1
General Discussion / Re: Update Issues behind a seperate proxy.
« on: November 22, 2019, 08:29:55 am »
Thanks for the Info!
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
General Discussion / Re: Update Issues behind a seperate proxy.
« on: November 21, 2019, 08:27:34 am »
How much space would it require to mirror the opnsense repository for example?
3
General Discussion / Re: Update Issues behind a seperate proxy.
« on: November 20, 2019, 04:10:49 pm »
Thanks for the Answer,
since it's an issue with the fetchlib i'll probably go for the local mirror option, which sounds a bit more likely for us to handle than waiting for freebsd to apply the patch for the bug.
Thanks for the input anyways.
since it's an issue with the fetchlib i'll probably go for the local mirror option, which sounds a bit more likely for us to handle than waiting for freebsd to apply the patch for the bug.
Thanks for the input anyways.
4
General Discussion / Update Issues behind a seperate proxy.
« on: November 20, 2019, 02:40:19 pm »
Howdy OPNsense Community.
I don't know if this is the right place to ask for such a question, but i'll just try.
Environment
We're evaluating a OPNsense Firewall at the Moment for a big Company which has multiple locations and each location kinda does their own thing. So far so bad.
We're inside a huge company intranet where we need to authenticate with a proxy if we want to go to the interwebs.
Issue Description
When trying to Update the OPNsense System through,
What i tried so far
I tried, the usual troubleshooting to make sure it's not my fault
I don't want to just Change the repo url to http, which would work, because we have other repo's in place which would need https support anyway.
I also found a Issue Report on the FreeBSD Bugtracker, which seems to fit this exact issue: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220468 and it actually contains a patch, which unfortunately never got applied.
I know how to compile stuff usually, and i would've tried patching the library myself, but since it's so integrated into FreeBSD and has quite some 'internal' dependencies i don't really know how to just test and or build the fixed lib.
My hope was, that since OPNsense probably (hopefully) doesn't actually just use the upstream FreeBSD without changing anything there, that i could either get this patch integrated into OPNsense directly, since FreeBSD doesn't seem to care, (Issue created 2017) or eventually getting help from some knowledgeable people to build the library myself, without building the whole freebsd os.
Thanks for reading this far,
and have a great day.
I don't know if this is the right place to ask for such a question, but i'll just try.
Environment
We're evaluating a OPNsense Firewall at the Moment for a big Company which has multiple locations and each location kinda does their own thing. So far so bad.
We're inside a huge company intranet where we need to authenticate with a proxy if we want to go to the interwebs.
Issue Description
When trying to Update the OPNsense System through,
Code: [Select]
opnsense-update. It fails with An Error which is 407 Proxy Authentication required. I know for a fact, that the Environment Vars which the underlying libfetch respect, are properly set and in place. The issue here is, that libfetch doesn't handle the 407 and doesn't try to resend the CONNECT with an proper Proxy-Authentication Header.What i tried so far
I tried, the usual troubleshooting to make sure it's not my fault
- Fetch with http works
- Fetch with https doesn't work
- Curl with http works
- Curl with https works
I don't want to just Change the repo url to http, which would work, because we have other repo's in place which would need https support anyway.
I also found a Issue Report on the FreeBSD Bugtracker, which seems to fit this exact issue: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220468 and it actually contains a patch, which unfortunately never got applied.
I know how to compile stuff usually, and i would've tried patching the library myself, but since it's so integrated into FreeBSD and has quite some 'internal' dependencies i don't really know how to just test and or build the fixed lib.
My hope was, that since OPNsense probably (hopefully) doesn't actually just use the upstream FreeBSD without changing anything there, that i could either get this patch integrated into OPNsense directly, since FreeBSD doesn't seem to care, (Issue created 2017) or eventually getting help from some knowledgeable people to build the library myself, without building the whole freebsd os.
Thanks for reading this far,
and have a great day.
Pages: [1]