Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Dansguardian on FreeBSD / ALIX

    Cache/Proxy
    4
    9
    1613
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      OzRattler last edited by

      Hello All!

      I have installed Dansguardian on an ALIX box running FreeBSD and up to date:

      2.2.2-RELEASE (i386)
      built on Mon Apr 13 20:10:33 CDT 2015
      FreeBSD 10.1-RELEASE-p9

      I have NOT installed SQUID as yet because DansG is not running with the following log error::

      php-fpm[12165]: /pkg_edit.php: The command '/usr/local/etc/rc.d/dansguardian.sh start' returned exit code '1', the output was 'kern.ipc.somaxconn: 128 -> 16384 kern.maxfiles: 7151 -> 131072 kern.maxfilesperproc: 6435 -> 104856 kern.threads.max_threads_per_proc: 1500 -> 4096 Starting dansguardian. Illegal instruction (core dumped) /usr/local/etc/rc.d/dansguardian.sh: WARNING: failed to start dansguardian'

      Am I correct in assuming that the OS is incapable of running DansG because it has been paired down?  Is there a tweak I can use to get around this or am I bashing my head against a virtual brickwall???

      Any and all advice welcomed.

      Me.  :)


      …insanity is so confusing...

      1 Reply Last reply Reply Quote 0
      • KOM
        KOM last edited by

        Am I correct in assuming that the OS is incapable of running DansG because it has been paired down?

        Yes, from what I understand.

        Is there a tweak I can use to get around this or am I bashing my head against a virtual brickwall???

        Not that I know of.

        1 Reply Last reply Reply Quote 0
        • A
          aGeekhere last edited by

          wait for E2guardian?

          Never Fear, A Geek is Here!

          1 Reply Last reply Reply Quote 0
          • KOM
            KOM last edited by

            Waiting for E2Guardian won't help.  Those ALIX appliances are RAM-limited, and web caching & filtering can take up a lot of RAM.  Plus there can be other issues.  On ALIX, for example, the squidguard blacklists are kept in /tmp which is a RAM disk, so every reboot of the unit and you lose your blacklists.

            1 Reply Last reply Reply Quote 0
            • C
              cmb last edited by

              @KOM:

              Am I correct in assuming that the OS is incapable of running DansG because it has been paired down?

              Yes, from what I understand.

              No, our package will run.

              But trying to run it on an ALIX is pointless, it just doesn't have enough RAM to do so especially given it has to run some of its filesystems out of RAM since the CF can't (or ideally shouldn't) be kept mounted rw all the time.

              1 Reply Last reply Reply Quote 0
              • O
                OzRattler last edited by

                Thank you ALL for your replies….......

                @cmb:
                Thank you.  I understand the limitation of RAM in ALIX boxes which to put it plainly is a shame as it sinks what I had planned [hoped] to do.  Any alternatives that you [or any reader] are aware of for low-power devices that will fly DansG effectively?  Beyond that, I agree having the CF mounted and 'rw' all the time is not ideal  [well, less than] but for the purpose of the exercise, is it possible and how may I ask?  Even a non-reduced OS would still have the RAM demands.  :'(

                In the meantime, I will look into other filtering solutions and packages…...though I am very reluctant to run a full-blown PC.  pfBlockerNG perhaps?  Though not the same I acknowledge.

                Again, thanks!

                Oz.


                …insanity is so confusing...

                1 Reply Last reply Reply Quote 0
                • KOM
                  KOM last edited by

                  though I am very reluctant to run a full-blown PC.

                  There is a ton of selection between an ALIX-type unit and a full PC.  Some people are using smaller systems like the Intel NUC or other minicomputers.

                  1 Reply Last reply Reply Quote 0
                  • A
                    aGeekhere last edited by

                    or from pcengines http://www.pcengines.ch/apu1d4.htm

                    Never Fear, A Geek is Here!

                    1 Reply Last reply Reply Quote 0
                    • O
                      OzRattler last edited by

                      Thanks KOM and aGeekHere for your replies.

                      I confess to having seen the PC Engine 1D4 and its greater RAM, and therefore imagine it will fly the E2G software.  Loss of blacklists due to being stored on RAMD~/tmp remains a pest.  Shall rethink use of SquadGuard…..

                      WRT the other minis, single LAN [which most appear to be] is problematic though with the USB not insurmountable given some modems have USB ports or at a pinch use an adpator.

                      Mind you, with my VW Golf exploding last night, I am a little distracted so forgive me if I missed anything.  Still happy for suggestions etc…

                      Oz


                      …insanity is so confusing...

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post