https://redmine.pfsense.org/https://redmine.pfsense.org/favicon.ico?16780521162016-11-06T00:49:34ZpfSense bugtrackerpfSense Packages - Bug #6878: how to use snort, squid and squid_guard with a ram diskhttps://redmine.pfsense.org/issues/6878?journal_id=292952016-11-06T00:49:34ZJim Thompsonjim@netgate.com
<ul><li><strong>Assignee</strong> set to <i>Jim Pingle</i></li></ul> pfSense Packages - Bug #6878: how to use snort, squid and squid_guard with a ram diskhttps://redmine.pfsense.org/issues/6878?journal_id=293542016-11-09T15:23:11ZJim Pingle
<ul><li><strong>% Done</strong> changed from <i>0</i> to <i>50</i></li></ul><p>Fixed the snort directories in commit:ce8fedd</p>
<p>Will look into squidGuard soon.</p> pfSense Packages - Bug #6878: how to use snort, squid and squid_guard with a ram diskhttps://redmine.pfsense.org/issues/6878?journal_id=293642016-11-10T11:10:09ZJim Pingle
<ul><li><strong>% Done</strong> changed from <i>50</i> to <i>70</i></li></ul><p>Pushed a change for squid to teach clamav to keep its DB in a persistent location if /var is a RAM disk. It doesn't change often enough to warrant keeping it in a RAM disk, especially with limited space.</p> pfSense Packages - Bug #6878: how to use snort, squid and squid_guard with a ram diskhttps://redmine.pfsense.org/issues/6878?journal_id=293672016-11-10T12:23:27ZJim Pingle
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Feedback</i></li><li><strong>% Done</strong> changed from <i>70</i> to <i>100</i></li></ul><p>I pushed a change to teach squidGuard to keep its databases in a persistent directory when /var is in RAM. The files do not change frequently enough to warrant maintaining them in a RAM disk. Ticket <a class="issue tracker-1 status-3 priority-10 priority-lowest closed" title="Bug: how to use snort, squid and squid_guard with a ram disk (Resolved)" href="https://redmine.pfsense.org/issues/6878">#6878</a></p> pfSense Packages - Bug #6878: how to use snort, squid and squid_guard with a ram diskhttps://redmine.pfsense.org/issues/6878?journal_id=293682016-11-10T12:23:35ZJim Pingle
<ul></ul><p>Each of these changes was made on 2.4 only, as some assumptions were made that could conflict in some cases (e.g. NanoBSD, which no longer exists on 2.4) and it was the best way to ensure the packages could be tested without causing issues on 2.3.x.</p>
<p>If someone wants to test the changes on 2.3.x and submit a pull request to bring variations of them in there, feel free.</p>
<p>The relevant commits are:</p>
<p>snort: <a class="external" href="https://github.com/pfsense/FreeBSD-ports/commit/ce8feddcd1d675ebaa6062fe82dc7267ed771d49">https://github.com/pfsense/FreeBSD-ports/commit/ce8feddcd1d675ebaa6062fe82dc7267ed771d49</a><br />squid (clamav): <a class="external" href="https://github.com/pfsense/FreeBSD-ports/commit/38872566f0001d804f33c3985ca28b199c49049c">https://github.com/pfsense/FreeBSD-ports/commit/38872566f0001d804f33c3985ca28b199c49049c</a><br />squidGuard (blacklists): <a class="external" href="https://github.com/pfsense/FreeBSD-ports/commit/033c76879853ac2c4ddb2c0078213c7ce830f679">https://github.com/pfsense/FreeBSD-ports/commit/033c76879853ac2c4ddb2c0078213c7ce830f679</a></p> pfSense Packages - Bug #6878: how to use snort, squid and squid_guard with a ram diskhttps://redmine.pfsense.org/issues/6878?journal_id=293822016-11-11T07:26:38ZJim Pingle
<ul><li><strong>Target version</strong> set to <i>2.4.0</i></li><li><strong>Affected Version</strong> changed from <i>2.3.2</i> to <i>All</i></li><li><strong>Affected Architecture</strong> <i>All</i> added</li><li><strong>Affected Architecture</strong> deleted (<del><i></i></del>)</li></ul> pfSense Packages - Bug #6878: how to use snort, squid and squid_guard with a ram diskhttps://redmine.pfsense.org/issues/6878?journal_id=297032016-12-02T09:24:37ZJim Pingle
<ul><li><strong>Status</strong> changed from <i>Feedback</i> to <i>Resolved</i></li></ul><p>Seems to be working.</p> pfSense Packages - Bug #6878: how to use snort, squid and squid_guard with a ram diskhttps://redmine.pfsense.org/issues/6878?journal_id=305252017-01-10T04:24:48ZKill Bill
<ul></ul><p>Jim Pingle wrote:</p>
<blockquote>
<p>Seems to be working.</p>
</blockquote>
<p>Yeah, this seems to be working, except that noone is getting the fixes. Considering that these are mainly for nanobsd users (which is entirely gone as a platform with 2.4), what's the point? (No, I don't know of any sane use case for the ramdisks on non-embedded with the way they work now, it is just a giant PITA breaking way more that it potentially fixes.)</p>
<p>Way too much branching going on here, plus generally the only advise possible is telling users to use the latest devel snapshot, not something people are keen to do in production. <br /><a class="external" href="https://github.com/pfsense/FreeBSD-ports/pull/249#issuecomment-271535540">https://github.com/pfsense/FreeBSD-ports/pull/249#issuecomment-271535540</a></p> pfSense Packages - Bug #6878: how to use snort, squid and squid_guard with a ram diskhttps://redmine.pfsense.org/issues/6878?journal_id=305292017-01-10T06:50:08ZJim Pingle
<ul></ul><p>The thinking was: Without NanoBSD, more people will be running a full install on unreliable media like CF/SD, so we needed RAM disk behavior to be more reliable because more people would be using it.</p>
<p>There is no special purpose for those changes being held back, the main reason they didn't get merged is because I didn't test them on other versions and the changes were a bit large so I didn't want to copy them over without vetting them first. If the code works OK on 2.3.2/2.3.3 then it can be pulled back there.</p>