Thanks for the how to on the package building. I was trying to figure out how you do it for pfsense (because so much of FreeBSD isn't present) that it didn't occur to me that it's just the FreeBSD way to do it. I'm also, coming from the linux side of things so the whole FreeBSD ports stuff is not something I'm familiar with.
-----Original Message----- From: Jim Pingle [mailto:li...@pingle.org] Sent: Wednesday, February 02, 2011 11:40 AM To: support@pfsense.com Subject: Re: [pfSense Support] Can anyone build a 1.2.3 ISO? On 2/2/2011 11:35 AM, Mark Jones wrote: > The Beta label on 2.0 is holding us back. (Also, last night I tried building > 2.0 on 8.1 and it failed, but I don't even see any errors, nor do I know > where they are squirreled away.) We are running on 7.2 with 1.2.3 and it > works. What we are trying to do is add java and openfire so that we can run > our IM client/setup on the pfsense box. > > The fact that portsnap isn't available to do that is a severe problem for us > (or maybe it just keeps us from shooting our own foot). Is there some > webpage that points out HOW to build an addon for pfsense so that we could do > a private addon for java and openfire? > > I'd also like to move our log analysis/display tool to the pfsense box. It > reads snort logs and squid proxy logs and tries to present a coherent view of > what has happened yesterday. Right now it's almost pre-alpha and requires we > suck the logs off the box and do the work elsewhere. We have a very stout > box we are devoting to pfsense so it can carry this load. Any pointers on > how you do this would be much appreciated. > > I can't find any pages that talk about how to build/package an addon > for pfsense. This doesn't give any hints as to how to pull it off > http://doc.pfsense.org/index.php/Packages#Specific_Package_Information > > PS: the code we use to display the logs is based on Django and runs in python > (mod_wsgi, or mod_python), so that would be the next hurdle.... Sounds like a lot of stuff that doesn't belong on a firewall ;-) You don't need to build on a firewall, use the ports system on a full 7.2 box and just run "make package-recursive" in the ports you want, then copy the resulting .tbz files to the pfsense box and add them with pkg_add. It's just like building packages for any FreeBSD system. You should really be pushing the logs off the firewall and onto a dedicated box for that. You really want the firewall to be a firewall, not a general purpose box. Though if you want to install all of that, you will be shooting yourself in the foot in one way or another, so you'll be on your own there. You might at least look into the jailctl package so you can at least segregate this stuff off into an area that is isolated from the main firewall (and incidentally, you can get make and friends working inside of a jail) - though I would still caution against doing any of the things you're suggesting on a production firewall. It's an easy way to turn a secure, stable firewall into an insecure, unstable "one-box-fits-all" device. Jim --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org