OPNsense Forum

English Forums => Development and Code Review => Topic started by: lucifercipher on July 05, 2015, 11:58:11 pm

Title: Build Environment?
Post by: lucifercipher on July 05, 2015, 11:58:11 pm

Hey Franco,

I am going to remove Suricata and Squid completely. Do you have static package build linkage or other dependencies in system variables?

Title: Re: Build Environment?
Post by: franco on July 06, 2015, 07:57:12 am

Glad to hear that there is tinkering with the build tools going on. :)

In theory, suricata and squid ports need to be removed from ports.conf, and the GUI code can simply be unhooked from the menu (it's harder to take it out safely than it does much harm, but if you are security conscious you'll have to scrape out the code).

You'll be pleased to hear that we are about to start a plugin infrastructure that would make the proxy and intrusion detection optional again so that they can be safely uninstalled (or are not even in the base installation). We had to go the current route to still present those functions without further delays. The plugin system is scheduled for 16.1.

Title: Re: Build Environment?
Post by: lucifercipher on July 06, 2015, 10:35:03 am

hey Franco,

I saw your reply late (this afternoon). Last night at 4AM i already removed them from ports.conf and removed the table entries from menu.xml. Its pretty straight forward and extremely simple. The plugin service is an excellent choice because not only components such as proxy or IDS can be added but other components like UPS addons , IPS components, etc are very critical if OPNSense is aimed for enterprise infrastructures.

I will setup a two machines for you this week. One with packages and the other one for development and testing on a 100mbps dedicated link at my place.

Cheers.

Title: Re: Build Environment?
Post by: franco on July 06, 2015, 11:09:57 am

The fact that it takes longer to respond than the time it actually took for you to find and remove the proposed lines is a good sign... :)

Title: Re: Build Environment?
Post by: lucifercipher on July 09, 2015, 05:55:16 pm

Hey Franco,

I removed suricata and squid completely from ports.conf but they still get build. Is there a reference build config somewhere else?

Title: Re: Build Environment?
Post by: franco on July 10, 2015, 06:42:04 am

They are probably being cached in the packages set. Try a fresh run from scratch:

# make clean-packages packages

Title: Re: Build Environment?
Post by: lucifercipher on July 10, 2015, 10:58:25 am

Nope. It wasn't that. It was the wrong work dir that i had set. Now set to "latest" instead of "15.7" Crap! :D

Title: Re: Build Environment?
Post by: franco on July 10, 2015, 11:45:16 am

Ah, yes, that's tricky. I'm not 100% confident about that yet, but I can see latest and 15.7 diverging down the road in terms of kernel features and ports and so on, especially with a migration to HardenedBSD.

Title: Re: Build Environment?
Post by: lucifercipher on July 13, 2015, 07:54:04 pm

Hey my friend. Its a success. Running custom kernel in tests with different tuned variables. I will post the results later after intensive lab testing. Thanks for your guidance. All credit goes to you Franco. You da man !