Re: [squid-users] Squid-3.3.3 fails to compile..
Hi Amos, I have now cleaned up my configure options. #!/bin/sh ./configure --prefix=/opt/squid33 \ --enable-removal-policies=lru heap \ --disable-epoll \ --enable-auth \ --enable-auth-basic=DB NCSA PAM MSNT YP PAM POP3 SMB SSPI MSNT \ --enable-auth-digest=password \ --enable-external-acl-helpers=ip_user session unix_group wbinfo_group file_userip eDirectory_userip \ --enable-auth-ntlm=smb_lm SSPI \ --enable-auth-negotiate=SSPI kerberos \ --with-pthreads \ --enable-storeio=ufs diskd aufs \ --enable-delay-pools \ --enable-snmp \ --with-openssl=/usr \ --enable-forw-via-db \ --enable-cache-digests \ --enable-wccpv2 \ --enable-follow-x-forwarded-for \ --with-large-files \ --enable-large-cache-files \ --enable-error_default_language=English \ --enable-esi \ --enable-kqueue \ --enable-icap-client \ --enable-kill-parent-hack \ --enable-ssl \ --enable-leakfinder \ --enable-ssl-crtd \ --enable-url-rewrite-helpers \ --enable-xmalloc-statistics \ --enable-stacktraces \ --enable-zph-qos \ --enable-eui \ --enable-pf-transparent \ --enable-ipf-transparent I hope there is no more cleaning I need to do:) And I have successfully compiled squid-3.3.3-20130403-r12525 with that now. On 2 April 2013 15:41, Amos Jeffries squ...@treenet.co.nz wrote: On 2/04/2013 9:56 p.m., Odhiambo Washington wrote: Hi Amos, If --enable-ipf-transparent is not a firewall type supported by FreeBSD, then how do we use IPFilter? I have been using that for as long as I can remember. Does that mean 3.3 does not support interception via IPFilter as a firewall? Oh I stand corrected. Sorry, all the documentation I've found about BSD was talking about their IPFW tools and PF port. 3.3 still supports all the same firewalls as previous versions. I just found the problem behind these SUID failures. Please try this patch when the mirror servers pick it up: http://www.squid-cache.org/Versions/v3/3.HEAD/changesets/squid-3-12749.patch Amos -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 I can't hear you -- I'm using the scrambler.
Re: [squid-users] Squid-3.3.3 fails to compile..
On 27/03/2013 1:51 a.m., Odhiambo Washington wrote: On FreeBSD 9. Anyone knows why my compile fails viz: mv -f .deps/Address.Tpo .deps/Address.Plo /bin/sh ../../libtool --tag=CXX --mode=compile g++ -DHAVE_CONFIG_H -I../.. -I../../include -I../../lib -I../../src -I../../include -I/usr/inc lude -I/usr/include -I../../libltdl -I/usr/include -I/usr/local/include/libxml2 -I/usr/include -I/usr/include -I/usr/local/include/libxml2 -Wall -Wpointer-arith -Wwrite-strings -Wcomments -Werror -pipe -D_REENTRANT -g -O2 -I/usr/local/include -MT Intercept.lo -MD -MP -MF .deps/Interc ept.Tpo -c -o Intercept.lo Intercept.cc libtool: compile: g++ -DHAVE_CONFIG_H -I../.. -I../../include -I../../lib -I../../src -I../../include -I/usr/include -I/usr/include -I../../libl tdl -I/usr/include -I/usr/local/include/libxml2 -I/usr/include -I/usr/include -I/usr/local/include/libxml2 -Wall -Wpointer-arith -Wwrite-strings -Wcomments -Werror -pipe -D_REENTRANT -g -O2 -I/usr/local/include -MT Intercept.lo -MD -MP -MF .deps/Intercept.Tpo -c Intercept.cc -fPIC -DPIC - o .libs/Intercept.o Intercept.cc: In member function 'bool Ip::Intercept::IpfInterception(const Comm::ConnectionPointer, int)': Intercept.cc:210: error: 'enter_suid' was not declared in this scope Intercept.cc:217: error: 'leave_suid' was not declared in this scope AFAIK --enable-ipf-transparent is not a firewall type supported by FreeBSD, I think it should be --enable-pf-transparent or --enable-ipfw-transparent. Some improved PF support has jut hit 3.3.3 today, so please try again with --enable-pf-transparent on the next daily package labeled r12524 or higher. My configure options: !/bin/sh ./configure --prefix=/opt/squid33 \ --enable-removal-policies=lru heap \ --disable-linux-netfilter \ --disable-linux-tproxy \ http://www.squid-cache.org/Versions/v3/3.1/RELEASENOTES.html#ss4.2 --disable-epoll \ --enable-auth \ --enable-basic-auth-helpers=DB NCSA PAM MSNT YP PAM POP3 SMB SSPI MSNT \ --enable-digest-auth-helpers=password \ --enable-external-acl-helpers=ip_user session unix_group wbinfo_group file_userip eDirectory_userip \ --enable-ntlm-auth-helpers=smb_lm SSPI \ http://www.squid-cache.org/Versions/v3/3.2/RELEASENOTES.html#ss4.3 and http://www.squid-cache.org/Versions/v3/3.2/RELEASENOTES.html#ss4.1 Also, your list of Basic helpers contains duplicates. --with-pthreads \ --enable-storeio=ufs diskd aufs \ --enable-delay-pools \ --enable-snmp \ --with-openssl=/usr \ --enable-forw-via-db \ --enable-cache-digests \ --enable-wccpv2 \ --enable-referer-log \ --enable-useragent-log \ http://www.squid-cache.org/Versions/v3/3.2/RELEASENOTES.html#ss4.3 --enable-arp-acl \ --enable-follow-x-forwarded-for \ --with-large-files \ --enable-large-cache-files \ --enable-err-languages=English French \ --enable-default-err-language=English \ http://www.squid-cache.org/Versions/v3/3.1/RELEASENOTES.html#ss4.3 --enable-esi \ --enable-kqueue \ --enable-icap-client \ --enable-kill-parent-hack \ --enable-ssl \ --enable-leakfinder \ --enable-ssl-crtd \ --enable-url-rewrite-helpers \ --enable-xmalloc-statistics \ --enable-stacktraces \ --enable-auth-negotiate=SSPI kerberos \ --enable-zph-qos \ --enable-eui \ --enable-pf-transparent \ --enable-ipf-transparent Amos
Re: [squid-users] Squid-3.3.3 fails to compile..
Hi Amos, If --enable-ipf-transparent is not a firewall type supported by FreeBSD, then how do we use IPFilter? I have been using that for as long as I can remember. Does that mean 3.3 does not support interception via IPFilter as a firewall? On 2 April 2013 11:30, Amos Jeffries squ...@treenet.co.nz wrote: On 27/03/2013 1:51 a.m., Odhiambo Washington wrote: On FreeBSD 9. Anyone knows why my compile fails viz: mv -f .deps/Address.Tpo .deps/Address.Plo /bin/sh ../../libtool --tag=CXX --mode=compile g++ -DHAVE_CONFIG_H -I../.. -I../../include -I../../lib -I../../src -I../../include -I/usr/inc lude -I/usr/include -I../../libltdl -I/usr/include -I/usr/local/include/libxml2 -I/usr/include -I/usr/include -I/usr/local/include/libxml2 -Wall -Wpointer-arith -Wwrite-strings -Wcomments -Werror -pipe -D_REENTRANT -g -O2 -I/usr/local/include -MT Intercept.lo -MD -MP -MF .deps/Interc ept.Tpo -c -o Intercept.lo Intercept.cc libtool: compile: g++ -DHAVE_CONFIG_H -I../.. -I../../include -I../../lib -I../../src -I../../include -I/usr/include -I/usr/include -I../../libl tdl -I/usr/include -I/usr/local/include/libxml2 -I/usr/include -I/usr/include -I/usr/local/include/libxml2 -Wall -Wpointer-arith -Wwrite-strings -Wcomments -Werror -pipe -D_REENTRANT -g -O2 -I/usr/local/include -MT Intercept.lo -MD -MP -MF .deps/Intercept.Tpo -c Intercept.cc -fPIC -DPIC - o .libs/Intercept.o Intercept.cc: In member function 'bool Ip::Intercept::IpfInterception(const Comm::ConnectionPointer, int)': Intercept.cc:210: error: 'enter_suid' was not declared in this scope Intercept.cc:217: error: 'leave_suid' was not declared in this scope AFAIK --enable-ipf-transparent is not a firewall type supported by FreeBSD, I think it should be --enable-pf-transparent or --enable-ipfw-transparent. Some improved PF support has jut hit 3.3.3 today, so please try again with --enable-pf-transparent on the next daily package labeled r12524 or higher. My configure options: !/bin/sh ./configure --prefix=/opt/squid33 \ --enable-removal-policies=lru heap \ --disable-linux-netfilter \ --disable-linux-tproxy \ http://www.squid-cache.org/Versions/v3/3.1/RELEASENOTES.html#ss4.2 --disable-epoll \ --enable-auth \ --enable-basic-auth-helpers=DB NCSA PAM MSNT YP PAM POP3 SMB SSPI MSNT \ --enable-digest-auth-helpers=password \ --enable-external-acl-helpers=ip_user session unix_group wbinfo_group file_userip eDirectory_userip \ --enable-ntlm-auth-helpers=smb_lm SSPI \ http://www.squid-cache.org/Versions/v3/3.2/RELEASENOTES.html#ss4.3 and http://www.squid-cache.org/Versions/v3/3.2/RELEASENOTES.html#ss4.1 Also, your list of Basic helpers contains duplicates. --with-pthreads \ --enable-storeio=ufs diskd aufs \ --enable-delay-pools \ --enable-snmp \ --with-openssl=/usr \ --enable-forw-via-db \ --enable-cache-digests \ --enable-wccpv2 \ --enable-referer-log \ --enable-useragent-log \ http://www.squid-cache.org/Versions/v3/3.2/RELEASENOTES.html#ss4.3 --enable-arp-acl \ --enable-follow-x-forwarded-for \ --with-large-files \ --enable-large-cache-files \ --enable-err-languages=English French \ --enable-default-err-language=English \ http://www.squid-cache.org/Versions/v3/3.1/RELEASENOTES.html#ss4.3 --enable-esi \ --enable-kqueue \ --enable-icap-client \ --enable-kill-parent-hack \ --enable-ssl \ --enable-leakfinder \ --enable-ssl-crtd \ --enable-url-rewrite-helpers \ --enable-xmalloc-statistics \ --enable-stacktraces \ --enable-auth-negotiate=SSPI kerberos \ --enable-zph-qos \ --enable-eui \ --enable-pf-transparent \ --enable-ipf-transparent Amos -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 I can't hear you -- I'm using the scrambler.
Re: [squid-users] Squid-3.3.3 fails to compile..
On 2/04/2013 9:56 p.m., Odhiambo Washington wrote: Hi Amos, If --enable-ipf-transparent is not a firewall type supported by FreeBSD, then how do we use IPFilter? I have been using that for as long as I can remember. Does that mean 3.3 does not support interception via IPFilter as a firewall? Oh I stand corrected. Sorry, all the documentation I've found about BSD was talking about their IPFW tools and PF port. 3.3 still supports all the same firewalls as previous versions. I just found the problem behind these SUID failures. Please try this patch when the mirror servers pick it up: http://www.squid-cache.org/Versions/v3/3.HEAD/changesets/squid-3-12749.patch Amos