Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Pages: 1 2 [3] 4 5 ... 19

Author Topic: Ronski's Pfsense router build  (Read 63786 times)

Ronski

  • Helpful
  • Kitizen
  • *
  • Posts: 4300
Re: Ronski's Pfsense router build
« Reply #30 on: December 07, 2016, 06:21:35 AM »

The installation of Pfsense is straightforward, it's getting the partition 4k aligned and trim enabled that's proving difficult for me.
Logged
Formerly restrained by ECI and ali,  now surfing along at 390/36  ;D

roseway

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 43467
  • Penguins CAN fly
    • DSLstats
Re: Ronski's Pfsense router build
« Reply #31 on: December 07, 2016, 08:01:38 AM »

This may be a bit late, but it would probably be a lot easier to partition the disk using a separate utility, then install Pfsense into the already created partitions. GParted Live is a live CD or USB system which is very easy to use, and includes UFS among its list of supported filesystems.

http://gparted.org/livecd.php
Logged
  Eric

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: Ronski's Pfsense router build
« Reply #32 on: December 07, 2016, 10:08:34 AM »

eric the installer of pfsense will overwrite the partitions, however it was discovered by that guy on pfsense that a certain specific partition config was honoured by the pfsense installer, which is the link I put on my post.

If you try to e.g. make your own GPT 2 meg aligned partition, it will be ignored and overwritten by pfsense.  It is corrected in the next version of pfsense but not in the current.
Logged

Ronski

  • Helpful
  • Kitizen
  • *
  • Posts: 4300
Re: Ronski's Pfsense router build
« Reply #33 on: December 07, 2016, 10:17:30 AM »

 I've been using gpart, the commands to use are shown here.

https://forum.pfsense.org/index.php?topic=86139.0

But it's certainly not a guide - it doesn't tell you where, when or how to issue those commands, although with Chrysalis help I have now worked that out, but something went wrong,  so I need to start again.  Once I get my head around it I'll write a better guide.
« Last Edit: December 07, 2016, 10:23:48 AM by Ronski »
Logged
Formerly restrained by ECI and ali,  now surfing along at 390/36  ;D

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: Ronski's Pfsense router build
« Reply #34 on: December 07, 2016, 01:30:37 PM »

yeah sorry for not been clear enough and also for the errors, as both occasions I worked on the guide just before shut eye time.

I suppose the problem that me and the other guy both had is making the assumption everyone already knows when to enter these commands, how to get into single user mode etc. and that's a bad assumption to make.
Logged

Ronski

  • Helpful
  • Kitizen
  • *
  • Posts: 4300
Re: Ronski's Pfsense router build
« Reply #35 on: December 07, 2016, 01:56:09 PM »

No need to apologise,  and that is exactly the problem, when you know something well it's very easy to leave information out that others don't know, which is what I often find with Android. I  probably don't have that problem with Windows as I am far more familiar with the way that works and the way things are done.
Logged
Formerly restrained by ECI and ali,  now surfing along at 390/36  ;D

Ronski

  • Helpful
  • Kitizen
  • *
  • Posts: 4300
Re: Ronski's Pfsense router build
« Reply #36 on: December 08, 2016, 08:25:56 PM »

Well I've had another go tonight, and now have trim enabled, SUJ disabled and Pfsense installed, I still need to setup a Swap file though.

I did get an error though after selecting the partitions, the bit where you'd normally create the swap partition (which I deleted from the list) - see attached log photo. I think there is a chunk of log missing, as when I scroll down it goes straight to the bottom and then can't scroll back up again  ???

Apart from that everything seems to be installed ok and working, and no funny partition names either.

This is what I've got so far in my comprehensive list of what I did.

Quote
Enter into BIOS and make sure it boots from your USB stick
On the options screen select 2 - Boot Single User mode
After a while you will need to press enter to get to the shell
If there are existing partitions on your drive you can use gpart to delete/destroy them http://www.freebsdonline.com/content/view/731/506/
gpart show will display whats setup
To create the partition with the correct offset issue the following two commands
gpart create -s mbr ada0
gpart add -t freebsd -b 504 ada0
Then you can use "Gpart Show ada0"
Your results should look similar to picture SSD Info-1
Now enter Exit, you may have to do this twice
It will then after a short while return to the installer Configure Console
I chose to accept these settings
Choose Custom Install
One the next screen select the disk to install to.
I chose to skip formatting
I chose to skip partitioning
I chose to install bootlocks ????? Presume this is the correct thing to do  :fingers:
I selected the primary partition of ada0 - there was only one anyway
Chose OK on the Are You SURE screen!
Got an information message that Primary partition one was formatted
Select Subpartitions - I deleted the swap one, then proceeded to create
Got a warning about not having a swap partition, just OK'd this

At this point I got an error - attached, I think there is a chunk of log missing, as when I scroll down it goes straight to the bottom and then can't scroll back up again.

I chose to skip and the install continued.
Once you get to Reboot you can hot Crtl-C to get back into the shell, pressing Return to fully enter it.

You can use the following to commands to check things look correct

gpart show ada0
tunefs -p /dev/ada0s1a

Then issue the following two commands to enable trim and disable soft updates journaling

tunefs -t enable /dev/ada0s1a
tunefs -j disable /dev/ada0s1a

You can then check the changes have taken affect with the following commands

tunefs -p /dev/ada0s1a

Now type Reboot - you may have to press enter twice.
Now is the time to remove your USB drive, and it will boot into PFsense hopefully!

I still need to setup the swap file!
Logged
Formerly restrained by ECI and ali,  now surfing along at 390/36  ;D

Ronski

  • Helpful
  • Kitizen
  • *
  • Posts: 4300
Re: Ronski's Pfsense router build
« Reply #37 on: December 08, 2016, 09:11:18 PM »

So now I'm trying to do the following:


Code: [Select]
mkdir /usr/swap (although can be put anywhere you like)
Code: [Select]
dd if=/dev/zero of=/usr/swap/swap bs=128k count=16384 (2 gig swap)

The above all seemed to go ok.

I then used the command "/etc/fstab" to try to do the below;

Quote
add these 2 lines to /etc/fstab

Code: [Select]
# Device        Mountpoint      FStype  Options                         Dump    Pass#
md99            none            swap    sw,file=/usr/swap/swap,late     0       0

then after run
Code: [Select]
swapon -aL

Now I'm in EE and it displays the attached, do I just literally type out the above that's enclosed in code quotes, both lines???
Logged
Formerly restrained by ECI and ali,  now surfing along at 390/36  ;D

NEXUS2345

  • Reg Member
  • ***
  • Posts: 235
Re: Ronski's Pfsense router build
« Reply #38 on: December 08, 2016, 09:18:08 PM »

To add lines to that file, you would most likely have to use an editor such as Nano or Vim. Not a complete expert on this, but from what those instructions are saying, that is what I believe to be the thing needed.

P.S. I have only really used Ubuntu and its derivatives. Just getting into Fedora now and appreciating its improved battery life on my laptop.
Logged
Security improvement and remediation consultant with infrastructure specialisation

IDNet Openreach FTTP 1000/115 + Asus RT-AX92U | Virgin Media 200 + SuperHub 3 + Synology MR2200ac mesh | Sky 80/20 with WiFi Guarantee on Huawei 288 cabinet

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: Ronski's Pfsense router build
« Reply #39 on: December 08, 2016, 09:48:28 PM »

'ee' will work, but nano is definitely easier, to install nano do 'pkg install nano'. (needs the pfsense box to have working internet access).

Also ronski you will have a much easier time using ssh instead of the console, then you can e.g. copy and paste stuff.

In the pfsense UI you will need to enable the sshd service, then download something like putty to use as ssh client and with that can login using the client on your windows desktop.

If you do ue 'ee' then when you done editing, press ctrl-c, it will show a command prompt, typing 'quit' will discard changes, typing 'exit' will preserve changes.

Strictly speaking only the second md99 line is needed in fstab, the first line is just a commented line used for showing descriptions of each column.
Logged

Ronski

  • Helpful
  • Kitizen
  • *
  • Posts: 4300
Re: Ronski's Pfsense router build
« Reply #40 on: December 09, 2016, 06:26:52 AM »

Thanks very much Chrysalis, appreciate your help. Any thoughts on the error I got?
Logged
Formerly restrained by ECI and ali,  now surfing along at 390/36  ;D

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: Ronski's Pfsense router build
« Reply #41 on: December 09, 2016, 03:46:09 PM »

the output of the tunefs commmands is not an error, a warning at worst just ignore it.

The installer error is that a binary is missing and that is an issue with their installer, although I dont know how you got that screen as I was never presented with an installer log like that when installing pfsense, if pfsense is booting up fine and filesystem is working then ignore both those.

I dont know what atacontrol is supposed to be for as its not a valid binary on my pfsense box, its also not valid on FreeBSD, there is still a manpage for it so conclusion is that it is something that was in older versions of FreeBSD but is now gone.

Indeed there is even a bug report here.

https://redmine.pfsense.org/issues/4533
« Last Edit: December 09, 2016, 03:48:59 PM by Chrysalis »
Logged

Ronski

  • Helpful
  • Kitizen
  • *
  • Posts: 4300
Re: Ronski's Pfsense router build
« Reply #42 on: December 09, 2016, 09:00:16 PM »

I've added the line, just used ee for now but will setup SSH at some point.

I saved the file, reloaded it just to check, and the extra line is there.

Now when I type swapon -aL it appears I get an error

swapon: mdconfig (attach) error: md99 on file=/usr/swap

Hmmm, I've also now got that !0 showing when I do gpart show ada0s1
Logged
Formerly restrained by ECI and ali,  now surfing along at 390/36  ;D

Ronski

  • Helpful
  • Kitizen
  • *
  • Posts: 4300
Re: Ronski's Pfsense router build
« Reply #43 on: December 09, 2016, 09:20:20 PM »

Pfsense can now access the internet  :)

SSH is also working  :)

Code: [Select]
=>       63  156301425  ada0  MBR  (75G)
         63        441        - free -  (221K)
        504  156299976     1  freebsd  (75G)
  156300480       1008        - free -  (504K)

=>        0  156299976  ada0s1  BSD  (75G)
          0         16          - free -  (8.0K)
         16  156299960       1  !0  (75G)

No idea why that !0 has appeared again, it wasn't there after the install finished  ???

Also installed Nano
« Last Edit: December 09, 2016, 09:22:28 PM by Ronski »
Logged
Formerly restrained by ECI and ali,  now surfing along at 390/36  ;D

Chunkers

  • Reg Member
  • ***
  • Posts: 525
  • Brick Wall head-banger
Re: Ronski's Pfsense router build
« Reply #44 on: December 10, 2016, 07:06:03 AM »

Pfsense can now access the internet  :)

SSH is also working  :)


GJ!  I am interested in what packages you are planning to install, are you going to use snort or any of the caching plugins eg squid?

Glad you got your issues sorted, slightly intimidated by the amount command line stuff you seemed to have to do.

C
Logged
Pages: 1 2 [3] 4 5 ... 19