions etc…

    Oz