ClearFoundation

Brian wrote:
Came across this as well. I was in a vm so I just added 2nd NIC, which let me choose Role on original one, then removed 2nd NIC. Stays as external after that. Didn't have to assign role to 2nd nic at all. It's presence lets you change roles.
On actual hardware this could be cumbersome or unfeasible.

Regards,

Georger

Well that's an ugly GUI bug. We'll see what we can do.

Just an update. We updated the ISOs, so you should no longer see the "single NIC" issue.

Hi Peter,
I just downloaded the updated ISO, and I'm happy to report that the "single NIC" issue is resolved!

It doesn't really appeal to me defining the role of the sole NIC on a machine as "External" when clearly that NIC is going to be connected to the LAN, but I concede this is just me being pedantic.

Installation was a breeze and the GUI looks very polished - congratulations!

Now for a question, and a suggestion.

Why don't all groups show up when creating a flexshare?

Allow Squid to cache Windows Update files (and also others) as explained here. Clients get updates MUCH faster, bandwidth is saved and the WAN link becomes more responsive for business apps! My current Debian Squeeze proxy is configured like this:


Regards,

Georger

Hi georger,

georger wrote:
Why don't all groups show up when creating a flexshare?

There are five types of groups in ClearOS:

1) Built-in groups - there's just one right now: "allusers"
2) User-defined groups
3) Windows groups
4) App groups (e.g. pptpd_plugin is a group that holds all the users permitted to use the PPTP server)
5) System groups (stuff /etc/groups)

Right now, only the first two types are shown in Flexshare, but all five types could be shown instead (well, I'm not 100% sure about system groups, but certainly the first four). Perhaps we should make this a tunable option?

Allow Squid to cache Windows Update files (and also others) as explained here.

Some Windows Update tweaks were added to squid.conf, but it looks like more could be done. Is it working for you?

Hi Peter,

Peter Baldwin wrote:
Hi georger,

There are five types of groups in ClearOS:

1) Built-in groups - there's just one right now: "allusers"
2) User-defined groups
3) Windows groups
4) App groups (e.g. pptpd_plugin is a group that holds all the users permitted to use the PPTP server)
5) System groups (stuff /etc/groups)

Right now, only the first two types are shown in Flexshare, but all five types could be shown instead (well, I'm not 100% sure about system groups, but certainly the first four). Perhaps we should make this a tunable option?
I have a use case where I create a Samba (flex)share that is owned by the Domain Admins group with RW permissions. If the Domain Admins group isn't available, I can't pull it off, at least not as easily as I can do in 5.2 SP1.
I create the (flex)share, say appsrw, and then I add (hack) an include to /etc/samba/hack.conf in /etc/samba/smb.conf which defines a new appsro share. /etc/samba/hack.conf looks like this:

This way, I can have a (flex)share which is RO for regular users, and RW for admin users (namely winadmin) - useful when I have to deploy a new version of a C/S app.
Some Windows Update tweaks were added to squid.conf, but it looks like more could be done. Is it working for you?
I just reviewed /etc/squid/squid.conf in 6.2b3 and I believe it is fine (I'm not running it in production, just on a VM at home), but the way it's configured now it just means that all clients have access to Windows Update and some (not all) of the files downloaded from WU will be cached - my config goes further.

First, maximum_object_size at just 10 MB means Squid won't cache large update files, like .NET updates. I crank it all the way up to 500 MB so that Windows and Office updates, including Service Packs, will be cached.

Second, the custom refresh_pattern (see here and here) lines tell Squid to keep Windows Update files for longer, so that they will always (mostly) be prompty available. When installing a new Windows machine, or simply updating one that was just (re)deployed, this makes a big difference, chiefly when the WAN link is slow. Antivirus updates also benefit from this - Symantec update files are HUGE. Same goes for files from other vendors.

Keep the great work! Regards,

Georger

Thanks! I changed the default object size to 500 MB, that's sane given today's gear (even SSDs). As for the refresh patterns, it's a bit late in the beta to make that change. I have added the issue in the tracker:

tracker.clearfoundation.com/view.php?id=485

It's one of those things that's easy to implement (coding-wise), so it's really just a matter of making sure it works. This should probably be an option in the GUI (on/off) which gets tuned as Microsoft and others make changes. In other words, squid.conf will look like:

# ClearOS updates tuning start
refresh_pattern...
# ClearOS updates tuning end

For the 99% who don't touch squid.conf, that block of configuration might change on an upgrade (e.g. Windows 8 additions). For the 1%, there's always the option to disable the automagic.

Hi Peter,
Peter Baldwin wrote:
Thanks! I changed the default object size to 500 MB, that's sane given today's gear (even SSDs). As for the refresh patterns, it's a bit late in the beta to make that change. I have added the issue in the tracker:

tracker.clearfoundation.com/view.php?id=485

It's one of those things that's easy to implement (coding-wise), so it's really just a matter of making sure it works. This should probably be an option in the GUI (on/off) which gets tuned as Microsoft and others make changes. In other words, squid.conf will look like:

# ClearOS updates tuning start
refresh_pattern...
# ClearOS updates tuning end

For the 99% who don't touch squid.conf, that block of configuration might change on an upgrade (e.g. Windows 8 additions). For the 1%, there's always the option to disable the automagic.
Nice! I'd just like to point out that the Squid wiki [1] advises that not only maximum_object_size should be changed, but also range_offset_limit and quick_abort_min as well.

[1] Squid wiki

Regards,

Georger