Re: [squid-users] Squid-3.3.3 fails to compile..

Hi Amos,

If "--enable-ipf-transparent" is not a firewall type supported by
FreeBSD, then how do we use IPFilter? I have been using that for as
long as I can remember. Does that mean 3.3 does not support
interception via IPFilter as a firewall?

On 2 April 2013 11:30, Amos Jeffries <squid3_at_treenet.co.nz> wrote:
> On 27/03/2013 1:51 a.m., Odhiambo Washington wrote:
>>
>> On FreeBSD 9.
>> Anyone knows why my compile fails viz:
>>
>> mv -f .deps/Address.Tpo .deps/Address.Plo
>> /bin/sh ../../libtool --tag=CXX --mode=compile g++ -DHAVE_CONFIG_H
>> -I../.. -I../../include -I../../lib -I../../src -I../../include
>> -I/usr/inc
>> lude -I/usr/include -I../../libltdl -I/usr/include
>> -I/usr/local/include/libxml2 -I/usr/include -I/usr/include
>> -I/usr/local/include/libxml2
>> -Wall -Wpointer-arith -Wwrite-strings -Wcomments -Werror -pipe
>> -D_REENTRANT -g -O2 -I/usr/local/include -MT Intercept.lo -MD -MP -MF
>> .deps/Interc
>> ept.Tpo -c -o Intercept.lo Intercept.cc
>> libtool: compile: g++ -DHAVE_CONFIG_H -I../.. -I../../include
>> -I../../lib -I../../src -I../../include -I/usr/include -I/usr/include
>> -I../../libl
>> tdl -I/usr/include -I/usr/local/include/libxml2 -I/usr/include
>> -I/usr/include -I/usr/local/include/libxml2 -Wall -Wpointer-arith
>> -Wwrite-strings
>> -Wcomments -Werror -pipe -D_REENTRANT -g -O2 -I/usr/local/include -MT
>> Intercept.lo -MD -MP -MF .deps/Intercept.Tpo -c Intercept.cc -fPIC
>> -DPIC -
>> o .libs/Intercept.o
>> Intercept.cc: In member function 'bool
>> Ip::Intercept::IpfInterception(const Comm::ConnectionPointer&, int)':
>> Intercept.cc:210: error: 'enter_suid' was not declared in this scope
>> Intercept.cc:217: error: 'leave_suid' was not declared in this scope
>
>
> AFAIK "--enable-ipf-transparent" is not a firewall type supported by
> FreeBSD, I think it should be --enable-pf-transparent or
> --enable-ipfw-transparent.
>
> Some improved PF support has jut hit 3.3.3 today, so please try again with
> --enable-pf-transparent on the next daily package labeled r12524 or higher.
>
>
>> My configure options:
>>
>> !/bin/sh
>> ./configure --prefix=/opt/squid33 \
>> --enable-removal-policies="lru heap" \
>> --disable-linux-netfilter \
>> --disable-linux-tproxy \
>
>
> http://www.squid-cache.org/Versions/v3/3.1/RELEASENOTES.html#ss4.2
>
>
>> --disable-epoll \
>> --enable-auth \
>> --enable-basic-auth-helpers="DB NCSA PAM MSNT YP PAM POP3 SMB
>> SSPI MSNT" \
>> --enable-digest-auth-helpers=password \
>> --enable-external-acl-helpers="ip_user session unix_group
>> wbinfo_group file_userip eDirectory_userip" \
>> --enable-ntlm-auth-helpers="smb_lm SSPI" \
>
>
> http://www.squid-cache.org/Versions/v3/3.2/RELEASENOTES.html#ss4.3 and
> http://www.squid-cache.org/Versions/v3/3.2/RELEASENOTES.html#ss4.1
>
> Also, your list of Basic helpers contains duplicates.
>
>
>> --with-pthreads \
>> --enable-storeio="ufs diskd aufs" \
>> --enable-delay-pools \
>> --enable-snmp \
>> --with-openssl=/usr \
>> --enable-forw-via-db \
>> --enable-cache-digests \
>> --enable-wccpv2 \
>> --enable-referer-log \
>> --enable-useragent-log \
>
> http://www.squid-cache.org/Versions/v3/3.2/RELEASENOTES.html#ss4.3
>
>
>> --enable-arp-acl \
>> --enable-follow-x-forwarded-for \
>> --with-large-files \
>> --enable-large-cache-files \
>> --enable-err-languages="English French" \
>> --enable-default-err-language=English \
>
> http://www.squid-cache.org/Versions/v3/3.1/RELEASENOTES.html#ss4.3
>
>
>> --enable-esi \
>> --enable-kqueue \
>> --enable-icap-client \
>> --enable-kill-parent-hack \
>> --enable-ssl \
>> --enable-leakfinder \
>> --enable-ssl-crtd \
>> --enable-url-rewrite-helpers \
>> --enable-xmalloc-statistics \
>> --enable-stacktraces \
>> --enable-auth-negotiate="SSPI kerberos" \
>> --enable-zph-qos \
>> --enable-eui \
>> --enable-pf-transparent \
>> --enable-ipf-transparent
>
>
> Amos

-- 
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254733744121/+254722743223
"I can't hear you -- I'm using the scrambler."