pfSense: Squid Proxy and Error 504

Somehow through tweaking pfSense and configuring the Squid package the cache files started to fill. At first I was particularly confused if Captive portal was still on as every site I was trying to get to required a login -- failing to do so kicked me out with an Error 504. The Squid service also refused to be started.

At this point I proceeded to re-install Squid and noticed that even without it the continuous login request persisted. By some luck I started to play around with other pfSense options and checked the disk space -- BAM! Thats where it dawned on me that my Squid cache had absolutely filled my 80GB hard drive and there were but a few KB of space free?!

Now that I knew the most probably reason, that launched a few searches on how to properly clear or compact the cache. pfSenseDocs has a guide. Using the Command option under Diagnostics didn't seem to help as the disk space didn't change. On initial setup of Squid, I had to twiddle with a few settings via terminal access on SSH and this is where I remembered that under System -> Advanced that Secure Shell was on -- and that is what I did.

1. SSH into pfSense will drop you into the same menu you'd see if you had a monitor connected. Choosing option 8 gives you a shell.
2. From there I shut down the Squid service and proceeded to delete everything under /var/squid/cache
3. Once space had been free'd, initiate squid -z to recreate the required directories.
4. Reboot pfSense and,
5. you can now run the Squid service

Problem solved! Now to keep watch on disk space and tweak how much cache info is kept.

Apple MacBook Pro: Maximum Memory Upgrade?

So its been several months and we're still waiting for some of our favorite applications to be Snow Leopard compatible.

There may be a whole lot of improvements in this new OS including the claim of better memory footprint or management but really the downside in my current experience is that other applications need more memory.

I've been struggling mightily now to get Outlook Entourage, Firefox, Flock, Safari, VMWare and Parallels to co-exist without having to hang my systems.

That is why I finally decided to bite the bullet and make my first hardware upgrade in 2010. And since I don't believe in doing half-baked improvements (do it all or don't do it at all!) it was only natural for me to do some digging to find how far to go. I have a late-2008 non-unibody MacBook Pro 17" which according to OWC (my first choice for memory know-how on the Mac) my machine can actually take 6GB instead of the recommended 4GB according to Apple.

Do we go NewEgg, Amazon, eBay, BestBuy, Fry's, WalMart or Apple? Having had success with the G.Skill brand on the HP MediaServer I chose to stick with it.

Did it work? Proof images attached.

Speed improvement? YES!

Happy? Not yet, all my apps as mentioned aren't yet fully ported. But this will do pig, this will do. (from Babe)


Now that I've got a spare 2pcs. of 1GB, what to do with them? Hmm ... I know, upgrade the wife's MacBook and make her happy.

Make myself extra happy by maxing out her RAM as well.

AppleCare: Why Care?

This office MacBook Pro was purchased in the 2nd-half of 2008 and with it the default AppleCare. Forgetting that the default was some 90-days only the warranty had lapsed as of last August (around the time of my Snow Leopard upgrade!). This I realized only recently and scrambled to get it re-instated.

I don't have to tell y'all that its worth having it and my call to AppleCare confirmed my belief that Apple service is simply awesome. They were able to get my protection back in a matter of minutes and didn't give me any hassle (it does help of course that I keep all my receipts and invoices for record).

To answer the question, "Can my out-of-warranty Apple product be re-instated for AppleCare?" is a definite YES. But (and this is important!) you need to make sure that you have the original invoice. It doesn't matter that your MacBook may have been gifted or purchased 2nd-hand, if you got it then the nice people at Apple will let you have it.

Good job Apple!

pfSense: Speed-up Transparent Squid Proxy

Its been a few days that I did some tweaking on Squid Proxy and it appears stable! This all came about as I was trying to speed-up data fetching and finding that for some reason the cache was just too slow for actual use. I wondered if it was at all worth it (obviously slow proxy means unhappy users ... especially if its your home users).

In gratitude to the discussion I found in the forum, its reposted and message re-arranged here in summary below:

Question:
Why squid is so slow?

Answer:
The default configuration of pfSense is a router not as a server, that is why kern.ipc.nmbclusters="0". Simply remove this line and Squid will be just fine.

Add the lines below to the /boot/loader.conf
kern.ipc.nmbclusters=32768
kern.maxfiles=65536
kern.maxfilesperproc=32768
net.inet.ip.portrange.last=65535

Alternatively, just delete it and replace with:
autoboot_delay="1"
#kern.ipc.nmbclusters="0"
hint.apic.0.disabled=1
kern.hz=100
#for squid
kern.ipc.nmbclusters="32768"
kern.maxfiles="65536"
kern.maxfilesperproc="32768"
net.inet.ip.portrange.last="65535"

Laptop and Netbook: HD on chip?

There's a big push as well as demand for high definition capable hardware. The simple reason being that once you've seen HD done right then there's really no point going back to standard definition (SD).

Most places are now offering HD versions of movies and even video game trailers are usually transmitted in this format to provide users an actual feel of how it would render on the actual console.

My journey to build an HD record and playing rig (PVR) was fraught with a lot of frustration recently and that was because I simply refused to cannibalize my stock pile of parts and use the best of the best and purchasing expensive hardware was not an option. The reality of course is that high definition viewing requires computing power not just from the CPU but also on the GPU.

Video cards that support h.264/x264 aren't cheap but prices are falling. For laptops and netbooks however we're all stuck in the waiting room. That is, until recently.

Broadcom's Cyrystal HD running on chip as BMC70015 is one of the top contenders. Already there's been some scramble to get products out since May and adding to your long term view pleasure only costs $30 on top for the add-on video accelerator.

The other chip in the market is from Quartics via the QV1721. This is secret sauce since I first got wind of it only a few months ago and wondered which product would carry it. The estimated add-on price would be $20 accordingly. On another note, they also offer the QB7xx (51/61/71) which are PCI-Express (PCI-e) solutions for the rest of you PC users.

ZiiLABS is promoting its ZMS-08 chip with competing Blu-Ray capabilities. This Creative subsidiary will be going against some giants so it'll be tough unless they can provide a competitive price. I haven't been able to find a vendor they've already tapped but shipping volume is expected also in the first month of next year.

The other news in town would be the nVidia ION 2 chip which was said to cost from $50 to have. If you were luck enough to pre-order back in September then you'll probably be getting a $399 notebook come January 2010 (yes, chip released in Q4 2009 but product integration and all is something else).

Personally by just looking at specs I was more wow'ed by chip capabilities of Quartics. That being said, the first vendor that comes out with it is going to be high on my shopping list .... for 2010. Take a look at my other projects on the blog and there shouldn't be any questions what for :-)

HP MediaServer EX470: HP Software Update 1.3-R and Home Server Power Pack 3

Its been a hectic few days, what with all the meetings and reporter interviews. Not to mention system maintenance and all that.

On the side though, its time to break out in song: At Last

At last my love has come along
My lonely days are over
And life is like a song ...

My HP MediaServer EX475 is once again alive and kicking and rid of that pesky lit RED LED. This same issue with the light was actually fixed some time after PP1 but it never dawned on me that somehow through some freak mishap the automatic installation of PP3 just recently actually rolled the server updates back.

How? I'm not so sure.

What is sure is that my membership in the WHS Beta Program still stands and that part of being a member is to be able to get bleeding updates. I dropped the ball and interest after PP2 came out and proof that's what was installed is the existence of the PVConnect plug-in. At the same time my HP Server Update version was 1.3.6.21622 and for some reason today it had rolled back to 1.1.1.13411?

To review, here's the HP MediaSmart Server Software Version list thus far:
1.1.1.13411
1.3.6.21622
1.3.8.25155

I also spent partial half of the whole afternoon trying to understand and reconfigure the internals of Photo Webshare due to the Error 500 page. Imagine the annoyance to find that after the initial update and the succeeding 1.3-R that it now works after all. Argh!

Right, with that being said everything is now working well and it feels a lot more snappy.

To recap .... Windows Home Server Power Pack 3 - check; HP MediaSmart Server Update 1.3.8.25155 (aka 1.3-R) - check; red warning light off - check; Photo Webshare back - check; and as you'll probably notice there's 2GB RAM already installed from a previous upgrade primed for HP Server Update 2.5 - check!

Its time to enjoy the WHS once again, that is as soon as the Drobo finishes its data protection run which it has pegged to keep going for over 24-hours. Its now apparently "usable" though even if the rest of the message says the Share isn't protecting any of my data at this time. Duh?

pfSense: Triple Load Balancing

After several wrong turns, I've finally gotten my rig to place nice with three-(3) WAN connections load balanced.

Everything is running on an old Intel P3-1000 with 1-GB of RAM and 40-GB PATA drive. Obviously its got four-(4) Ethernet ports with parts scrounged from various spare cases in the garage.

How'd I do it? More details on the adventure shortly....

There's a fairly easy Multi-WAN tutorial to follow over at pfSenseDocs which deals with a basic dual-LAN setup. Using the funny discussion at one of the forums gave me confirmation of what I needed to do. Next thing you'll need to do is make sure outbound is likewise working.

Enjoy!