From hideishi@magisystem.net  Mon Dec 29 10:50:09 2003
Return-Path: <hideishi@magisystem.net>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 0D9A416A4CE; Mon, 29 Dec 2003 10:50:09 -0800 (PST)
Received: from melchior.magisystem.net (p1174-ipadfx21funabasi.chiba.ocn.ne.jp [220.106.142.174])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id CD7FB43D2F; Mon, 29 Dec 2003 10:50:06 -0800 (PST)
	(envelope-from hideishi@magisystem.net)
Received: (from hideishi@localhost)
	by melchior.magisystem.net (8.11.7+3.4W/8.11.7) id hBTIo4G17250;
	Tue, 30 Dec 2003 03:50:04 +0900 (JST)
	(envelope-from hideishi)
Message-Id: <200312291850.hBTIo4G17250@melchior.magisystem.net>
Date: Tue, 30 Dec 2003 03:50:04 +0900 (JST)
From: Hidenori Ishikawa <hideishi@magisystem.net>
Reply-To: Hidenori Ishikawa <hideishi@magisystem.net>
To: FreeBSD-gnats-submit@freebsd.org
Cc: adrian@freebsd.org, hideishi@magisystem.net
Subject: squid cannot be built with transparent-ipf support
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         60700
>Category:       ports
>Synopsis:       squid cannot be built with transparent-ipf support
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-ports-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Dec 29 11:00:24 PST 2003
>Closed-Date:    Fri Mar 11 17:35:27 GMT 2005
>Last-Modified:  Fri Mar 11 17:35:27 GMT 2005
>Originator:     Hidenori Ishikawa
>Release:        FreeBSD 4.9-RELEASE i386
>Organization:
Chiba *BSD Users Group
>Environment:
System: FreeBSD melchior.magisystem.net 4.9-RELEASE FreeBSD 4.9-RELEASE #0: Sat Nov 1 16:58:29 JST 2003 root@melchior.magisystem.net:/work/obj/usr/src/sys/SMP-4.9-MAGISYSTEM i386


	
>Description:
	squid port (www/squid) cannot be built with transparent-ipf support
	which is enabled by uncommenting the following lines.

#  - Enable Transparent Proxy support for IP-Filter systems (incl 3.0)
#CONFIGURE_ARGS+= --enable-ipf-transparent

	The port build may proceed although header problem occurs,
	but you should see the following warning from configure script.

checking if IP-Filter header files are installed... no
WARNING: Cannot find necessary IP-Filter header files
         Transparent Proxy support WILL NOT be enabled

	Because, configure script cannot find the ipf headers,
	transparent-ipf is disabled even though it is specified by
	CONFIGURE_ARGS, hence compiled squid lacks transparent-ipf support.

>How-To-Repeat:
	Uncomment the lines above (in other words, add --enable-ipf-tranparent
	to CONFIGURE_ARGS) and make the port.

	*IMPORTANT*
	This port build must be done on a freshly installed FreeBSD machine
	(4.8-RELEASE or later possibly).
	On a machine in which FreeBSD was installed many days ago (such as
	4.1-RELEASE or 4.0-RELEASE and the make world to proceeding releases),
	squid port can be successfully built.
	This is the core of the problem.
	
>Fix:
	The reason to the build failure is that the ipf headers, 
	ip_compat.h, ip_fil.h and ip_nat.h are no longer installed on
	recent FreeBSD releases.
	They used to be install in old times. (I was able to build squid
	with transtarent-ipf support on a 4.1-RELEASE machine at that time.)
	I figured out this problem when I replaced my old proxy-box with
	new machine and completely fresh installed 4.8-RELEASE.
	I'm not sure, when the FreeBSD core team has changed their policy
	about ipf headers, and suddenly changed "NOT" to install them.
	These headers of course exist in the kernel source tree
	/usr/src/sys/contrib/ipfilter/
	but only used at kernel and kernel modules compile time.
	In order to fix, there two solutions.
	1. Ask FreeBSD core team (may be kernel maintainer) to re-enable
	the installation of ipf headers to proper place (/usr/include).
	2. Some how  make a simbolyc link to /usr/src/sys/contrib/ipfilter/*.h
	at squid port build time.

	My workaround is copying ipf headers from kernel source tree to
	/usr/include everytime when make a new make world, but this is 
	very odd. I suppose port system should utilize those headers
	by itself.
	


>Release-Note:
>Audit-Trail:

From: Hidenori Ishikawa <hideishi@magisystem.net>
To: Hidenori Ishikawa <hideishi@magisystem.net>,
	freebsd-gnats-submit@FreeBSD.org
Cc: adrian@freebsd.org
Subject: Re: ports/60700: squid cannot be built with transparent-ipf support
Date: Tue, 30 Dec 2003 04:13:07 +0900

 I just also found related PR.
 
 http://www.freebsd.org/cgi/query-pr.cgi?pr=misc/44148
 
 misc/44148 discusses about the ipf header necessary and the
 reason why ipf headers are no longer installed.
 
 Anyhow, this port is an example where ipf C headers are
 used outside of kernel and kernel module build.
 
 So, I think it is important to keep these headers in
 /usr/include so that ipf related ports can be built.
 
 The discussion in misc/44148 seems to have stopped
 early this year, but is it still under discussion?
 
 --
 Hidenori Ishikawa
 <hideishi@magisystem.net>
 
Responsible-Changed-From-To: freebsd-ports-bugs->adrian 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Mon Dec 29 20:59:59 PST 2003 
Responsible-Changed-Why:  
Over to maintainer. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=60700 
Responsible-Changed-From-To: adrian->freebsd-ports-bugs 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Sun Jan 11 16:07:06 PST 2004 
Responsible-Changed-Why:  
Adrian has passed maintainership over to tmseck@netcologne.de. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=60700 
State-Changed-From-To: open->feedback  
State-Changed-By: krion 
State-Changed-When: Fri Feb 13 06:12:29 PST 2004 
State-Changed-Why:  
Asked for maintainer's review. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=60700 

From: Kirill Ponomarew <krion@FreeBSD.org>
To: tmseck@netcologne.de
Cc: FreeBSD-gnats-submit@FreeBSD.org, adrian@FreeBSD.org
Subject: Re: ports/60700: squid cannot be built with transparent-ipf support
Date: Fri, 13 Feb 2004 15:12:25 +0100

 --V32M1hWVjliPHW+c
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: inline
 Content-Transfer-Encoding: quoted-printable
 
 Hi,
 
 On Tue, Dec 30, 2003 at 03:50:04AM +0900, Hidenori Ishikawa wrote:
 >=20
 > >Number:         60700
 > >Category:       ports
 > >Synopsis:       squid cannot be built with transparent-ipf support
 > >Confidential:   no
 > >Severity:       serious
 > >Priority:       high
 > >Responsible:    freebsd-ports-bugs
 > >State:          open
 
 Could you please investigate this problem ?=20
 
 http://www.freebsd.org/cgi/query-pr.cgi?pr=3Dports/60700
 
 -Kirill
 
 --V32M1hWVjliPHW+c
 Content-Type: application/pgp-signature
 Content-Disposition: inline
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.2.4 (FreeBSD)
 
 iD8DBQFALNtJQC1G6a60JuURAmrmAJ4lm+wtBIlkAaokQW/bv4GVuAkdbwCgluB5
 icxsQZ9+zUp79kHVG+nC1D4=
 =nBDy
 -----END PGP SIGNATURE-----
 
 --V32M1hWVjliPHW+c--

From: Thomas-Martin Seck <tmseck@netcologne.de>
To: Kirill Ponomarew <krion@FreeBSD.org>
Cc:  
Subject: Re: ports/60700: squid cannot be built with transparent-ipf support
Date: Fri, 13 Feb 2004 16:14:14 +0100

 * Kirill Ponomarew (krion@FreeBSD.org):
 
 > On Tue, Dec 30, 2003 at 03:50:04AM +0900, Hidenori Ishikawa wrote:
 > > 
 > > >Number:         60700
 > > >Category:       ports
 > > >Synopsis:       squid cannot be built with transparent-ipf support
 > > >Confidential:   no
 > > >Severity:       serious
 > > >Priority:       high
 > > >Responsible:    freebsd-ports-bugs
 > > >State:          open
 > 
 > Could you please investigate this problem ? 
 > 
 > http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/60700
 
 FreeBSD does not install ipf's headers into the base system anymore, see
 PR 44148 for details.
 
 Someone (Darren Reed himself?) will have to put them into an ipf-headers
 port I guess which can then be added as a dependency if needed.
State-Changed-From-To: feedback->suspended 
State-Changed-By: pav 
State-Changed-When: Sun Mar 28 06:45:09 PST 2004 
State-Changed-Why:  
Reset to suspended state, it's blocked on misc/44148 

http://www.freebsd.org/cgi/query-pr.cgi?pr=60700 
State-Changed-From-To: suspended->closed 
State-Changed-By: sem 
State-Changed-When: Fri Mar 11 17:33:59 GMT 2005 
State-Changed-Why:  
It was fixed on 5.x and will not be fixed on 4.x. 
It should be reflected in squid/Makefile 

http://www.freebsd.org/cgi/query-pr.cgi?pr=60700 
>Unformatted:
