OPNsense Forum

English Forums => Hardware and Performance => Topic started by: nekoprog on March 25, 2019, 11:55:58 am

Title: [Work In Progress] OPNsense Ported into ARM Devices
Post by: nekoprog on March 25, 2019, 11:55:58 am
Hello, I would like to say thank you to OPNsense developers for creating this awesome firewall. I would like to mention that OPNsense is working great on Raspberry Pi 2, using image created by opnsense/tools (https://github.com/opnsense/tools) with the latest PR (https://github.com/opnsense/tools/pull/128). The only problem is that there is no repo for updates or installing plugins. Other than that it works just like on x86/64 hardware. I also tried UnboundBL plugin and it works too. I hope that plugin will go official any time soon.

If anyone ask why use RPI2 because it only has one LAN port, I would say that it doesn't matter because I use Netgear Aircard 320U for WWAN and use LAN port with D-Link DAP-1360 wifi AP.

With this as proof of concept, I hope other users/contributors/developers can use the template on opnsense/tools to port OPNsense to other ARM devices.


Code: [Select]
OPNsense: {
  fingerprints: "/usr/local/etc/pkg/fingerprints/OPNsense",
  url: "http://neko.progr.am/pieSense/${ABI}/19.1/latest",
  signature_type: "NONE",
  mirror_type: "NONE",
  priority: 11,
  enabled: yes
}
Code: [Select]
Minimum required build system:
64bit multicore processor, 4GB RAM and 25GB disk space.

Supported 32-bit ARM devices (arm:armv6):
1. Banana Pi (bpi)
2. Raspberry Pi2 (rpi2)


Supported 64-bit ARM devices (arm64:aarch64):
1. NanoPi NEO2 (nanopi-neo2)
2. Orange Pi PC2 (orangepi-pc2)
3. Raspberry Pi3 (rpi3)


Build steps:
# pkg install git
# cd /usr
# git clone https://github.com/opnsense/tools
# cd tools
# make update
# make xtools base kernel packages arm-3G DEVICE=(product-device)

Everyone is invited to share ideas and help with porting ARM devices using the device config templates on OPNsense/tools (https://github.com/opnsense/tools).

Wishlist (Needs uboot slave file in ports (https://github.com/HardenedBSD/hardenedbsd-ports/blob/master/sysutils/Makefile) to make it work)
#Devicedefconfigdtb
1ESPRESSObin??armada-3720-espressobin.dtb | armada-3720-community.dtb
2MACCHIATObin ??armada-8040-mcbin-single-shot.dtb | armada-8040-mcbin.dtb
3Libre Computer Tritium H5libretech_all_h3_cc_h5_defconfigsun50i-h5-libretech-all-h3-cc.dtb
4Odroid XU3/4odroid-xu3_defconfigexynos5422-odroidxu3.dtb
6NanoPi R1nanopi_r1_defconfigsun8i-h3-nanopi-r1.dtb


(https://raw.githubusercontent.com/nekoprog/pieSense/master/opnsense-rpi2.jpg)
(https://user-images.githubusercontent.com/2550618/54524921-0b0c3f80-49ae-11e9-8787-711dfb3b5b24.png)
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: monstermania on March 26, 2019, 01:57:11 pm
Hi,
sounds very interesting!
Do you know, if your image would work for RPI3, too?

best regards
Dirk
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: nekoprog on March 26, 2019, 04:18:20 pm
Hi,
sounds very interesting!
Do you know, if your image would work for RPI3, too?

best regards
Dirk

Hi, no. The attached .img was build specific for RPI2. But you can build RPI3 image using opnsense/tools. Franco just recently merged the PR to make the image bootable. But it still not tested yet because I don't own RPI3.

Hope you can test the code, see if it works or not. If not, we can still contribute something to make it work.
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: lattera on March 26, 2019, 05:20:19 pm
I'd be more than happy to help test! I've got several RPI3 boards gathering dust.

If I get some spare time this week and/or next, I'll test on the RPI3.
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: chemlud on March 26, 2019, 06:34:42 pm
Fun to see this old topic is still alive! I think I would also prefer raspi 3 as the "old" image in raspi 1 was vvvveerryyyy slow...

https://forum.opnsense.org/index.php?topic=6099.msg25545#msg25545

:-D
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: nekoprog on March 27, 2019, 12:14:14 am
I'd be more than happy to help test! I've got several RPI3 boards gathering dust.

If I get some spare time this week and/or next, I'll test on the RPI3.
Thanks. If it doesn't work, I guess UBLDR_LOADADDR=0x200 on device/rpi3.conf is not correct.

Fun to see this old topic is still alive! I think I would also prefer raspi 3 as the "old" image in raspi 1 was vvvveerryyyy slow...

https://forum.opnsense.org/index.php?topic=6099.msg25545#msg25545

:-D
Franco's code is already working fine to begin with, just a minor tweaking and it works well.
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: monstermania on March 27, 2019, 09:42:51 am
I think I would also prefer raspi 3 as the "old" image in raspi 1 was vvvveerryyyy slow...
Me too!  ;)
Also very interested of the performance on RPI3...
Of course a working image for Esspresso.bin would be nice!!!  ;D ;D ;D
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: chemlud on March 28, 2019, 09:55:26 am
...still dreaming of ducktaping a raspi to my laptop as a firewall/wifi access while traveling. Powering raspi from laptop would be fun, but a small power bank would be acceptable, too :-D

Currently I use a rather big old box with a wifi stick. 
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: nekoprog on March 28, 2019, 02:12:14 pm
I think I would also prefer raspi 3 as the "old" image in raspi 1 was vvvveerryyyy slow...
Me too!  ;)
Also very interested of the performance on RPI3...
Of course a working image for Esspresso.bin would be nice!!!  ;D ;D ;D
If espressobin supported by freebsd, it should work with opnsense, just need to add device config and compile.

...still dreaming of ducktaping a raspi to my laptop as a firewall/wifi access while traveling. Powering raspi from laptop would be fun, but a small power bank would be acceptable, too :-D

Currently I use a rather big old box with a wifi stick. 
Currenly using RPI2 to run suricata and unboundbl, works great with additional swap file. Still works better than using ipfire or openwrt. More to come with the plugins and update repo. I can see a future of opnsense with wide range of highend (multicore processor + 4GB and above of ram) arm SBC supported.
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: chemlud on March 29, 2019, 11:00:39 am
Is it this Aircard:

https://www.hackster.io/beame-io/how-to-use-an-off-the-shelf-4g-usb-module-with-raspberry-pi-c5c30f


...I only have a Telekom Speedstick LTE V (Huawei E3372s -153), any chance to get that working with the raspi 2? :-)
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: nekoprog on March 29, 2019, 02:09:43 pm
Is it this Aircard:

https://www.hackster.io/beame-io/how-to-use-an-off-the-shelf-4g-usb-module-with-raspberry-pi-c5c30f


...I only have a Telekom Speedstick LTE V (Huawei E3372s -153), any chance to get that working with the raspi 2? :-)
Looks like same model, but different branding, I guess it's ISP branded air card and not generic one. If possible buy a generic unlocked usb modem and can connect using PPP effortlessly.

Most Huawei usb modem supported by open source distro, I guess freebsd already has a support for it. Just shove it into usb port and open Interface>WAN>IP Configuration Type>PPP and select the correct modem port.
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: Antaris on March 30, 2019, 08:10:49 pm
Good news. I also have SBC, but still not supported by BSD.
It's a Libre Computer Tritium H5 2GB:

https://libre.computer/2019/02/07/linux-4-19-lts-images-for-tritium/ (https://libre.computer/2019/02/07/linux-4-19-lts-images-for-tritium/)

It only have support on Ubuntu, Debian and Armbian for now.
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: chemlud on March 30, 2019, 10:53:51 pm
I only have a Telekom Speedstick LTE V (Huawei E3372s -153), any chance to get that working with the raspi 2? :-)

Most Huawei usb modem supported by open source distro, I guess freebsd already has a support for it. Just shove it into usb port and open Interface>WAN>IP Configuration Type>PPP and select the correct modem port.

Can confirm this Huawei works, I created a PPP interface with cuaU0.1 and added Z as "init String" under Advanced Options, assigned it to WAN and works like a charm... Will test with the raspi soonish. :-)
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: franco on March 31, 2019, 12:41:36 pm
I'd like to thank nekoprog for the work done with the ARM ports. Very useful and robust now. :)

Next step is actually the long-promised BPI image and then come 20.1 we'll have to see what we can do when i386 is being dropped from our supported list...


Cheers,
Franco
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: nekoprog on March 31, 2019, 02:07:21 pm
Good news. I also have SBC, but still not supported by BSD.
It's a Libre Computer Tritium H5 2GB:

https://libre.computer/2019/02/07/linux-4-19-lts-images-for-tritium/ (https://libre.computer/2019/02/07/linux-4-19-lts-images-for-tritium/)

It only have support on Ubuntu, Debian and Armbian for now.
Looks like a great device with crypto support. Not sure if FreeBSD already have a supported device that has the same hardware. If they do, maybe can port it's uboot into Tritium.

Can confirm this Huawei works, I created a PPP interface with cuaU0.1 and added Z as "init String" under Advanced Options, assigned it to WAN and works like a charm... Will test with the raspi soonish. :-)
That's great. Huawei modem always have a good support from open source community. If you have RPI3, try test using that, would like to know how good it will performs.

I'd like to thank nekoprog for the work done with the ARM ports. Very useful and robust now. :)

Next step is actually the long-promised BPI image and then come 20.1 we'll have to see what we can do when i386 is being dropped from our supported list...


Cheers,
Franco
No problem, I'm glad to be able to contribute back. If I have any other SBC with 64bit arch, I will help with porting and testing.
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: chemlud on March 31, 2019, 05:07:26 pm
...ordered an Odroid today, dedicated for a NAS upgrade, but... ;-)
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: chemlud on March 31, 2019, 05:14:53 pm
PS: I have some raspi 3 here, but no image. ;-)

Tried to download the raspi 2 image, but I'm trapped in "Wait 5 sec for download to start" and then nothing happenz... (allowed nearly all scripts for this page, except the Google stuff). Btw, do you have SHA256 for me to verify the download? :)

Many thanks in advance...
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: Antaris on March 31, 2019, 06:15:38 pm
Good news. I also have SBC, but still not supported by BSD.
It's a Libre Computer Tritium H5 2GB:

https://libre.computer/2019/02/07/linux-4-19-lts-images-for-tritium/ (https://libre.computer/2019/02/07/linux-4-19-lts-images-for-tritium/)

It only have support on Ubuntu, Debian and Armbian for now.
Looks like a great device with crypto support. Not sure if FreeBSD already have a supported device that has the same hardware. If they do, maybe can port it's uboot into Tritium.

According to their wiki they have one supported:
https://wiki.freebsd.org/FreeBSD/arm/Allwinner/H5 (https://wiki.freebsd.org/FreeBSD/arm/Allwinner/H5)

https://www.friendlyarm.com/index.php?route=product/product&path=69&product_id=220 (https://www.friendlyarm.com/index.php?route=product/product&path=69&product_id=220)
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: nekoprog on April 01, 2019, 04:09:39 am
PS: I have some raspi 3 here, but no image. ;-)

Tried to download the raspi 2 image, but I'm trapped in "Wait 5 sec for download to start" and then nothing happenz... (allowed nearly all scripts for this page, except the Google stuff). Btw, do you have SHA256 for me to verify the download? :)

Many thanks in advance...
My free hosting server wont allow upload more than 100MB, thus I grab some anon upload service for that image and no SHA256, sorry. Will try reupload using google drive this weekend. What is the model of your odroid? If I have some spare time, I will help with compiling RPI3 and odroid image.

UPDATE: New download link and checksum added (https://drive.google.com/open?id=1bAWuECNJwu0LdJOpaIn-2MrTKZ8evGNY).

According to their wiki they have one supported:
https://wiki.freebsd.org/FreeBSD/arm/Allwinner/H5 (https://wiki.freebsd.org/FreeBSD/arm/Allwinner/H5)

https://www.friendlyarm.com/index.php?route=product/product&path=69&product_id=220 (https://www.friendlyarm.com/index.php?route=product/product&path=69&product_id=220)
It will take some time to test and it may or may not working, but I do my best to try.


If anyone using OPNsense on RPI2 right now and would like to update, you can edit /usr/local/etc/pkg/repos/OPNsense.conf like this.
Code: [Select]
OPNsense: {
  fingerprints: "/usr/local/etc/pkg/fingerprints/OPNsense",
  url: "http://neko.progr.am/pieSense/${ABI}/19.1/latest",
  signature_type: "NONE",
  mirror_type: "NONE",
  priority: 11,
  enabled: yes
}
These changes to file is not permanent, will have to edit again if error when checking for updates.
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: chemlud on April 01, 2019, 03:50:45 pm
Many thanks, download working now (this time I had to allow Google scripts definitely ;-) )!

Will burn an SDcard and boot asap...

https://wiki.odroid.com/odroid-xu4/odroid-xu4

...but I had a look yesterday evening, apparently no FreeBSD support for this yet. NAS I will do with Ubuntu or Debian.

___

PS: My download gives

sha256sum opnsense-openssl-arm-armv6-rpi2.img.xz

048cf798130084379cfbbff0908cc84ed3c06b6d4ffc0191f8fbe55a477d5471  opnsense-openssl-arm-armv6-rpi2.img.xz

i.e. all lower case characters ;-)

___

PPS: Tried to expand the .xz, but with bunzip2 I get

Code: [Select]
bunzip2: opnsense-openssl-arm-armv6-rpi2.img.xz is not a bzip2 file.

and Ark (on linux) ends with file sizes much lower than the packed file. Did you use a Windows tool to compress?

Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: nekoprog on April 02, 2019, 02:11:45 am
Many thanks, download working now (this time I had to allow Google scripts definitely ;-) )!

Will burn an SDcard and boot asap...

https://wiki.odroid.com/odroid-xu4/odroid-xu4

...but I had a look yesterday evening, apparently no FreeBSD support for this yet. NAS I will do with Ubuntu or Debian.

___

PS: My download gives

sha256sum opnsense-openssl-arm-armv6-rpi2.img.xz

048cf798130084379cfbbff0908cc84ed3c06b6d4ffc0191f8fbe55a477d5471  opnsense-openssl-arm-armv6-rpi2.img.xz

i.e. all lower case characters ;-)

___

PPS: Tried to expand the .xz, but with bunzip2 I get

Code: [Select]
bunzip2: opnsense-openssl-arm-armv6-rpi2.img.xz is not a bzip2 file.

and Ark (on linux) ends with file sizes much lower than the packed file. Did you use a Windows tool to compress?


From your error, looks like your tools don't support xz, try install xz first and extract it with xz -dkv *.xz. How to install xz varies among distros, you need to google that.

Xz is by default installed on freebsd.
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: chemlud on April 02, 2019, 10:39:51 am
Strange, xz is installed (xz 5.2.4), but I get:

Code: [Select]
tar -xf opnsense-openssl-arm-armv6-rpi2.img.xz
tar: This does not look like a tar archive
tar: Skipping to next header
tar: Exiting with failure status due to previous errors

...never had such problems to burn a raspi image, am I too stupid? :-D
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: nekoprog on April 02, 2019, 02:04:18 pm
Strange, xz is installed (xz 5.2.4), but I get:

Code: [Select]
tar -xf opnsense-openssl-arm-armv6-rpi2.img.xz
tar: This does not look like a tar archive
tar: Skipping to next header
tar: Exiting with failure status due to previous errors

...never had such problems to burn a raspi image, am I too stupid? :-D
Maybe  ;D
Wrong console command, hence error. Try xz -dkv *.xz.
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: chemlud on April 02, 2019, 02:10:38 pm
Maybe  ;D

Bold! :-D ...this time it worked. 3.0 GB image file. Burning now...

PS: Booting successfully. I added an USB RJ45 interface, just to have two interfaces. Will have a look at the GUI soon.

Anything necessary to use the whole SD-card?

Which setup do you use for suricata?
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: nekoprog on April 02, 2019, 04:14:38 pm
Anything necessary to use the whole SD-card?

Which setup do you use for suricata?

I use this for claiming all free spaces in microsd Resizing and Growing Disks (https://www.freebsd.org/doc/handbook/disks-growing.html).
For suricata, I use default settings with DROP for tor and current events. Could activate all of them, but RPI2 will not respond for a few minutes. Too many works I guess even with swap file enabled.

Adds new PR (https://github.com/opnsense/tools/pull/130) for Orange Pi PC2, was going to add NanoPi K1 Plus too, but no official uboot defconfig for that device. Need to create defconfig first then create slave file for u-boot-nanopi-k1-plus on Ports.
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: chemlud on April 02, 2019, 04:36:26 pm
...and you figured out the correct boot options for raspi 3 if I understand the link to GIThub correctly? :-D
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: nekoprog on April 02, 2019, 05:48:49 pm
...and you figured out the correct boot options for raspi 3 if I understand the link to GIThub correctly? :-D
Found the correct address for RPI3 from here (https://github.com/freebsd/crochet/blob/master/board/RaspberryPi3/setup.sh) and add Odroid XU3/XU4 configs too, lets hope Franco approve that PR, and I can test building image for Odroid XU4.  ;D
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: chemlud on April 03, 2019, 11:03:44 am
...don't worry to much about the Odroid, it's my birthday present, likely that I don't get my fingers at it before mid of May :-D

PS: Did you every try the serial console on Pin 14/15 + ground (at least available in Raspbian) of the GPIO? I have a special USB adapter for raspis...

https://www.raspberrypi.org/documentation/usage/gpio/
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: bobbythomas on April 04, 2019, 09:51:51 am
I'd like to thank nekoprog for the work done with the ARM ports. Very useful and robust now. :)

Next step is actually the long-promised BPI image and then come 20.1 we'll have to see what we can do when i386 is being dropped from our supported list...


Cheers,
Franco

I have a Banana Pi board lying around here, if you are looking for someone to test the new image please let me know.

Regards,
Bobby Thomas
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: chemlud on April 05, 2019, 04:29:27 pm
FWIW the serial port on the raspi is functional... :-D

Don't try with somefink home-bake, you need a special serial-USB adapter for the raspi, as the ports can only take 3.3V or something like that...
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: chemlud on April 05, 2019, 08:42:59 pm
I importet a config.xml to the raspi and forgot that it has enabled a somewhat... extensive ... rule set for suricata. Suricata dies on boot, but I can't change anything in the suricata config, e.g. if I try to disable it and press apply, nothing happenz (the worm on the Apply button cycling for more than an hour...).

Any way to disable suricata from the command line? :-)
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: chemlud on April 11, 2019, 12:25:21 pm
Ok, I managed to disable IDS in my default config.xml which I use for "standard starting setup" (users, unbound, etc.). Some observations:

- Via the HDMI console the output during boot stops at "smsc0: chip..." and after a LONG break you get the login prompt from opnsense. On the serial console you can monitor the whole boot process (starting services etc.) and in the end you get the login prompt as well.

- Without WAN attached I could not reach the GUI with Firefox (60.x ESR 32 bit), as the request to the https GUI timed out. With Konqueror I could reach the GUI and restore my default config.xml. But the Dashbord is significantly impaired in Konqueror (doing fine in FF, however, only with WAN interface up).

The throughput for a single host is nice (WAN is a 10/100 Mbit USB-RJ45), will have to try the config with UMTS-stick and wifi stick soon... :-)

Would be fun to see an image for Raspi 3 with the built-in wifi as WAN.
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: nekoprog on April 13, 2019, 10:13:06 am
I'd like to thank nekoprog for the work done with the ARM ports. Very useful and robust now. :)

Next step is actually the long-promised BPI image and then come 20.1 we'll have to see what we can do when i386 is being dropped from our supported list...


Cheers,
Franco

I have a Banana Pi board lying around here, if you are looking for someone to test the new image please let me know.

Regards,
Bobby Thomas
Hi, I'm currently compiling images for RPi2/3, Banana Pi and Orange Pi PC2 for OPNsense 19.1.6. Will let you know when the images are ready.  :)

Ok, I managed to disable IDS in my default config.xml which I use for "standard starting setup" (users, unbound, etc.). Some observations:

- Via the HDMI console the output during boot stops at "smsc0: chip..." and after a LONG break you get the login prompt from opnsense. On the serial console you can monitor the whole boot process (starting services etc.) and in the end you get the login prompt as well.

- Without WAN attached I could not reach the GUI with Firefox (60.x ESR 32 bit), as the request to the https GUI timed out. With Konqueror I could reach the GUI and restore my default config.xml. But the Dashbord is significantly impaired in Konqueror (doing fine in FF, however, only with WAN interface up).

The throughput for a single host is nice (WAN is a 10/100 Mbit USB-RJ45), will have to try the config with UMTS-stick and wifi stick soon... :-)

Would be fun to see an image for Raspi 3 with the built-in wifi as WAN.
Hi, great that you found the solution, sorry I couldn't help, quite busy lately and got little time to check the forum. RPI3 image is compiling, will let you know when it's ready. RPI2 updates for 19.1.6 is online if you like to update. Just need to edit /usr/local/etc/pkg/repos/OPNsense.conf like I mentioned before.
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: bobbythomas on April 13, 2019, 10:50:03 am
I'd like to thank nekoprog for the work done with the ARM ports. Very useful and robust now. :)

Next step is actually the long-promised BPI image and then come 20.1 we'll have to see what we can do when i386 is being dropped from our supported list...


Cheers,
Franco

I have a Banana Pi board lying around here, if you are looking for someone to test the new image please let me know.

Regards,
Bobby Thomas
Hi, I'm currently compiling images for RPi2/3, Banana Pi and Orange Pi PC2 for OPNsense 19.1.6. Will let you know when the images are ready.  :)

Ok, I managed to disable IDS in my default config.xml which I use for "standard starting setup" (users, unbound, etc.). Some observations:

- Via the HDMI console the output during boot stops at "smsc0: chip..." and after a LONG break you get the login prompt from opnsense. On the serial console you can monitor the whole boot process (starting services etc.) and in the end you get the login prompt as well.

- Without WAN attached I could not reach the GUI with Firefox (60.x ESR 32 bit), as the request to the https GUI timed out. With Konqueror I could reach the GUI and restore my default config.xml. But the Dashbord is significantly impaired in Konqueror (doing fine in FF, however, only with WAN interface up).

The throughput for a single host is nice (WAN is a 10/100 Mbit USB-RJ45), will have to try the config with UMTS-stick and wifi stick soon... :-)

Would be fun to see an image for Raspi 3 with the built-in wifi as WAN.
Hi, great that you found the solution, sorry I couldn't help, quite busy lately and got little time to check the forum. RPI3 image is compiling, will let you know when it's ready. RPI2 updates for 19.1.6 is online if you like to update. Just need to edit /usr/local/etc/pkg/repos/OPNsense.conf like I mentioned before.

Great news, let me know if you want to test your images.

Thank you,
Regards,
Bobby Thomas
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: nekoprog on April 14, 2019, 05:25:04 am
Banana Pi image is ready for download and test. Link for download on first post.
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: daquirm on April 22, 2019, 06:48:04 am
Hi, as for road warrior application I was really thinking about nanopi neo 2:
https://www.friendlyarm.com/index.php?route=product/product&path=69&product_id=180
Maybe in this kit and small external dongle:
https://www.friendlyarm.com/index.php?route=product/product&path=93&product_id=189
Or nanopi neo 2 plus with inbuilt wifi in this case:
https://www.friendlyarm.com/index.php?route=product/product&path=93&product_id=203
What needs to be done to make it work with opnsense? I know it’s kind of lame question, but there is nothing smaller with that performance :)
For home use I would consider even ESPRESSObin, it has enough ports/performance that Netgate uses that hw:
http://espressobin.net/
Just making my wishlist public :D
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: Antaris on April 22, 2019, 01:22:36 pm
Also look at NanoPi R1 :)
https://www.friendlyarm.com/index.php?route=product/product&path=69&product_id=248 (https://www.friendlyarm.com/index.php?route=product/product&path=69&product_id=248)

For 39$ is complete with 2 LANs, WiFi, case, 1GB RAM and 8GB emmc
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: daquirm on April 22, 2019, 03:01:31 pm
R1 would perfect fit as well but it has 32bit CPU only, so there’s probably no future for it with Opnsense...but it could run openwrt for sure...in the past I had raspberryPi 3 with DietPi OS, as it has ready made installer for hot spot and I could make it work as openVPN gateway...but opnsense would be so much better...
Title: Re: [Working] OPNsense on Raspberry Pi 2
Post by: nekoprog on April 24, 2019, 02:57:10 pm
Most of Nano Pi products already have it's uboot supported by FreeBSD. In case you would like to help, try looking in FreeBSD/ports/sysutils/Makefile (https://github.com/freebsd/freebsd-ports/blob/master/sysutils/Makefile), look for u-boot, if it's there, it should be able to install OPNsense. If it's not there, try opening new issue or you could try create uboot slave file for that device and make a pull request. Any help would be appreciated in porting OPNsense into arm devices.

UPDATE: I have made a wishlist on first page, complete with defconfig and dtb name. It should help other contributors who would like to write uboot slave file and make PR on FreeBSD Ports.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: daquirm on April 27, 2019, 03:19:59 am
I see in the list the first version of NEO, which was build on 32bit H3 chip...NEO 2 is build on 64bit H5...I don’t have the device yet and I don’t have coding skills...could I contribute somehow just by buing it and testing your build?
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: tsgan on April 27, 2019, 04:52:48 pm
OPNsense on NanoPI R1 works.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: nekoprog on April 28, 2019, 03:03:15 am
I see in the list the first version of NEO, which was build on 32bit H3 chip...NEO 2 is build on 64bit H5...I don’t have the device yet and I don’t have coding skills...could I contribute somehow just by buing it and testing your build?
Don't buy it yet, because i don't have a working image for it at the moment.

OPNsense on NanoPI R1 works.
Nice. Can you share your configs and make a pull request on tools.git so everyone with nanopi r1 can use it?
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: tsgan on April 28, 2019, 01:20:19 pm
I just built the image with some local changes. And IIRC OPNsense doesn't support yet FreeBSD 12.x and FreeBSD 13.0-CURRENT, there are some changes needed for ure(4) to work correctly (only current has the changes) as well as for emmc (small fix is needed for now for aw_mmc driver).
OPNsense should also correctly handle https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=224740 bug when cross compiling, otherwise it fails for number of ports.
Also OPNsense should fix ifinfo when showing statistics, it needs patch.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: nekoprog on May 03, 2019, 02:03:49 am
Raspberry Pi3 and OrangePi PC2 image is ready for download. Need tester to test this image able to boot or not. Download link on first page.

There's a great chance that OrangePi PC2 image will not boot. Need to implement some of these codes (https://gitlab.com/HardenedBSD/hardenedBSD/blob/hardened/current/master/release/arm64/PINE64.conf) into OPNsense/tools/build/arm.sh
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: chemlud on May 03, 2019, 08:54:33 am
Downloaded raspi 3 image and checked SHA256 on .img (!, not .xz), was OK.

Burned image with

Code: [Select]
dd if=OPNsense-##.#.##-[Type]-[Architecture].img of=/dev/daX bs=16k
but on boot I get the infamous rainbow screen and green LED blinking seven times, which means:

Code: [Select]
7 flashes: kernel.img not found
https://elinux.org/R-Pi_Troubleshooting#Green_LED_blinks_in_a_specific_pattern

...tbc...
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: nekoprog on May 03, 2019, 09:07:38 am
Downloaded raspi 3 image and checked SHA256 on .img (!, not .xz), was OK.

Burned image with

Code: [Select]
dd if=OPNsense-##.#.##-[Type]-[Architecture].img of=/dev/daX bs=16k
but on boot I get the infamous rainbow screen and green LED blinking seven times, which means:

Code: [Select]
7 flashes: kernel.img not found
https://elinux.org/R-Pi_Troubleshooting#Green_LED_blinks_in_a_specific_pattern

...tbc...
Looks promising, want to experiment a little bit? Copy all these files (https://github.com/raspberrypi/firmware/tree/master/boot) into your microsd card, but do not overwrite existing files.

If still blinking, try installing rpi-firmware on your freebsd machine, and copy armstub8.bin into the same folder mentioned above.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: chemlud on May 03, 2019, 09:32:30 am
Hmm, I'm not a GIT-guy (and my local nerd is still sleeping...), how to download all this stuff? 8-)

Have no BSD-machine here currently iirc, tried last fall last time, I guess... busy days... ;-)

Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: nekoprog on May 03, 2019, 09:54:24 am
Hmm, I'm not a GIT-guy (and my local nerd is still sleeping...), how to download all this stuff? 8-)

Have no BSD-machine here currently iirc, tried last fall last time, I guess... busy days... ;-)
No worries. Try copying these files and boot. One fix at a time and remove older fix before trying other fix.
Fix 1 (https://drive.google.com/open?id=1lZBeN6zwH4vhB4oH4am8DONelVvQcCD1)
Fix 2 (https://drive.google.com/open?id=1Ru8ZJWeHQu2AH80hfYetIg9m5YkgxEeq) (copy both files)
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: chemlud on May 03, 2019, 10:08:22 am
OK, fix1 gives me a rainbow screen without green blinking...

Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: nekoprog on May 03, 2019, 10:09:30 am
OK, fix1 gives me a rainbow screen without green blinking...
But it doesn't boot into OPNsense?
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: chemlud on May 03, 2019, 10:13:21 am
Rainbow screen is always "end of story" on raspi. Nothing going further...


Fix 1 removed, added the two kernel .img of fix 2 and it actually boots, but after

(secondary_start kernel) from [<00.....

next line is

---[ end Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(179,2) ]---
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: nekoprog on May 03, 2019, 10:23:25 am
Rainbow screen is always "end of story" on raspi. Nothing going further...


Fix 1 removed, added the two kernel .img of fix 2 and it actually boots, but after

(secondary_start kernel) from [<00.....

next line is

---[ end Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(179,2) ]---
Thanks for the test. I'll take another look at it. Probably some minor kernel misconfiguration. as long as it boots, there will be a way to proceed.

Want to try number guessing game? Looks like there's a fix here https://raspberrypi.stackexchange.com/questions/40854/kernel-panic-not-syncing-vfs-unable-to-mount-root-fs-on-unknown-block179-6

or maybe some stupid mistake by me. can you rename config_rpi3.txt to config.txt?
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: chemlud on May 03, 2019, 10:46:20 am
I tried the config rename, but then I get :

Code: [Select]
mmc1 is current device
scanning mmc 1:1...

Device =: unknown device

...and then it tries a PXE boot:

Code: [Select]
"Waiting for Ethernet connection...

missing environment variable: pxeuuid
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/01-b8-27-....

...and after some unsuccessful tries I end up with a U-boot prompt.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: nekoprog on May 03, 2019, 10:55:31 am
I tried the config rename, but then I get :

Code: [Select]
mmc1 is current device
scanning mmc 1:1...

Device =: unknown device

...and then it tries a PXE boot:

Code: [Select]
"Waiting for Ethernet connection...

missing environment variable: pxeuuid
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/01-b8-27-....

...and after some unsuccessful tries I end up with a U-boot prompt.
It digs deeper. Can you try booting it again with fix 1?
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: chemlud on May 03, 2019, 10:56:44 am
Regarding the link to fix:

I can open (on a linux machine) only the first partition of the (two) partitions visible on the SD-card, the one called "MSDOSBOOT" and on this partition I see no cmdline.txt

Booting with SHIFT pressed ends at the same error message, I think this works only on NOOBS?
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: nekoprog on May 03, 2019, 11:01:16 am
Regarding the link to fix:

I can open (on a linux machine) only the first partition of the (two) partitions visible on the SD-card, the one called "MSDOSBOOT" and on this partition I see no cmdline.txt

Booting with SHIFT pressed ends at the same error message, I think this works only on NOOBS?
cmdline.txt was not included in freebsd rpi-firmware package. i think it's optional, because rpi2 also didn't have it. i'll take another look at it later.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: chemlud on May 03, 2019, 11:01:22 am
Adding fix 1 (armstub8.bin) ends in rainbow screen. This is a deadend road. Tried again (with the two kernel images), same result
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: nekoprog on May 03, 2019, 11:06:42 am
Adding fix 1 (armstub8.bin) ends in rainbow screen. This is a deadend road. Tried again (with the two kernel images), same result
Want to try this fix? https://lists.freebsd.org/pipermail/freebsd-arm/2016-November/015094.html

or make a copy of bcm2710* and rename it to bcm2837*.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: chemlud on May 03, 2019, 11:23:08 am
I copied over a cmdline.txt from a functional raspbian stretch (booting on any raspi) with the following content:

Quote
dwc_otg.lpm_enable=0 console=ttyAMA0,115200 kgdboc=ttyAMA0,115200 console=tty1 root=/dev/mmcblk0p2 rootfstype=ext4 elevator=deadline fsck.repair=yes rootwait

and changed

Code: [Select]
root=/dev/mmcblk0p2
to

Code: [Select]
root=/dev/mmcblk0p6
...but this changed only the kernel panic message to

Code: [Select]
---[ end Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(179,6) ]---
...would love to play around the rest of the weekend, but have to earn some money unfortunately...

;-)

PS: The rootfstype is not EXT4 for the opnsense, what would be correct for cmdline.txt? Or simply remove this entry?
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: chemlud on May 03, 2019, 11:28:53 am
...renaming the bcm2710.....dtb to bcm2837...dtb didn't change anything.

I think we try to boot from the wrong partition, does your image use the

/dev/mmcblk0p2

for root?
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: chemlud on May 03, 2019, 11:40:00 am
OK, one last try:

https://lists.freebsd.org/pipermail/freebsd-arm/2016-November/015094.html

- Removed the cmdline.txt added previously

- Copied the uboot.bin and armstub8.bin to the card, config.txt was already correct and booted:

Rainbow screen...
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: nekoprog on May 03, 2019, 12:11:13 pm
OK, one last try:

https://lists.freebsd.org/pipermail/freebsd-arm/2016-November/015094.html

- Removed the cmdline.txt added previously

- Copied the uboot.bin and armstub8.bin to the card, config.txt was already correct and booted:

Rainbow screen...
it's hard to debug without the device. i'll try using qemu. might take some time. thanks for the test.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: chemlud on May 03, 2019, 01:17:35 pm
Is it a secret where you are located on our planet?
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: nekoprog on May 03, 2019, 01:32:28 pm
Is it a secret where you are located on our planet?
i'm a full-time psychic detective.  ;D
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: chemlud on May 03, 2019, 02:33:32 pm
...just asking. If you were just around the corner I might send you one of my raspi 3...
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: nekoprog on May 03, 2019, 05:22:45 pm
sorry misunderstood your question, english is not my native language. i live in south-east asia. no worry, i have setup qemu in my machine, will give it a test soon.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: orangana on May 05, 2019, 10:57:59 pm
@nekoprog

some more for the wish list (all supported by BSD and listed here: https://github.com/HardenedBSD/hardenedbsd-ports/blob/master/sysutils/Makefile):


Thank's for your work and effort! opnsense will come more widely and more easily available with these low cost boards. They are great for travel (road warrior  8)) and even suitable for some small networks which are locked down with vendor only routers
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: jmccoy555 on May 06, 2019, 09:45:22 pm
sorry misunderstood your question, english is not my native language. i live in south-east asia. no worry, i have setup qemu in my machine, will give it a test soon.

I've got a Pi 3B+ sat here if you need a test!!

This image boots!! https://download.freebsd.org/ftp/releases/arm64/aarch64/ISO-IMAGES/12.0/FreeBSD-12.0-RELEASE-arm64-aarch64-RPI3.img.xz (https://download.freebsd.org/ftp/releases/arm64/aarch64/ISO-IMAGES/12.0/FreeBSD-12.0-RELEASE-arm64-aarch64-RPI3.img.xz)
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: nekoprog on May 07, 2019, 04:33:05 pm
current OPNsense uses freebsd 11.2. for now i stop experimenting with arm64 because freebsd simply don't have it working yet. but once OPNsense start using freebsd 12.0, i will help again if needed.

for wishlist, i suggest arm boards with at least 1gb ram, and multicore cpu. lower than that we have to ignore it because it will not work. even with RPI2 specs, it's still considered too slow for advanced use.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: orangana on May 08, 2019, 12:38:18 pm
for wishlist, i suggest arm boards with at least 1gb ram, and multicore cpu. lower than that we have to ignore it because it will not work. even with RPI2 specs, it's still considered too slow for advanced use.

Please add the two following as they fit to your suggestions (multicore cpu & 1gb of ram) and listed here: https://github.com/HardenedBSD/hardenedbsd-ports/blob/master/sysutils/Makefile


- orangepi-pc (h3 quad core, 1gb ram, http://linux-sunxi.org/Orange_Pi_PC)
- orangepi-pc2 (h5 quad core, arm64, 1gb ram, http://linux-sunxi.org/Orange_Pi_PC_2)

current OPNsense uses freebsd 11.2. for now i stop experimenting with arm64 because freebsd simply don't have it working yet. but once OPNsense start using freebsd 12.0, i will help again if needed.

Could you consider creating a image for the orangepi-pc (as it's supported by freebsd 11.2 and isn't a arm64). I like to test the image and give report! :D (I would really like to do it myself but have insufficient infrastructure: metered slow internet and weak cpu)
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: nekoprog on May 08, 2019, 07:19:17 pm
for wishlist, i suggest arm boards with at least 1gb ram, and multicore cpu. lower than that we have to ignore it because it will not work. even with RPI2 specs, it's still considered too slow for advanced use.

Please add the two following as they fit to your suggestions (multicore cpu & 1gb of ram) and listed here: https://github.com/HardenedBSD/hardenedbsd-ports/blob/master/sysutils/Makefile


- orangepi-pc (h3 quad core, 1gb ram, http://linux-sunxi.org/Orange_Pi_PC)
- orangepi-pc2 (h5 quad core, arm64, 1gb ram, http://linux-sunxi.org/Orange_Pi_PC_2)

current OPNsense uses freebsd 11.2. for now i stop experimenting with arm64 because freebsd simply don't have it working yet. but once OPNsense start using freebsd 12.0, i will help again if needed.

Could you consider creating a image for the orangepi-pc (as it's supported by freebsd 11.2 and isn't a arm64). I like to test the image and give report! :D (I would really like to do it myself but have insufficient infrastructure: metered slow internet and weak cpu)
Could be done, will take some time to create new device config for orangepi-pc and test compile.  :)
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: marjohn56 on May 08, 2019, 09:29:13 pm
I've taken delivery of a NanoPi R1, which image should I be using?


I've had OpenWRT running on it after writing the image to an mmc, but not having any joy with Opnsense, I keep seeing checksum error.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: nekoprog on May 09, 2019, 02:41:17 am
I've taken delivery of a NanoPi R1, which image should I be using?


I've had OpenWRT running on it after writing the image to an mmc, but not having any joy with Opnsense, I keep seeing checksum error.
Currenly we have a huge code changes for compiling arm device. Will have to check again if nanopi-r1 is supported on freebsd 11.2 or not.

Meanwhile opnsense have an official test image for rpi2, bpi image will come after boot issue has been fixed. When fixed, porting sunxi allwinner arm 32bit will be available.

https://pkg.opnsense.org/FreeBSD:11:armv6/19.1/
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: tsgan on May 14, 2019, 08:19:34 am
I've taken delivery of a NanoPi R1, which image should I be using?


I've had OpenWRT running on it after writing the image to an mmc, but not having any joy with Opnsense, I keep seeing checksum error.

You can try https://people.freebsd.org/~ganbold/OPNsense-201903201231-OpenSSL-arm-armv7-nanopi-r1.img.xz
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: chemlud on May 15, 2019, 04:43:24 pm
btw the Odroid XU4 is a quite powerful 32 bit (!) machine, maybe we could have support for this without much effort? :-)

I now have my hands on the little machine and before I set up the intended NAS I could test some other stuff ;-)
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: marjohn56 on May 16, 2019, 10:47:33 pm
You can try https://people.freebsd.org/~ganbold/OPNsense-201903201231-OpenSSL-arm-armv7-nanopi-r1.img.xz (https://people.freebsd.org/~ganbold/OPNsense-201903201231-OpenSSL-arm-armv7-nanopi-r1.img.xz)


Thanks, will give it a go at the weekend.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: pnewb on May 16, 2019, 11:54:32 pm
You can try https://people.freebsd.org/~ganbold/OPNsense-201903201231-OpenSSL-arm-armv7-nanopi-r1.img.xz

Working just fine so far.  No interface for wireless, but it boots, recognizes wired/wireless, and otherwise seems to function great.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: marjohn56 on May 18, 2019, 04:20:44 pm
Not for me sadly, awg0 works fine as LAN or WAN, but ue0 does not work as either LAN or WAN, rather odd as I can see it when I netscan, and it has the correct address, but I cannot ping to it or ping from it to any client. If I reverse the assignments then LAN works but WAN doesn't. Any ideas?
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: tsgan on May 18, 2019, 07:44:32 pm
Not for me sadly, awg0 works fine as LAN or WAN, but ue0 does not work as either LAN or WAN, rather odd as I can see it when I netscan, and it has the correct address, but I cannot ping to it or ping from it to any client. If I reverse the assignments then LAN works but WAN doesn't. Any ideas?

Try to set ue0 in promisc mode and configure IP address if needed. That way it works.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: marjohn56 on May 19, 2019, 05:51:20 pm
And that fixed it... :)


Now just the wifi to sort out.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: tsgan on May 20, 2019, 10:46:38 am
And that fixed it... :)


Now just the wifi to sort out.

There is no driver yet for wifi unfortunately.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: NetGobbler on May 28, 2019, 06:28:50 am
Hi all,

I'm curious how the progress is coming along.

I posted maybe a year ago, I got the impression we were, about a year away.

This thread looks nice and active.

Do we think in the coming 3 to 6 months we may see a simple "download this image, burn to SD card and pop in the Pi, you're good to go" kind of situation?    It certainly seems mostly promising anyhow.

Bear in mind, I'm not foolish enough to expect it to operate on a 1Gbit internet line, but in my country, even just handling 25Mbits is probably more than enough.

Thanks all (and keep up the wonderful work)
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: franco on June 03, 2019, 04:03:20 pm
Long story short, the image for RPI-2 is here https://pkg.opnsense.org/FreeBSD:11:armv6/19.1/OPNsense-19.1-test-OpenSSL-arm-armv6-RPI2.img.bz2 and there might be an update before 19.7 but we have no plans to make 32-bit arm officially supported with rolling binary updates.

There's tools.git for everyone who wants to build a certain ARM device:

https://github.com/opnsense/tools#cross-building-for-other-architecures


Cheers,
Franco
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: orangana on June 03, 2019, 04:20:40 pm
Long story short, the image for RPI-2 is here https://pkg.opnsense.org/FreeBSD:11:armv6/19.1/OPNsense-19.1-test-OpenSSL-arm-armv6-RPI2.img.bz2 and there might be an update before 19.7 but we have no plans to make 32-bit arm officially supported with rolling binary updates.

There's tools.git for everyone who wants to build a certain ARM device:

https://github.com/opnsense/tools#cross-building-for-other-architecures


Cheers,
Franco

Any news/ideas about a raspberry pi 3 image or for a orange pi?
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: franco on June 03, 2019, 04:22:42 pm
There is no workable RPI3 support in HardenedBSD 11. We can add it when we are on HardenedBSD 12.


Cheers,
Franco
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: NetGobbler on June 03, 2019, 04:30:29 pm
There is no workable RPI3 support in HardenedBSD 11. We can add it when we are on HardenedBSD 12.


Cheers,
Franco

Hi Franco,

I'm confused by the post I've quoted above and this:
"and there might be an update before 19.7 but we have no plans to make 32-bit arm officially supported with rolling binary updates."


Am I mixing things up, is the Rpi3, 64bit and potentially viable long term but we just need to wait for Hardened BSD12?   (is this getting close?  the movement in this thread made me think that might be the case)
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: franco on June 03, 2019, 04:33:04 pm
Yes.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: NetGobbler on June 03, 2019, 04:34:40 pm
I suspect that yes, is to about 3 of my questions in a row.
In that case, thank you, I'll wait patiently, should be a fun project.
Hopefully USB support is added, I suspect it will be needed for the Pi.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: franco on June 03, 2019, 04:37:37 pm
Some USB should work out of the box, but performance is not great (the hardwired one is also USB).

We don't know if RPI3 is the right platform, the 1 ethernet default is relatively limiting. HBSD 12 is planned in early 2020. A lot can happen, or maybe not. These things are weird sometimes. ;)

Best way is to use a VLAN for small-scale deployments plus VLAN-switch to make a number of interfaces on the same NIC in and out.


Cheers,
Franco
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: NetGobbler on June 03, 2019, 04:45:34 pm
My understanding is also that it's "weeny" hardware and unsuitable, but there's a lot of Pi out there and some of us, in some terrible countries have internet under 25Mbit per second.  In those instances, I suspect a Pi might actually be a fully comprehensive piece of hardware for very little money.

I will wait patiently, I have 3 of them so I'm happy to experiment!
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: franco on June 03, 2019, 04:48:19 pm
Well if necessary it can do wonders so we don't question utility. The question is rather about versatility and how to effectively replace "cheap plastic" routers.

You can even torture RPI2 it with Suricata if you dare. :>


Cheers,
Franco
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: orangana on June 08, 2019, 12:46:21 am
Can someone tell if the raspberry pi 2 image also works on the raspberry pi 3? And is wifi working?

And really great that it finally happens! Opnsense on arm just makes sense!  ;D
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: NetGobbler on June 08, 2019, 02:17:43 am
Based on the discussions in this thread, I recommend you just wait.  It is possible we may see a 'proper' image released in the coming 6 to 12 months (?) if I understand correctly.

You'll also be better off, buying a USB network card, that's supported by the Pi.
Just wait, this may take off, in time.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: mimugmail on June 08, 2019, 06:32:13 am
RPI3 is not compatible to RPI2, sorry.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: orangana on June 10, 2019, 12:39:47 am
I'm waiting already a couple of years... one more... one less isn't that hard :P

But even with a usb network card the raspberry will still be the shitiest thing for networking (all 4 usb and the internal mac shared in one(!) physical usb hub). For i/o - specially for network this is probably the worst case design flaw. Even a $10 orange pi one with a allwinner h3 is kicking the raspberries away in terms of network throughput simply because the ethernet and usb port's are not shared. Sadly it looks like there is no future for the h3 boards with opnsense  :(
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: tsgan on June 10, 2019, 07:13:56 pm
I'm waiting already a couple of years... one more... one less isn't that hard :P

But even with a usb network card the raspberry will still be the shitiest thing for networking (all 4 usb and the internal mac shared in one(!) physical usb hub). For i/o - specially for network this is probably the worst case design flaw. Even a $10 orange pi one with a allwinner h3 is kicking the raspberries away in terms of network throughput simply because the ethernet and usb port's are not shared. Sadly it looks like there is no future for the h3 boards with opnsense  :(

check out nanopi-r1, RPI0,1,2,3 is not a really for router/firewall.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: orangana on June 11, 2019, 11:58:49 pm
check out nanopi-r1, RPI0,1,2,3 is not a really for router/firewall.

Thank's for the tip. I have already a good collection of devices and was hoping to get one of mine supported. I have a orange pi one and a orange pi pc which share the same soc as the nano pi r1 (allwinner h3). With a added usb network card they are ready to rumble... when opnsense is ready - it shouldn't be that hard as their is already a image for the h3 soc :P
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: chemlud on June 24, 2019, 09:24:32 am
Good news!

https://cdn.shopify.com/s/files/1/1560/1473/files/Inside_Raspberry_Pi_4.pdf?2142

...but how long will it take till the support will reach BSD? :-(
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: mimugmail on June 24, 2019, 10:06:03 am
FreeBSD 12 should be aware of it ...
https://reviews.freebsd.org/D12184
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: chemlud on June 24, 2019, 10:27:23 am
The CPU at least, but there is some more work to do I guess?
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: bobbythomas on June 25, 2019, 12:10:07 am
Good news!

https://cdn.shopify.com/s/files/1/1560/1473/files/Inside_Raspberry_Pi_4.pdf?2142

...but how long will it take till the support will reach BSD? :-(

I have ordered this one and I should expect it by this week or next. Since RPI 4 is here with better Specs (Cortex A72 ARM-V8, Gigabit Ethernet, LPDDR4, USB3, Wifi AC) this should be ideal to run OPNsense and FreeBSD. Can we expect some development for this board soon?
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: Wiggles on June 25, 2019, 06:29:49 am
I'm excited to see if this 4th gen will be the answer to a super budget home firewall.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: chemlud on June 25, 2019, 08:58:41 am
Quote
I have ordered this one and I should expect it by this week or next. Since RPI 4 is here with better Specs (Cortex A72 ARM-V8, Gigabit Ethernet, LPDDR4, USB3, Wifi AC) this should be ideal to run OPNsense and FreeBSD. Can we expect some development for this board soon?

Have a look at raspi 3, there is no working BSD-sense image yet, as the hardware is not really supported by the OS yet. Assume the same to happen for raspi 4...
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: bobbythomas on June 25, 2019, 09:12:09 am
Quote
I have ordered this one and I should expect it by this week or next. Since RPI 4 is here with better Specs (Cortex A72 ARM-V8, Gigabit Ethernet, LPDDR4, USB3, Wifi AC) this should be ideal to run OPNsense and FreeBSD. Can we expect some development for this board soon?

Have a look at raspi 3, there is no working BSD-sense image yet, as the hardware is not really supported by the OS yet. Assume the same to happen for raspi 4...

I think we would see more development for this little guy as it is one of the best hardware released by RPI team.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: NetGobbler on July 20, 2019, 02:22:54 am
It's not that simple ,they need to fully port BSD to Arm or something, then Hardened BSD needs to import the code and eventually make their own hardened BSD 12 that's truly Pi compatible, then, finally the opensense folk will have a stable base to work with.

That's my understanding, they're slowly getting there.    I still think maybe in 2020 sometime you can buy a $35 Pi 4.0 and a $10 USB network card and end up with it working well. (assuming 1GB is fine?)
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: nekoprog on July 23, 2019, 05:25:08 am
Hi, for the record @tsgan have successfully use freebsd12 with nanopi, means that freebsd12 is a solid base but opnsense still need to port it's current code from freebsd 11.2 to 12, after that tools.git will support most of the pies.

Quite busy lately to check into tools.git, but  I will try it with freebsd12 and modified device configs that will use freesd12 source.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: NetGobbler on July 23, 2019, 06:19:23 am
I thought it was dependent on HardenedBSD not FreeBSD.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: franco on July 23, 2019, 07:55:27 am
The thing is OPNsense is on top of HardenedBSD. HardenedBSD is on top of FreeBSD. FreeBSD provides most of new hardware support. So it depends on both BSDs to catch up.


Cheers,
Franco
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: NetGobbler on July 23, 2019, 09:01:01 am
Exactly what I thought, long process.
Hopefully a Pi4, with USB NIC, will be ok.  The Raspberry manufacturers opted to NOT include any kind of crypto chip / functionality in the silicon, so it's going to be pretty basic - but maybe enough for a 100MBit internet (who knows?)  which would still service millions across the internet.

Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: gazpl on August 28, 2019, 02:27:46 pm
just saw https://www.cnx-software.com/2019/08/27/banana-pi-bpi-r64-linux-router-board/
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: khantroll on September 01, 2019, 09:38:06 pm
Hi! Has there been any progress on the espressobin? I've got one I'd be happy to test with.

Thanks!
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: nekoprog on September 03, 2019, 10:47:00 am
Hi! Has there been any progress on the espressobin? I've got one I'd be happy to test with.

Thanks!
espressobin is using aarch64, right now opnsense is using 11.2, not yet supported arm64 device, but rest assured you can hack your way if using freebsd12 and replace *.dtb to something like this armada-3720-espressobin.dtb | armada-3720-community.dtb

If it boots on freebsd12, it will boot on next major release of opnsense.  :)

UPDATE: Just found out that 11.3 supports aarch64 (https://download.freebsd.org/ftp/releases/VM-IMAGES/11.3-RELEASE/aarch64/Latest/). Could try making device config for RPI3 and Allwinner again.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: khantroll on September 03, 2019, 06:00:11 pm
I'll give it a go :) I'm going to have to read up on Opnsense tools, as well as find an 11.3 image for the expressobin (I'm currently running 12.0 on the Espressobin.

Thanks!
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: gandalf on September 24, 2019, 04:37:50 pm
...
Wishlist (Needs uboot slave file in ports (https://github.com/HardenedBSD/hardenedbsd-ports/blob/master/sysutils/Makefile) to make it work)
#Devicedefconfigdtb
1ESPRESSObin??armada-3720-espressobin.dtb | armada-3720-community.dtb
...




any tutorial, quick how-to or usefull help for espressobin support available somewhere ?
I may want to test OPNSense on my own board but I am more a Debian/OpenWRT user than a FreeBSD/OPNSense user.

Thanks for your help...
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: mimugmail on September 24, 2019, 06:23:10 pm
It's not supported, sorry
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: nekoprog on September 26, 2019, 04:27:24 am
Let's hope FreeBSD can add this new port
[new ports] sysutils/u-boot-espressobin (https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=240828)
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: spikerguy on September 26, 2019, 02:23:04 pm
Hello,
I am new to opnsense forum but not new to the software on x86.
I want to know how can I port opnsense to Armv7 and aarch64 boards? I have good knowledge in linux world but slowly moving to bsd too.
If there is any guide or documentation for porting freebsd or specifically opnsense then I would love to contribute.
Thanks
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: nekoprog on September 26, 2019, 03:22:05 pm
Hello,
I am new to opnsense forum but not new to the software on x86.
I want to know how can I port opnsense to Armv7 and aarch64 boards? I have good knowledge in linux world but slowly moving to bsd too.
If there is any guide or documentation for porting freebsd or specifically opnsense then I would love to contribute.
Thanks

You can start from here (https://github.com/opnsense/tools) for opnsense build tools. For arm sources, you'll have to look everywhere and bring it back to github opnsense/tools for device configs and build scripts.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: spikerguy on September 26, 2019, 03:54:59 pm
Thanks for the quick response.
This is something I was looking for. This is full porting tool, I am used to Manjaro-arm-tools which is something similar to this.

I will go through this and get back here to ask more questions.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: dgktkr on October 08, 2019, 10:46:06 pm
Hi,

I have a ClearFog Base which is based on an armv7 SOC, but it can run armv6. I've gotten FreeBSD 11.2, 12.0 and 12.1 to boot and run on it with both ethernet ports working properly.

I've followed nekoprog's instructions https://github.com/nekoprog/pieSense/blob/master/README.md (https://github.com/nekoprog/pieSense/blob/master/README.md) with appropriate modifications.

In the /usr/tools/Makefile the line

Code: [Select]
ARCH?= ${_ARCH}

was replaced by

Code: [Select]
ARCH?= arm:armv6

and the line

Code: [Select]
DEVICE?= A10

was replaced by

Code: [Select]
DEVICE?= CLEARFOG.


The file /usr/tools/device/CLEARFOG.conf was created and modeled after BANANAPI.conf:

Code: [Select]
export MAKE_ARGS_DEV="
CROSS_BINUTILS_PREFIX=/usr/local/arm-gnueabi-freebsd11.2/bin
UBLDR_LOADADDR=0x900000
"

export PRODUCT_TARGET=arm
export PRODUCT_ARCH=armv6
export PRODUCT_WANTS="arm-gnueabi-binutils qemu-user-static u-boot-clearfog"

export ARM_FAT_SIZE="32m -b 1m"
export ARM_UBOOT_DIR="/usr/local/share/u-boot/u-boot-clearfog"

arm_install_uboot()
{
arm_unmount
dd if=${ARM_UBOOT_DIR}/u-boot-spl.kwb of=/dev/${DEV} bs=1k seek=8 conv=sync
arm_mount
cp ${ARM_UBOOT_DIR}/boot.scr ${STAGEDIR}/boot/msdos
cp -p ${STAGEDIR}/boot/ubldr.bin ${STAGEDIR}/boot/msdos
ln ${STAGEDIR}/boot/dtb/clearfog.dtb ${STAGEDIR}/boot/dtb/armada-388-clearfog.dtb
}

Code: [Select]
#pkg install git qemu-user-static arm-gnueabi-binutils u-boot-clearfog


was invoked and completed successfully.

When

Code: [Select]
/usr/tools #make base

is executed, the computer works for quite a while until the build fails with a relocation overflow. The first sign of trouble is

Code: [Select]
===> usr.bin/clang/clang (all)
cc1_main.o: In function `cc1_main(llvm::ArrayRef<char const*>, char const*, void*)':
cc1_main.cpp:(.text._Z8cc1_mainN4llvm8ArrayRefIPKcEES2_Pv+0x45c): relocation truncated to fit: R_ARM_CALL against symbol `llvm::install_fatal_error_handler(void (*)(void*, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, bool), void*)' defined in .text._ZN4llvm27install_fatal_error_handlerEPFvPvRKNSt3__112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEEbES0_ section in /usr/obj/arm.armv6/usr/src/lib/clang/libllvm/libllvm.a(ErrorHandling.o)

This problem looks like the same issue reported and supposedly solved about 11 months ago https://github.com/opnsense/tools/issues/113 (https://github.com/opnsense/tools/issues/113)

Running

Code: [Select]
/usr/tools #make xtools


before

Code: [Select]
/usr/tools # make base


doesn't solve the problem. And after building xtools, running

Code: [Select]
/usr/tools #make packages


fails in the same place in the same way as

Code: [Select]
/usr/tools #make base.

Was the fix that was implemented in tools last December propagated to the current version at https://github.com/opnsense/tools (https://github.com/opnsense/tools)?
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: nekoprog on October 09, 2019, 02:34:57 pm
Hi,

I have a ClearFog Base which is based on an armv7 SOC, but it can run armv6. I've gotten FreeBSD 11.2, 12.0 and 12.1 to boot and run on it with both ethernet ports working properly.

I've followed nekoprog's instructions https://github.com/nekoprog/pieSense/blob/master/README.md (https://github.com/nekoprog/pieSense/blob/master/README.md) with appropriate modifications.

In the /usr/tools/Makefile the line

Code: [Select]
ARCH?= ${_ARCH}

was replaced by

Code: [Select]
ARCH?= arm:armv6

and the line

Code: [Select]
DEVICE?= A10

was replaced by

Code: [Select]
DEVICE?= CLEARFOG.


The file /usr/tools/device/CLEARFOG.conf was created and modeled after BANANAPI.conf:

Code: [Select]
export MAKE_ARGS_DEV="
CROSS_BINUTILS_PREFIX=/usr/local/arm-gnueabi-freebsd11.2/bin
UBLDR_LOADADDR=0x900000
"

export PRODUCT_TARGET=arm
export PRODUCT_ARCH=armv6
export PRODUCT_WANTS="arm-gnueabi-binutils qemu-user-static u-boot-clearfog"

export ARM_FAT_SIZE="32m -b 1m"
export ARM_UBOOT_DIR="/usr/local/share/u-boot/u-boot-clearfog"

arm_install_uboot()
{
arm_unmount
dd if=${ARM_UBOOT_DIR}/u-boot-spl.kwb of=/dev/${DEV} bs=1k seek=8 conv=sync
arm_mount
cp ${ARM_UBOOT_DIR}/boot.scr ${STAGEDIR}/boot/msdos
cp -p ${STAGEDIR}/boot/ubldr.bin ${STAGEDIR}/boot/msdos
ln ${STAGEDIR}/boot/dtb/clearfog.dtb ${STAGEDIR}/boot/dtb/armada-388-clearfog.dtb
}

Code: [Select]
#pkg install git qemu-user-static arm-gnueabi-binutils u-boot-clearfog


was invoked and completed successfully.

When

Code: [Select]
/usr/tools #make base

is executed, the computer works for quite a while until the build fails with a relocation overflow. The first sign of trouble is

Code: [Select]
===> usr.bin/clang/clang (all)
cc1_main.o: In function `cc1_main(llvm::ArrayRef<char const*>, char const*, void*)':
cc1_main.cpp:(.text._Z8cc1_mainN4llvm8ArrayRefIPKcEES2_Pv+0x45c): relocation truncated to fit: R_ARM_CALL against symbol `llvm::install_fatal_error_handler(void (*)(void*, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, bool), void*)' defined in .text._ZN4llvm27install_fatal_error_handlerEPFvPvRKNSt3__112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEEbES0_ section in /usr/obj/arm.armv6/usr/src/lib/clang/libllvm/libllvm.a(ErrorHandling.o)

This problem looks like the same issue reported and supposedly solved about 11 months ago https://github.com/opnsense/tools/issues/113 (https://github.com/opnsense/tools/issues/113)

Running

Code: [Select]
/usr/tools #make xtools


before

Code: [Select]
/usr/tools # make base


doesn't solve the problem. And after building xtools, running

Code: [Select]
/usr/tools #make packages


fails in the same place in the same way as

Code: [Select]
/usr/tools #make base.

Was the fix that was implemented in tools last December propagated to the current version at https://github.com/opnsense/tools (https://github.com/opnsense/tools)?

This repo has been archived and only works on OPNsense 18.01 where building for arm is not yet supported.  What version of FreeBSD you're using? This line should be edited too following your FreeBSD version.
CROSS_BINUTILS_PREFIX=/usr/local/arm-gnueabi-freebsd11.2/bin

Instead of editing Makefile, you should just create new device config and call it like this
Code: [Select]
make STEP DEVICE=CLEARFOG
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: dgktkr on October 09, 2019, 04:57:05 pm
Hi nekoprog,

Thanks for the prompt reply. The version of the host FreeBSD was 12.0. I'm downloading 11.2 right now so it can be installed and used to cross build OPNsense for arm.

Quote
This repo has been archived and only works on OPNsense 18.01 where building for arm is not yet supported.

Could you elaborate on that? Where should tools be downloaded from to enable a successful build for armv6? From the console output, it looks like it was trying to build OPNsense 19.7.

dgktkr
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: dgktkr on October 09, 2019, 07:53:56 pm
Another question: Where does one specify KERNCONF for the kernel build of the target SOC, in my case: /usr/src/sys/arm/conf/ARMADA38X? For bananapi it seemed to be specified in older versions of BANANAPI.conf as KERNEL=ALLWINNER https://github.com/opnsense/src/blob/8d1a9170bd4d9d50ffeecc2c8366ec34b8ebdb02/release/arm/BANANAPI.conf#L6-L18 (https://github.com/opnsense/src/blob/8d1a9170bd4d9d50ffeecc2c8366ec34b8ebdb02/release/arm/BANANAPI.conf#L6-L18).

dgktkr
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: nekoprog on October 10, 2019, 02:11:00 am
Hi nekoprog,

Thanks for the prompt reply. The version of the host FreeBSD was 12.0. I'm downloading 11.2 right now so it can be installed and used to cross build OPNsense for arm.

Quote
This repo has been archived and only works on OPNsense 18.01 where building for arm is not yet supported.

Could you elaborate on that? Where should tools be downloaded from to enable a successful build for armv6? From the console output, it looks like it was trying to build OPNsense 19.7.

dgktkr
pieSense repo has been archived, it's not associated to OPNsense and I use it in the past to test for RPI2 build. Current OPNsense/tools (https://github.com/opnsense/tools) config for arm is more robust, just need to add kernel and device configs.

Another question: Where does one specify KERNCONF for the kernel build of the target SOC, in my case: /usr/src/sys/arm/conf/ARMADA38X? For bananapi it seemed to be specified in older versions of BANANAPI.conf as KERNEL=ALLWINNER https://github.com/opnsense/src/blob/8d1a9170bd4d9d50ffeecc2c8366ec34b8ebdb02/release/arm/BANANAPI.conf#L6-L18 (https://github.com/opnsense/src/blob/8d1a9170bd4d9d50ffeecc2c8366ec34b8ebdb02/release/arm/BANANAPI.conf#L6-L18).

dgktkr
Can you confirm the kernel type? This should be change at https://github.com/opnsense/tools/tree/master/config/19.7 and you need to create new kernel config file, use SMP-BANANAPI for example and rename it to SMP-CLEARFOG and change include ALLWINNER to include ARMADA38X maybe? And ident SMP-BANANAPI to ident SMP-CLEARFOG.

After you have a successful results for BASE KERNEL and PACKAGES, we need to make a minor adjustment to device config for .img creation to make sure it boots into OPNsense later. Here my sample CLEARFOG.conf (https://github.com/nekoprog/tools/blob/patch-1/device/CLEARFOG.conf) if you like to test, I have commented out the parts that needed some modifications. Hope you can help with this.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: dgktkr on October 10, 2019, 06:33:42 am
Hi,

When using FreeBSD 11.2 as the host, make base succeeds, but I'm wondering about the compiles. The build output to the console shows the message

Code: [Select]
SYSTEM_COMPILER: Determined that CC=cc matches the source tree. Not bootstrapping a cross-compiler.

Is code being cross-compiled? If not, is there some environment variable that has to be set so that cross-compiling is done?

dgktkr
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: nekoprog on October 10, 2019, 08:03:26 am
Hi,

When using FreeBSD 11.2 as the host, make base succeeds, but I'm wondering about the compiles. The build output to the console shows the message

Code: [Select]
SYSTEM_COMPILER: Determined that CC=cc matches the source tree. Not bootstrapping a cross-compiler.

Is code being cross-compiled? If not, is there some environment variable that has to be set so that cross-compiling is done?

dgktkr
Just ignore it because we set the target arch on device config. If sets are listed here "ls /usr/local/opnsense/build/19.7/armv6/sets", then it's a success. Proceed with next make step.

Don't forget to include DEVICE=CLEARFOG arguments when running "make". Else you will build i386/amd64 arch images.

Forgot to mention you this before. You need to disable suricata-devel (https://github.com/opnsense/tools/issues/157) when running "make packages DEVICE=CLEARFOG".
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: dgktkr on October 11, 2019, 05:38:44 pm
Hi nekoprog,

Base and kernel for ClearFog have been built successfully thanks to your tips. The corresponding tgz files show up in /usr/local/opnsense/build/19.7/armv6/sets.

The packages build
Code: [Select]
make -j4 packages DEVICE=CLEARFOG errors out after many hours. If the command is repeated, it errors out in a few seconds. Taking out the -j4 option gets farther, but it runs into an error I've made (leaving out suricata as well as suricata-devel). I'll fix that and try again.

dgktkr
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: rene_ on October 11, 2019, 11:29:04 pm
Hi,

i think it better to discuss in this thread.

after some start problems, i got opnsense booting on the armada 385 SoC (Netgate SG3100).

But i am not able to type anything in the serial console, and their are no network ports discoverd :-(

any ideas?

Greets,
René
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: dgktkr on October 12, 2019, 12:13:51 am
Hi rene_,

It does seem strange that your SG3100 can output characters to your terminal emulator, but it can't read input from it. I'm wondering if an appropriate dtb file is being used. Can you (repeatedly) press a key during early boot to get to the u-boot shell? If so, can you type "bootcmd" and get the OS to boot? That should verify if serial communication is working. For proper functioning of the OS, the u-boot code and the dtb file for the OS have to have precise customizations for your particular device.

Hopefully, someone with more knowledge can give you more detailed advice.

dgktkr
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: dgktkr on October 12, 2019, 07:00:49 am
After the suggestions by nekoprog and franco were followed, the packages target was successfully built.

Now the problem is when building the arm image

Code: [Select]
make arm-3G DEVICE=CLEARFOG

the build errors out complaining

Code: [Select]
ln: /usr/obj/usr/tools/config/19.7/OpenSSL:armv6/boot/dtb/clearfog.dtb: No such file or directory
even though I put a valid clearfog.dtb there before the build. So where do I put a valid dtb file (or valid dts file if that's what is required) so that the build finds it?

dgktkr
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: nekoprog on October 12, 2019, 07:30:08 am
Hi nekoprog,

Base and kernel for ClearFog have been built successfully thanks to your tips. The corresponding tgz files show up in /usr/local/opnsense/build/19.7/armv6/sets.

The packages build
Code: [Select]
make -j4 packages DEVICE=CLEARFOG errors out after many hours. If the command is repeated, it errors out in a few seconds. Taking out the -j4 option gets farther, but it runs into an error I've made (leaving out suricata as well as suricata-devel). I'll fix that and try again.

dgktkr
By default, "make" is running with how many CPUs you have from the output of "sysctl kern.smp.cpus".

Hi,

i think it better to discuss in this thread.

after some start problems, i got opnsense booting on the armada 385 SoC (Netgate SG3100).

But i am not able to type anything in the serial console, and their are no network ports discoverd :-(

any ideas?

Greets,
René
Need to look further into defconfig or into kernelconf, maybe the port is not loaded on boot. Got full log?

After the suggestions by nekoprog and franco were followed, the packages target was successfully built.

Now the problem is when building the arm image

Code: [Select]
make arm-3G DEVICE=CLEARFOG

the build errors out complaining

Code: [Select]
ln: /usr/obj/usr/tools/config/19.7/OpenSSL:armv6/boot/dtb/clearfog.dtb: No such file or directory
even though I put a valid clearfog.dtb there before the build. So where do I put a valid dtb file (or valid dts file if that's what is required) so that the build finds it?

dgktkr
You need to copy .dtb into kernel.tgz (look for /boot/dtb, create directory if not exist) in case FreeBSD does not include it during "make kernel". Do not copy into STAGEDIR (/usr/obj/usr/tools/config/19.7/OpenSSL:armv6), files will be replaces with base.tgz and kernel.tgz upon running "make arm".

OR

Edit config/19.7/SMP-CLEARFOG, change include ARMADA38X to include GENERIC, then edit device/CLEARFOG.conf, add this line cp -p ${STAGEDIR}/boot/dtb ${STAGEDIR}/boot/msdos/, this will copy all arm device dtb instead of looking only for clearfog. Hope this will solve both you and rene problem.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: rene_ on October 12, 2019, 04:12:09 pm
Hi Nekoprog,

i attached the output of the boot sequence.

It seems, that the kernel drivers for the Marvell switch and interfaces are missing.

i found them in the freebsd source, but dont know how to add them to the build procedure.

i used the default ARMADA-38X kernel config for my build, and put the prebuilt dtb files from the running pfsense image into my arm image. (still wondering this works ^^)

Kind regards,
René
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: nekoprog on October 13, 2019, 02:00:22 am
Hi Nekoprog,

i attached the output of the boot sequence.

It seems, that the kernel drivers for the Marvell switch and interfaces are missing.

i found them in the freebsd source, but dont know how to add them to the build procedure.

i used the default ARMADA-38X kernel config for my build, and put the prebuilt dtb files from the running pfsense image into my arm image. (still wondering this works ^^)

Kind regards,
René
Have you tried compiling with GENERIC kernel then copy all DTB into /boot/msdos/dtb?
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: dgktkr on October 15, 2019, 11:25:17 pm
rene_,

It looks like you have gotten further in the boot sequence than I have. For ClearFog Base, I've gotten OPNsense base, kernel, packages and arm-3G to build without error. u-boot and ubldr.bin work as expected, but as soon as control is passed to the kernel, the serial console goes non-responsive. I've seen behavior like this before, which turned out to be a device tree/driver problem. The configuration for the serial console in the device tree needed to be changed. That modification works for FreeBSD 12.0 and 12.1, but, so far, I haven't been able to get the console to work with FreeBSD 11.2.

Currently, I'm trying to figure out how to get FreeBSD 11.2 to work with ClearFog Base's console. I may just have to wait a couple of months until OPNsense is migrated to 12.1.

dgktkr
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: orangana on November 13, 2019, 10:44:13 pm
(http://wiki.friendlyarm.com/wiki/images/f/fb/NanoPi_R1S-case1.jpg)
(http://wiki.friendlyarm.com/wiki/images/3/32/NanoPi_R1S-H5-layout.jpg)
(http://wiki.friendlyarm.com/wiki/images/6/6d/Matrix-USB2UART_nanopi_R1S-H3.jpg)

http://wiki.friendlyarm.com/wiki/index.php/NanoPi_R1S-H5

Was there ever a opnsense device for less than $25 which does the job? This could be the first one!  ;D
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: rene_ on November 14, 2019, 06:43:33 pm
This could be interesting  :D
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: dgktkr on November 18, 2019, 07:03:19 am
Do OPNsense builds for arm devices have logging disabled somehow? When using OPNsense as a gateway, "Inspect" shows large number of packets being blocked for some rules, but nothing shows up in the logs even though logging has been selected for those rules.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: kayti on November 23, 2019, 11:44:26 am
Hello, i have problem with running OPNsense on RPI2. Somehow, after installing img from opening post on SD card, RPI2 boots, but after loading kernel screen goes black and device is unresponsive, ETH not working too.
Last msg before black screen is something like:
Booting [/boot/kernel/kernel]...
/boot/dtb/bcm2836-rpi-2-b.dtb size=0x385e
Loaded DTB from file 'bcm2836-rpi-2-b.dtb'.
Kernel entry at 0x200180...
Kernel args: (null)

I tried 2 different SD cards (which both work normally on raspbian).
After that tried to compile myself but on FreeBSD 11.2 amd64 i get errors when # make base DEVICE=RPI2 so compiling is unsuccessful... Something about [clang], already removed VM so can't check. Any idea?
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: nekoprog on November 24, 2019, 01:35:44 am
(http://wiki.friendlyarm.com/wiki/images/f/fb/NanoPi_R1S-case1.jpg)
(http://wiki.friendlyarm.com/wiki/images/3/32/NanoPi_R1S-H5-layout.jpg)
(http://wiki.friendlyarm.com/wiki/images/6/6d/Matrix-USB2UART_nanopi_R1S-H3.jpg)

http://wiki.friendlyarm.com/wiki/index.php/NanoPi_R1S-H5 (http://wiki.friendlyarm.com/wiki/index.php/NanoPi_R1S-H5)

Was there ever a opnsense device for less than $25 which does the job? This could be the first one!  ;D

I prefer at least 1GB of RAM to make it worth the time. Currently I'm working on NanoPi R1 device patch, let's hope FreeBSD accept it.

Hello, i have problem with running OPNsense on RPI2. Somehow, after installing img from opening post on SD card, RPI2 boots, but after loading kernel screen goes black and device is unresponsive, ETH not working too.
Last msg before black screen is something like:
Booting [/boot/kernel/kernel]...
/boot/dtb/bcm2836-rpi-2-b.dtb size=0x385e
Loaded DTB from file 'bcm2836-rpi-2-b.dtb'.
Kernel entry at 0x200180...
Kernel args: (null)

I tried 2 different SD cards (which both work normally on raspbian).
After that tried to compile myself but on FreeBSD 11.2 amd64 i get errors when # make base DEVICE=RPI2 so compiling is unsuccessful... Something about [clang], already removed VM so can't check. Any idea?
These two are different problem entirely.
1. Where do you get the image that hangs on boot?
2. If you have the image ready, why did you stuck on first stage of build? What config did you use with FreeBSD11.2? Need more details so that we can help you better.

Attached here is my RPI2 running OPNsense 20.1, I can confirm that opnsense/tools is working just fine.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: kayti on November 30, 2019, 11:07:55 am
Which version of RPI2 You have? I know, that there are 2 revisions, 2 different SOCs. I have first version with older CPU (V1.1), newer has the same as RPI3 but underclocked (V1.2).

I tried to use image from the first post of this topic. Resulted with black screen after initial booting, last msg was:
Booting [/boot/kernel/kernel]...
/boot/dtb/bcm2836-rpi-2-b.dtb size=0x385e
Loaded DTB from file 'bcm2836-rpi-2-b.dtb'.
Kernel entry at 0x200180...
Kernel args: (null)

After this message screen goes black, and both LEDs on RPI turn off. Ethernet port also is inactive (both LEDs are turned off).

Lately i successfully compiled new IMG from latest OPNSESNSE tools (19.7 on 11.2 FreeBSD). But the result after putting it on SD card is the same. Still black screen. I have now no idea how to tackle it.

EDIT. Can You share Your latest img? Either 19.7 or 20.1, maybe i'm doing something wrong.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: RoyJones on December 03, 2019, 11:37:21 am
Hello,
I used the image "OPNsense-201905020045-OpenSSL-arm-aarch64-rpi3" of https://drive.google.com/drive/folders/1bAWuECNJwu0LdJOpaIn-2MrTKZ8evGNY (https://drive.google.com/drive/folders/1bAWuECNJwu0LdJOpaIn-2MrTKZ8evGNY) NekoProg for my  Raspberry Pi 3 B+.

The following error occurs, it seems he can't find the image he needs to boot. ?

Image: https://ibb.co/4KmTv9q

Does anyone have a solution ?
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: tsgan on December 18, 2019, 01:54:19 pm
Was able to run OPNsense 20.1 on NanoPI R1S H5 version of board.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: marshalleq on January 03, 2020, 08:56:02 am
Looks fantastic - I'm still searching for the perfect board - gotta have two nics somehow and hopefully get close to Gigabit speed. (By close I mean 500+ range is prob good enough.

Now that arm is apparently working, we just need to find the right hardware.  I wonder if there are any network hats and if this will run on Rpi4 given it has a bit of extra RAM and faster bus speed - there could be some options there.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: tsgan on January 03, 2020, 09:12:15 am
Network wise either espressobin or machiatobin is better. IIRC, espressobin is cheapest OPNsense also works.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: marshalleq on January 03, 2020, 10:00:07 am
Great timing, I just through googling actually had success finding espressobin - have googled many times before and found nothing - quite excited now!  The other one is basically the cost of a computer, so not really so keen on that - may as well just get a cheap ryzen on a micro atx or some other low powered x86 cpu for the difference.  Do you happen to know if there's any luck getting pásense or opnsense on the espresso bin?  I'm about to start googling that, but maybe you can give me a head start...  Looks like it could just be another mod to the arm port - that would be exciting.

Thanks,

Edit: Just saw this: https://forum.opnsense.org/index.php?topic=15361.0
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: tsgan on January 03, 2020, 10:08:42 am
pfsense works on this device:

https://www.netgate.com/solutions/pfsense/sg-1100.html

As for OPNsense, you can try my image (it is not official one):

https://people.freebsd.org/~ganbold/OPNsense-201912171639-OpenSSL-arm-aarch64.img.xz

It works for me on espressobin.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: marshalleq on January 04, 2020, 02:02:48 am
I've just been reading the reviews of the espressobin and they don't seem particularly positive.  Any thoughts on that?  They mention heat and faulty hardware and non existent support and forums riddled with spam.  Probably don't need a ton of support, but overheating and faulty hardware sound challenging.  How's your experience been?

Just looking at that SG-1100 - it looks like it will struggle with all but the most basic use cases - and homes are no longer basic with all the video downloads and Skype and netflix, youtube, game sharing and such.  It's actually why I moved to Opnsense on a PC - the Asus router (similar specs to the SG-1100 didn't handle it except for very basic traffic and packet filtering.  If I can't run IDS / IPS, then may as well go back to the ASUS right?

I find the situation quite interesting - the hardware companies are all priced by connection speed with all the top connection speeds typically going to enterprise customers.  They can't seem to quite figure out how to get it to work for any consumer with a Gigabit connection.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: tsgan on January 04, 2020, 03:35:04 am
As for IDS/IPS, suricata doesn't run yet on arm64 hardware.
loos@ said espressobin v7.2 is recommended once they are released.

You can stay with your PC if your usage is so heavy that it can't run on devices.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: max660 on January 05, 2020, 02:21:06 pm
Hi All,
i've a cluster of 5 pi 4's with kvm on each node.
I would like to install opnsense on a vm but i cannot with the imgs files... Could someone can give me an installer in .iso format so i can install it on the vm.
(i've already checked on FreeBSD Page to a file but i've found only .img files)
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: jo3rg on January 11, 2020, 12:14:22 pm
Hi everyone,
has anyone ever tried to port it for armv8 (khadas vim3)?
I think it should have a big performance advantage in crypto things (openvpn) compared to other boards.
Is there any guide on how to setup an environment for crosscompiling?
Thanks and regards
Joerg
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: orangana on January 17, 2020, 05:42:22 am
(http://wiki.friendlyarm.com/wiki/images/f/fb/NanoPi_R1S-case1.jpg)
(http://wiki.friendlyarm.com/wiki/images/3/32/NanoPi_R1S-H5-layout.jpg)
(http://wiki.friendlyarm.com/wiki/images/6/6d/Matrix-USB2UART_nanopi_R1S-H3.jpg)

http://wiki.friendlyarm.com/wiki/index.php/NanoPi_R1S-H5 (http://wiki.friendlyarm.com/wiki/index.php/NanoPi_R1S-H5)

Was there ever a opnsense device for less than $25 which does the job? This could be the first one!  ;D

I prefer at least 1GB of RAM to make it worth the time. Currently I'm working on NanoPi R1 device patch, let's hope FreeBSD accept it.


Then you will like this one more

(https://www.cnx-software.com/wp-content/uploads/2020/01/NanoPi-R2S-Dual-Gigabit-Ethernet-SBC.jpg)

Same same but different. Not only 1GB of ram but also two times true(r)(c)(tm) gigabit Ethernet but and a rk3328 soc
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: Antaris on January 30, 2020, 07:39:26 pm
"o HardenedBSD 12.1 has been postponed to the next major release"
...
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: napyk on February 11, 2020, 06:30:39 pm
pfsense works on this device:

https://www.netgate.com/solutions/pfsense/sg-1100.html

As for OPNsense, you can try my image (it is not official one):

https://people.freebsd.org/~ganbold/OPNsense-201912171639-OpenSSL-arm-aarch64.img.xz

It works for me on espressobin.

I recently received my Espressobin v7 from Amazon and got it working with some modifications. I moved dtb/marvell/armada-3720-espressobin.dtb to efi/boot on the FAT partition and applied the following settings to u-boot (according to freebsd forum (http://freebsd.1045724.x6.nabble.com/Espressobin-anyone-tp6329867p6332913.html)):

Code: [Select]
setenv fdt_name 'efi/boot/armada-3720-espressobin.dtb'
setenv image_name 'efi/boot/bootaa64.efi'
setenv bootmmc 'mmc dev 0; fatload mmc 0:1 $kernel_addr $image_name;fatload mmc 0:1 $fdt_addr $fdt_name; bootefi $kernel_addr $fdt_addr'
run bootmmc

To enable autoboot I added:
Code: [Select]
setenv bootcmd 'mmc dev 0; fatload mmc 0:1 $kernel_addr $image_name;fatload mmc 0:1 $fdt_addr $fdt_name; bootefi $kernel_addr $fdt_addr'

My only problem is that i get the following error on startup:
Code: [Select]
Startup error in /boot/lua/loader.lua:
LUA ERROR: cannot open /boot/lua/loader.lua: invalid argument.

can't load 'kernel'

So I have to run the following code in EFI console on every startup to boot into OPNsense:
Code: [Select]
set currdev=disk0p2
boot

I tried to add a variable for rootdev under System>>Settings>>Tunables but got the same error on a reboot. Did u have the same problem? How did u fix it?
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: kradalby on March 04, 2020, 08:20:39 pm
Info about R2S with dual proper gbit has started to surface:
http://wiki.friendlyarm.com/wiki/index.php/NanoPi_R2S

But its not on their shop yet.

How feasible would it be to build for this? Seems like it uses Rockchip instead of Allwinner.
Title: Re: [Working] OPNsense Ported into ARM Devices
Post by: breakaway on March 17, 2020, 12:26:06 pm
Long story short, the image for RPI-2 is here https://pkg.opnsense.org/FreeBSD:11:armv6/19.1/OPNsense-19.1-test-OpenSSL-arm-armv6-RPI2.img.bz2

Just tried writing this image to a sdcard and booting my raspberry pi 2 (Which I Just dusted off for this purpose) but I can't seem to get this thing to boot up.

I also tried a different SD card incase my first one was faulty. My Pi2 just shows a red light on boot and won't go any further. I know the pi works since I tried the debian image on it and that works.

Any ideas what that could cause that?

Also, I tried building my own by using the instructions shown here https://nekoprog.github.io/pieSense/ But obviously something went wrong and no image was produced unfortunately. I'm a bit lost as to where to go from here.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: cngzjoe on April 08, 2020, 07:07:54 am
(http://wiki.friendlyarm.com/wiki/images/f/fb/NanoPi_R1S-case1.jpg)
(http://wiki.friendlyarm.com/wiki/images/3/32/NanoPi_R1S-H5-layout.jpg)
(http://wiki.friendlyarm.com/wiki/images/6/6d/Matrix-USB2UART_nanopi_R1S-H3.jpg)

http://wiki.friendlyarm.com/wiki/index.php/NanoPi_R1S-H5 (http://wiki.friendlyarm.com/wiki/index.php/NanoPi_R1S-H5)

Was there ever a opnsense device for less than $25 which does the job? This could be the first one!  ;D

I prefer at least 1GB of RAM to make it worth the time. Currently I'm working on NanoPi R1 device patch, let's hope FreeBSD accept it.


Then you will like this one more

(https://www.cnx-software.com/wp-content/uploads/2020/01/NanoPi-R2S-Dual-Gigabit-Ethernet-SBC.jpg)

Same same but different. Not only 1GB of ram but also two times true(r)(c)(tm) gigabit Ethernet but and a rk3328 soc

I will have a NanoPi-R2S in few days. and try to install freebsd first. the try opensense.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: kuleszdl on April 09, 2020, 05:36:15 pm
Hi,

for those of you who managed to build an aarch64 image (e.g. for the NanoPi R1): Which FreeBSD version did you use for compiling and which OPNSense version (20.1 or 20.7) did you build? I tried to build 20.1 using FreeBSD 12.1 and failed.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: tsgan on April 10, 2020, 03:56:23 am
Hi,

for those of you who managed to build an aarch64 image (e.g. for the NanoPi R1): Which FreeBSD version did you use for compiling and which OPNSense version (20.1 or 20.7) did you build? I tried to build 20.1 using FreeBSD 12.1 and failed.

Built natively on FreeBSD 13.0-CURRENT on NanoPC-T4.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: domingocooler on April 17, 2020, 10:01:40 pm
(http://wiki.friendlyarm.com/wiki/images/f/fb/NanoPi_R1S-case1.jpg)
(http://wiki.friendlyarm.com/wiki/images/3/32/NanoPi_R1S-H5-layout.jpg)
(http://wiki.friendlyarm.com/wiki/images/6/6d/Matrix-USB2UART_nanopi_R1S-H3.jpg)

http://wiki.friendlyarm.com/wiki/index.php/NanoPi_R1S-H5 (http://wiki.friendlyarm.com/wiki/index.php/NanoPi_R1S-H5)

looking forward to hear any news from your R2S board.
I really want to

Was there ever a opnsense device for less than $25 which does the job? This could be the first one!  ;D

I prefer at least 1GB of RAM to make it worth the time. Currently I'm working on NanoPi R1 device patch, let's hope FreeBSD accept it.


Then you will like this one more

(https://www.cnx-software.com/wp-content/uploads/2020/01/NanoPi-R2S-Dual-Gigabit-Ethernet-SBC.jpg)

Same same but different. Not only 1GB of ram but also two times true(r)(c)(tm) gigabit Ethernet but and a rk3328 soc

I will have a NanoPi-R2S in few days. and try to install freebsd first. the try opensense.

I'm really looking forward to hear any new from your R2S, I'm really interested in trying out opnsense on this board too.
Thank you in advance if you could share with us what you could find from it.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: kuleszdl on April 18, 2020, 09:15:36 pm
@tsgan: May I ask how much CPU ressources (name idle) are left on your Nanopi platform when running Opnsense with WAN connected?

One thing I'd like to share with this community: It seems like some other people who bought the rockpro64 boards (rk3399) from Pine64 have been also experimenting with adding more poreful NICs using the PCIe slot and running OpenWRT on it.

The Pine64 people are now thinking about providing a case for this board for exactly this router use case. You can read more about it on their blog:

https://www.pine64.org/2020/04/15/april-update-ce-fcc-software-update-and-diy-router/

Since I have the rockpro64 and the NAS case already, I thought about setting this up with OPNSense and just "wasting" the extra room in the case. But I wasn't successful in building OPNSense for arm64 so far, yet,
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: EricE on April 18, 2020, 10:23:00 pm
Glad to see ARM in the works!  The new Ubiquiti kit is ARM instead of MIPS and it would be cool once this ships if it could be used for OpnSense: https://community.ui.com/questions/Introducing-the-UniFi-Next-Gen-Gateway-Product-Line-Starting-with-UXG-Pro-/732dd4dd-10bf-463c-8622-382d77702872

Drivers and booting would be obvious issues to solve but if the price is comparable to the UDM Pro it would be a compelling hardware platform for the money!
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: fegauthier on April 27, 2020, 12:22:35 am
Hi guys!

Does anyone get it worked with the NanoPi R2S? I ordered one and I will try to install Opnsense on it.

Thanks!
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: spikerguy on April 27, 2020, 03:38:27 pm
Hello everyone,

Can we have an Arm category on this fourm?

I will be receiving my engineering samples of Radxa RockPi E which is similar to nanopi-r1s and other RK3328 tiny router boards with 2 lans. Which is enough for home-grade network control.
I also have Edge-v which have FreeBSD port working fine.

I would Like to know if there is any documentation I can follow to natively build opnsense for aarch64. Also I plan to maintain pre-configured images for normal users to flash it to the sd card or emmc to get opnsens running out of the box.
@tsgan Were you able to run opnsense on your T4 ?
Please share the steps to natively build opnsense.

Will be glade to contribute to the project and I have some plans on making a user friendly image to flash on devices which are supported by freebsd.

I have also created a topic Can we install opnsense on existing freebsd (https://forum.opnsense.org/index.php?topic=16979.0)

All the arm users lets collaborate and get a stable opnsense for arm devices including armv7 and armv8.

Feel free to contact me directly, Maybe we can give something back to the opnsense community and make it a standard firewall appliance in regular household as there are too many attacks going on recently.

Thanks.
Furkan K.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: spikerguy on April 28, 2020, 02:09:46 am
Can you advice how I can contribute?
I have rpi3b+
Khadas edge-v - rk3399 - aarch64 already have freebsd image for it.
Bpi-R2 armvh7 freebsd support is wip.

Can you help with simple tutorial  with steps?  Will be very helpful to try.

Thanks for such a great tool.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: orangana on April 30, 2020, 03:30:01 am
"arm support has been postponed to the 30.7 release"

  :-X
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: franco on April 30, 2020, 08:43:52 am
"arm support has been postponed to the 30.7 release"

It will not take ten more years I think. ;)
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: chemlud on April 30, 2020, 12:24:34 pm
...many things that were idealistic in the beginning have turned political over time... :-[
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: spikerguy on April 30, 2020, 12:39:20 pm
Thats for the official arm support but we can contribute to unofficial releases for the device we can get it to work on.

With open source its always possible to add support ourself.
And I don't think it will be a long time to get 30.1

Lets hope for the best.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: nekoprog on April 30, 2020, 12:44:00 pm
Can you advice how I can contribute?
I have rpi3b+
Khadas edge-v - rk3399 - aarch64 already have freebsd image for it.
Bpi-R2 armvh7 freebsd support is wip.

Can you help with simple tutorial  with steps?  Will be very helpful to try.

Thanks for such a great tool.
come join us at opnsense/tools (https://github.com/opnsense/tools) more help needed there on making a generic arm32 arm64 kernel config, but i will not do anything for now, will wait for 20.7 release

"arm support has been postponed to the 30.7 release"

  :-X
;D

...many things that were idealistic in the beginning have turned political over time... :-[
it's hard to keep things working for arm 32bit, since they have too many architecture and different kernel modules. but we can have a generic build for arm64 later.

currently i'm targetting this device http://www.banana-pi.org/r64.html
feel free to use my tools (https://github.com/nekoprog/tools) if you want to test 20.7 build using freebsd 12.1
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: fegauthier on May 01, 2020, 03:47:56 pm
Can you advice how I can contribute?
I have rpi3b+
Khadas edge-v - rk3399 - aarch64 already have freebsd image for it.
Bpi-R2 armvh7 freebsd support is wip.

Can you help with simple tutorial  with steps?  Will be very helpful to try.

Thanks for such a great tool.
come join us at opnsense/tools (https://github.com/opnsense/tools) more help needed there on making a generic arm32 arm64 kernel config, but i will not do anything for now, will wait for 20.7 release

"arm support has been postponed to the 30.7 release"

  :-X
;D

...many things that were idealistic in the beginning have turned political over time... :-[
it's hard to keep things working for arm 32bit, since they have too many architecture and different kernel modules. but we can have a generic build for arm64 later.

currently i'm targetting this device http://www.banana-pi.org/r64.html
feel free to use my tools (https://github.com/nekoprog/tools) if you want to test 20.7 build using freebsd 12.1

Thanks nekoprog

As I mentionned above, my NanoPI R2S is on the way. I will first try to install FreeBSD on it. I will keep you in touch with my progress. Probably, I will have some question to ask you when I will start the process.

Thanks guys!
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: spikerguy on May 02, 2020, 09:25:09 pm
come join us at opnsense/tools (https://github.com/opnsense/tools) more help needed there on making a generic arm32 arm64 kernel config, but i will not do anything for now, will wait for 20.7 release
Do you mean 30.7 ?
It is a git page. I will follow the work there.

it's hard to keep things working for arm 32bit, since they have too many architecture and different kernel modules. but we can have a generic build for arm64 later.

currently i'm targetting this device http://www.banana-pi.org/r64.html
feel free to use my tools (https://github.com/nekoprog/tools) if you want to test 20.7 build using freebsd 12.1


It is true, Very hard to maintain arm32, I have received R2 which is arm32 only. I can get R64 though it only have 1gb ram. Do you want me to order R64 for testing?

I cannot find BPI-R64 support in the tools. I can try building it for RPI-3b+. Let me know what needs to be done for R64.

Thanks for the great work.

UPDATE:
I have understood the whole opnsense tool it makes use of the qemu and uses the existing pkg's to build an image. It is the exact same concept we use at Manjaro ARM project.

Now I need to know whether you have a uboot for R64 or not? I can look into the BPI forum for that. I have also created a thread on BPI Forum for R64 so we can get some more devs to test is. As I am aware that Ray from Freebsd is also working on R2 and R64 so maybe he can help us.
nekoprog@
Let me know.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: nekoprog on May 04, 2020, 05:18:01 pm
if you have any problem, you can open issue at my repo, we will discuss it there
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: spikerguy on May 04, 2020, 07:29:57 pm
if you have any problem, you can open issue at my repo, we will discuss it there

Hi nekoprog,

Please enable issues on your git. I am setting up a virtual machine to build test images and practice on building device specific images.

I am test building RPI3 using xtools then will also try cross-build later.

Do you have BPI-R64 configs? or Nano-Pi T4 ?
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: Akta on May 14, 2020, 09:47:48 am
Hi all,

I am new to OPNSense community, know FreeBSD not too bad. I would like to compile OPNSense for a Nano Pi Neo2. Unfortunately, I cannot find device target for that. As per ther 1st post of this thread, I understand that the Tool is (or has supported) supporting this device.

Where to start :)?

Thanks in advance
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: spikerguy on May 16, 2020, 03:33:44 am
Hello and welcome to the forum,
Currently the tool doesn't support this device, but you can easily add this device to the tools config with the correct uboot.

Then you can built opnsense image for that device.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: fegauthier on May 20, 2020, 06:05:23 pm
Hi spikerguy!

I found the uboot of the Nano Pi R2S here (https://people.freebsd.org/~ganbold/nanopi-r2s/). Is that enough to build OpnSense? I didn't receive my Nano Pi R2S yet. It comes from China...

I'm a little bit lost on how do I build an image for that device. Is there a step by step guide?

Thanks!
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: fegauthier on May 20, 2020, 07:59:28 pm
Ganbold already did an img of FreeBSD 13.0 for the NanoPi R2S (https://people.freebsd.org/~ganbold/FreeBSD-13.0-CURRENT-arm64-aarch64-nanopi-r2s.img.xz).

Is it enough to install Opnsense on it?
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: spikerguy on May 20, 2020, 09:45:32 pm
Yes,

Flash it on an sd card and try it.
Test what all work and then report back on this post if you can help the developers with documenting whats not working so they can try and solve it when they have time.
Currently I am waiting for my devices to be shipped as it is stuck in shipment somewhere.

Thanks for taking interest in this project.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: fegauthier on May 21, 2020, 02:55:29 am
Do you know how to install Opnsense on existing FreeBSD installation? I guess this image is only FreeBSD 13.0 without Opnsense. Is there a way to install Opnsense on existing FreeBSD installation?
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: mipsou on May 22, 2020, 10:42:57 am
Hi all,

I have a MACCIATObin Double Shot. I don't have a dev environment.
I want to help you and testing.

Regards
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: pablot on June 17, 2020, 06:50:20 pm
pfsense works on this device:

https://www.netgate.com/solutions/pfsense/sg-1100.html

As for OPNsense, you can try my image (it is not official one):

https://people.freebsd.org/~ganbold/OPNsense-201912171639-OpenSSL-arm-aarch64.img.xz

It works for me on espressobin.

Can I use it in a V5 espressobin?, any instructions on how to install it?
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: mnoga on June 22, 2020, 04:41:37 pm
I am new here.
Got myself NanoPI R2S, please let me know if you'd like me to test any OPNSense Image.

BTW: something seems to be preventing download of https://people.freebsd.org/~ganbold/OPNsense-201912171639-OpenSSL-arm-aarch64.img.xz

Getting lots of these errors, to the point when it just dies:
Code: [Select]
2020-06-22 15:40:24 (5.81 MB/s) - Connection closed at byte 20316160. Retrying.

--2020-06-22 15:40:24--  (try: 6)  https://people.freebsd.org/~ganbold/OPNsense-201912171639-OpenSSL-arm-aarch64.img.xz
Connecting to people.freebsd.org (people.freebsd.org)|96.47.72.75|:443... connected.
HTTP request sent, awaiting response... 206 Partial Content
Length: 398789268 (380M), 378473108 (361M) remaining [application/octet-stream]
Saving to: ‘OPNsense-201912171639-OpenSSL-arm-aarch64.img.xz.2’

OPNsense-201912171639-OpenSSL-arm-aarch64.img.xz.2           15%[+++++++=============>                                                                                                                     ]  59.58M  12.6MB/s    in 3.9s

2020-06-22 15:40:28 (10.2 MB/s) - Connection closed at byte 62472192. Retrying.

Thanks
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: Webladen31 on June 22, 2020, 10:12:15 pm
Hi,
Same problem when I download freebsd-13.0 for nanopi r2s from same site...
Have you try your img in your nano pi ? It is works?
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: spikerguy on June 27, 2020, 05:57:29 pm
I don't think there is any problem from the ftp side as I have downloaded many image from the same link.
I think the aarch64 image is not a device specific image.
I have placed my order for R2s and hopefully will receive it by the end of july.

I am trying to download the same image and if it is successful then I will try to upload it somewhere on the web for you to download it without any problem.

@nekoprog
with the help of freebsd dev's I have a working freebsd image for Radxa RockPi E and I am working on adding it to your opnsense tools.

Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: wilmardo on July 10, 2020, 02:08:11 pm
BTW: something seems to be preventing download of https://people.freebsd.org/~ganbold/OPNsense-201912171639-OpenSSL-arm-aarch64.img.xz
I was getting the same error but with infinite retries it completed 35 minutes or so:
Code: [Select]
wget --tries=0 https://people.freebsd.org/\~ganbold/OPNsense-201912171639-OpenSSL-arm-aarch64.img.xz

I received my Nanopi R2S today and will try to compile the kernel hopefully soon. My attempts are stored in this repo:
https://github.com/wilmardo/tools/tree/nanopi-r2s

Are there working device configs and kernel configs around for the NanoPi R2s? I am trying to set them up myself but starting from something that is known to work is much nicer.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: mipsou on July 12, 2020, 12:58:17 am
Hi,
In this img, there a no dtb for macchiatobin

i found howto get defconfig for macchiatobin http://wiki.macchiatobin.net/tiki-index.php?page=Build+from+source+-+Kernel

Regards
mipsou

EDIT:
i recommend to Looking https://github.com/openwrt/openwrt/commit/2534141322b0541daa627a516280638c12a262fe

You can see default and some tips hardware.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: mnoga on July 13, 2020, 09:20:54 pm
The only thing that runs for me on NanoPi R2S is ganbold's image of FreeBSD 13 and that's with a caveat that only one ethernet port works, USB ethernet fails with:
ure0: attaching PHYs failed

Full dmesg attached.

I tried armbian and friendly elec's images of friendlywrt and friendly core. They do not even boot. I have a decent 16GB Transcend microsd card and I think I know how to use dd because FreeBSD boots. What can I try next?

Edit: i have managed to run friendlywrt and armbian on NanoPi R2S in the end.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: mnoga on July 14, 2020, 09:43:07 am
Can somebody smarter than me tell how to use serial console with NanoPi R2S?
I use macos Catalina and USB to TTL dongle (CP2102) from ebay. I installed drivers from https://www.silabs.com/products/development-tools/software/usb-to-uart-bridge-vcp-drivers

and get following devices show up:
Code: [Select]
crw-rw-rw-  1 root       wheel   18,   2 14 Jul 08:27 /dev/tty.SLAB_USBtoUART
crw-rw-rw-  1 root  wheel   18,   5 14 Jul 08:27 /dev/cu.usbserial-0001
crw-rw-rw-  1 root       wheel   18,   4 14 Jul 08:27 /dev/tty.usbserial-0001

When i try to connect to any of them with screen:
Code: [Select]
screen /dev/tty.SLAB_USBtoUART 152000 8N1
Gibberish shows up:
Code: [Select]
���������m��������������R�������������ϓɖegr��γt�����������������������������������������������������������������������?���������������������������������������������������������������������������������������������������B��1���6���[���o�2��?����y�O����������������������������������������������������������������������������������������~�������������������������}�������������������_�ᾟ��������������Y�����������������y����������������������������
Edit: turns out the USB to UART I have is CP2102 based which cannot do baud rates higher than 921600 and friendly elec's wiki talks about using 1500000 baud rate. Guess i need a different dongle.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: aesth on July 14, 2020, 04:29:55 pm
I don't know about the FreeBSD image (I will wait for a working OPNsense image, not a developer), but armbian and friendlywrt both worked for me. R2S support will get merged into openwrt, so you won't need friendlywrt anymore.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: mashed2mango on July 21, 2020, 06:00:59 pm
 ;D ;D ;D ;D ;D
Hi guys, i'm new to this,
can someone pls point me towards a working build/image/file of "OPNsense" for "NanoPi-R2S"?
(any version will do, as long as it works) [also where would i get future updates from?]
Many thanks, cheers ^_^

 ;D ;D ;D ;D ;D
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: mnoga on July 21, 2020, 06:38:19 pm
It's very much work in progress with some attempts on github. To produce working image you'd need to cross compile and build it yourself and since nobody has shared any image yet I am not sure if the existing code will produce something that works.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: spikerguy on July 23, 2020, 06:28:27 pm
Can somebody smarter than me tell how to use serial console with NanoPi R2S?
I use macos Catalina and USB to TTL dongle (CP2102) from ebay. I installed drivers from https://www.silabs.com/products/development-tools/software/usb-to-uart-bridge-vcp-drivers

and get following devices show up:
Code: [Select]
crw-rw-rw-  1 root       wheel   18,   2 14 Jul 08:27 /dev/tty.SLAB_USBtoUART
crw-rw-rw-  1 root  wheel   18,   5 14 Jul 08:27 /dev/cu.usbserial-0001
crw-rw-rw-  1 root       wheel   18,   4 14 Jul 08:27 /dev/tty.usbserial-0001

When i try to connect to any of them with screen:
Code: [Select]
screen /dev/tty.SLAB_USBtoUART 152000 8N1
Gibberish shows up:
Code: [Select]
���������m��������������R�������������ϓɖegr��γt�����������������������������������������������������������������������?���������������������������������������������������������������������������������������������������B��1���6���[���o�2��?����y�O����������������������������������������������������������������������������������������~�������������������������}�������������������_�ᾟ��������������Y�����������������y����������������������������
Edit: turns out the USB to UART I have is CP2102 based which cannot do baud rates higher than 921600 and friendly elec's wiki talks about using 1500000 baud rate. Guess i need a different dongle.

Cp2102 have bad support for some of the rk and allwinner soc.

I have it but i cannot use it with some devices.  I have good experience with profolic pl series. 
Id recommend using pl series.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: spikerguy on July 23, 2020, 06:53:08 pm
Hi @nekoprog

I have the Radxa RockPiE and with freebsd team support we have Freebsd running on it with both lan working.

Now I will start looking into opnsens port for the same device.

I am going to build it on native aarch64 device but I have been facing some issue with qemu as your tools are completely based on qemu.

Please check the issues on git.

Thanks.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: mnoga on July 25, 2020, 09:05:57 am
@spikerguy
I would like to contribute to porting to NanoPiR2S. I managed so far:

I was thinking about either building upstream u-boot, or getting u-boot image from Armbian and sticking it all together. But still my understanding of u-boot is quite poor.
And then we have a problem with 1 ethernet coming up and the usb one being down.
If someone could point me in the right direction on the above, then maybe I can make some progress.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: spikerguy on July 25, 2020, 10:06:33 am
@spikerguy
I would like to contribute to porting to NanoPiR2S. I managed so far:
  • Run Ganbold's freebsd image - 1 interface comes up - info posted above
  • Run Armbian/FriendlyWrt
  • Cross Compile various forks of Opnsense from github - so I have at this point cross compiling workflow working - wilmardo's looks promising but it fails when building image due to missing arm_install_uboot
  • Got myself some other usb to uart dongles: one on PL2303HX, other on CP2104
  • Reviewed various videos about u-boot on YT, i get the gist of it but got lost on details what is really required when porting. I have no idea what is uboot missing in here to get it running on R2S: https://github.com/opnsense/tools/compare/master...wilmardo:nanopi-r2s#diff-bd6443d009b4e5cb4bb4487c64127585
  • I have looked at Armbian boot directory for some clues
  • I have examined Armbian images with kpartx to get some ideas

I was thinking about either building upstream u-boot, or getting u-boot image from Armbian and sticking it all together. But still my understanding of u-boot is quite poor.
And then we have a problem with 1 ethernet coming up and the usb one being down.
If someone could point me in the right direction on the above, then maybe I can make some progress.
Hello,
You should be able to build uboot from mainline uboot git and you can flash it on the emmc or sd card from any of the storage you want to use as boot drive.
I have my R2s dispatched but Idk when I will recieve it as it is coming directly from China.  Can you share the bootlog of freebsd on pastebin link?  I want to see which Ethernet device is working and I think Ganbold sir must be busy to not look into r2s lately but an email in mailing list will help.

Let me contact him about this issue.

Thanks for your contribution.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: mnoga on July 25, 2020, 01:03:43 pm
Here you go; dmesg for Ganbold's NanoPI R2S image:
https://pastebin.com/mu5hkLRG

Code: [Select]
uname -a
FreeBSD generic 13.0-CURRENT FreeBSD 13.0-CURRENT #98 r357147:357497M: Fri Feb  7 14:30:10 +08 2020     tsgan@
beastie.mstride.com:/usr/obj/usr/src/arm64.aarch64/sys/GENERIC  arm64
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: spikerguy on July 26, 2020, 12:09:41 am
Yes it looks like only the usb lan was detected and not the omboard rk3328 100mb lan.

Recently gonzo have added support for rk3328 onboard lan. For rockpie which should be similar to r2s

I can only request ganbold sir to look into it while I will wait for my device to arrive until I can reuse their work.

Thanks for the logs.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: mnoga on July 26, 2020, 12:13:35 pm
Can you point me at the ethernet patch in mainline please?
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: spikerguy on July 30, 2020, 05:42:22 pm
I am not sure about it
but here is his git repo.
https://github.com/gonzoua/freebsd

And this is a crochet tool for making aarch64 images for freebsd maintainer by @sl33pwa1k9r
https://github.com/S199pWa1k9r/crochet

Try these and see if it helps.

Good luck.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: spikerguy on August 19, 2020, 05:24:10 pm
Finally we have an image for Radxa RockPiE and it works fine, only issue is the 100mb  card stopped working after the drivers were merged upstream.

Officially post can be found here (https://forum.radxa.com/t/opnsense-20-7-for-rock-pi-e/4104?u=spikerguy)
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: spikerguy on August 22, 2020, 10:57:10 pm
There is a working Opnsense Image for Radxa RockPiE board.

I am currently testing the capability of the board to handle services like av, ids and vpn

VPN seem to work fine for a single user using OpenVPN so far.

Radxa Forum & Image Link (https://forum.radxa.com/t/opnsense-20-7-for-rock-pi-e/4104?u=spikerguy)
Here is my Tweet about it (https://twitter.com/fkardame/status/1297187343263240192?s=20)
OpnSense Tools used to build this image. (https://github.com/S199pWa1k9r/tools)
Once my R2s works then will try to add its support to the tools with the help of the original author Sergey.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: spikerguy on August 26, 2020, 04:33:54 pm
@franco
I cannot find os-clamav and os-icap plugin for aarch64 installation, while freebsd developer tried to compile it but that failed to compile for aarch64.

Can you point us to the right direction to work on plugins for aarch64 so we can test the device performance with respect to file scanning.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: mimugmail on August 26, 2020, 04:42:56 pm
https://github.com/opnsense/tools/blob/master/config/20.7/ports.conf#L164

Remove arm64 ..
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: franco on August 26, 2020, 05:00:27 pm
For plugins.conf also.

We did not enable a lot of plugin software on ARM to avoid dealing with build issues, build time constraints and maybe also runtime issues.


Cheers,
Franco
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: napyk on August 27, 2020, 08:18:28 pm
I finally got a working opnsense on my espressobin v7. I used the img from @tsgan as a base image but wasnt able to autoboot out of the box.

I found someone in the freebsd forum who managed to get a working u-boot version with UEFI support and a FreeBSD version that works.

https://forums.FreeBSD.org/threads/freebsd-for-espressobin-marvell-armada-3700.70910/post-470496 (https://forums.FreeBSD.org/threads/freebsd-for-espressobin-marvell-armada-3700.70910/post-470496)

So I used the u-boot version described in the forum and installed the 12.1 stable kernel to the image of @tsgan and my espressobin autoboots fine now.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: gandalf on September 06, 2020, 09:36:14 am
Héllo all,

I got some espressobin v7...

Is there any links or informations to get opnsense working on it ?

thx
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: vamp on September 18, 2020, 02:59:31 pm
It possible to port it this board?

https://www.asiarf.com/shop/wifi-wlan/wifi_ap_router/wifi-router-board-mtk-mt7621a-mt7615n-2-giga-ethernets-ap7621-il1/

It use MT7621A, that support hardware offload.(hwnat)
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: NostalgicGnome on October 07, 2020, 02:10:18 pm
Hi all,

Has anyone gotten a build working for the RPI4?

Thanks
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: embargo on October 15, 2020, 05:41:54 pm
Hello all,
I've been able to go through the whole process of building OPNsense for my device, but I'm stuck that I need to generate dtb file from specific dts.

I'm using the ARMADA38X and it always compiles the armada-388-clearfog.dtb but I need to use the armada-385-turris-omnia.dts

How can I achieve that? What is the correct option?

Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: markchang on November 30, 2020, 11:30:09 am
Nano pi have recently released a "proper" dual Ethernet ( one onboard RTL8211E and one via PCIe R8111H )
https://wiki.friendlyarm.com/wiki/index.php/NanoPi_R4S (https://wiki.friendlyarm.com/wiki/index.php/NanoPi_R4S)
Is it possible to port OPNsense to this??
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: nekoprog on December 03, 2020, 12:44:29 pm
Nano pi have recently released a "proper" dual Ethernet ( one onboard RTL8211E and one via PCIe R8111H )
https://wiki.friendlyarm.com/wiki/index.php/NanoPi_R4S (https://wiki.friendlyarm.com/wiki/index.php/NanoPi_R4S)
Is it possible to port OPNsense to this??

I believe you can port this board.

First you need to compile uboot for rk3399, then put the compiled .bin file to custom folder, make new device config and set that custom folder inside config, build opnsense/tools with that custom device config

Go to my github fork and post new issue if need futher details.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: arviox on December 10, 2020, 10:30:46 pm
Id love to see an armv8 port, any chance to see one?
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: tsgan on December 11, 2020, 12:09:03 pm
OPNsense on NanoPI R4S

Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: tsgan on December 11, 2020, 12:19:08 pm
more screenshot
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: akron on December 11, 2020, 03:31:54 pm
OPNsense on NanoPI R4S

this is looking great,

any chance of sharing the OS image ?

I guess some non developer users would be looking for a basic guide how to compile the code for different SBCs, and inject different drivers and uboot configuration.

if you have access to a basic guide with steps to follow please let us know.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: spikerguy on December 11, 2020, 07:15:38 pm
Hello akron,

It is easy to compile if you have freebsd running.

You can use latest crochet maintained by sl33pw@lk3r.

We try to add more board support to his git as I have been using opnsense since few months on RockpiE and now as I have recieved by R2S i will start working on it soon.
https://github.com/S199pWa1k9r/crochet

Hello sir @tsgan happy to see you here, might need your help with R2s as I've been testing it with a very old image from the freebsd people server.

I will get back on mailing list soon.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: markchang on December 15, 2020, 11:46:55 am
May i ask whats the difference between using crochet and opnsense/tools?
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: spikerguy on December 17, 2020, 11:41:16 pm
Crochet is freebsd tools for freebsd image but also have opnsense  thanks to sergey. Using this you can make freebsd image or opnsense image.

Opnsense tools is purely opnsense image.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: MrNessuno on January 02, 2021, 08:26:52 pm
I recently received an Orange Pi Zero 2, there are some compatible versions or versions that I can test? Let me know :)
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: yrzr on February 09, 2021, 11:04:24 am
I have recently built a version 21.1 test image (https://ftp.yrzr.tk/opnsense/FreeBSD%3A12%3Aaarch64/21.1/images/) for rpi3 (may also work on rpi4).

Feel free to try it, and don't forget to modify config.txt before the first run ;).

------------

update on 2021-02-24

An updated image is now out, which works properly on rpi3b+ with the advice of @testo_cz.

Moreover, after the first boot, add `hw.uart.console=""` to /boot/loader.conf.local or the console will goes nowhere in the next boot.

Finally, you can use https://ftp.yrzr.tk/opnsense/ as the Repo to get almost all the plugins as if on amd64. Edit /usr/local/etc/pkg/repos/OPNsense.conf:

Code: [Select]
OPNsense: {
  fingerprints: "/usr/local/etc/pkg/fingerprints/OPNsense",
  url: "https://ftp.yrzr.tk/opnsense/${ABI}/21.1/latest",
  signature_type: "NONE",
  mirror_type: "NONE",
  priority: 11,
  enabled: yes
}

------------

update on 2021-03-25

Thanks to @nekoprog's code and @testo_cz's advice, the RPI3 images now work fine with the serial console.

I have also made a rough introduction to the images on https://www.yrzr.tk/opnsense-images-for-aarch64.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: testo_cz on February 17, 2021, 10:50:57 am
I have recently built a version 21.1 test image (https://ftp.yrzr.tk/opnsense/build/21.1/aarch64/images/) for rpi3 (may also work on rpi4).

Feel free to try it, and don't forget to modify config.txt before the first run ;).

Hi

Thanks for sharing.

I got lost in this thread about How to build RPi3 image. There's too many forks of codes. Which git/source or git/crochet you actually used to build your image pls ?

I'd like to reuse my RPi3, simply.


Update: my RPi 3b+ does not boot with your test-image and using config_rpi3.txt.
 Gets stucked after:
CPU  3: ARM Cortex-A53 r0p4 affinity:  3

BTW: the screenshot shows Cortex-A72 , does that mean you successfully run in on RPi 4 too ?

BTW2: It seem there might be a progress soon:
https://github.com/opnsense/tools/pull/203

Thanks
T.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: chemlud on February 18, 2021, 04:08:28 pm
I have recently built a version 21.1 test image (https://ftp.yrzr.tk/opnsense/build/21.1/aarch64/images/) for rpi3 (may also work on rpi4).

Feel free to try it, and don't forget to modify config.txt before the first run ;).

Edited config.txt and opnsense up and running, but no Interfaces detected, not the built-in RJ45, not the wifi, not the USB2-RJ45. All hardware OK, as everything works as expected with opensuse Leap on the raspi 3b (not 3b+). I tried with raspi 3 config.txt, with 64bit version etc. and added uart=1 to have serial consol over GPIO.

Did anybody get this running?

PS: some info

Code: [Select]
dmesg
---<<BOOT>>---
KDB: debugger backends: ddb
KDB: current backend: ddb
Copyright (c) 2013-2019 The HardenedBSD Project.
Copyright (c) 1992-2019 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
        The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 12.1-RELEASE-p13-HBSD #0  5a4151730(stable/21.1)-dirty: Fri Jan  8 01:33:30 UTC 2021
    root@generic:/usr/obj/usr/src/arm64.aarch64/sys/SMP-ARM arm64
FreeBSD clang version 8.0.1 (tags/RELEASE_801/final 366581) (based on LLVM 8.0.1)
VT(efifb): resolution 656x416
HardenedBSD: initialize and check features (__HardenedBSD_version 1200059 __FreeBSD_version 1201000).
Starting CPU 1 (1)
Starting CPU 2 (2)
Starting CPU 3 (3)
FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs
random: unblocking device.
random: entropy device external interface
MAP 39f47000 mode 2 pages 1
MAP 39f4b000 mode 2 pages 3
MAP 39f4f000 mode 2 pages 4
MAP 3b360000 mode 2 pages 16
MAP 3f100000 mode 1 pages 1
000.000021 [4336] netmap_init               netmap: loaded module
kbd0 at kbdmux0
ofwbus0: <Open Firmware Device Tree>
simplebus0: <Flattened device tree simple bus> on ofwbus0
ofw_clkbus0: <OFW clocks bus> on ofwbus0
clk_fixed0: <Fixed clock> on ofw_clkbus0
clk_fixed1: <Fixed clock> on ofw_clkbus0
regfix0: <Fixed Regulator> on ofwbus0
regfix1: <Fixed Regulator> on ofwbus0
simple_mfd0: <Simple MFD (Multi-Functions Device)> on simplebus0
ofw_clkbus1: <OFW clocks bus> on simple_mfd0
psci0: <ARM Power State Co-ordination Interface Driver> on ofwbus0
lintc0: <BCM2836 Interrupt Controller> mem 0x40000000-0x400000ff on simplebus0
intc0: <BCM2835 Interrupt Controller> mem 0x7e00b200-0x7e00b3ff irq 39 on simplebus0
gpio0: <BCM2708/2835 GPIO controller> mem 0x7e200000-0x7e2000b3 irq 7,8 on simplebus0
gpiobus0: <OFW GPIO bus> on gpio0
generic_timer0: <ARMv7 Generic Timer> irq 1,2,3,4 on ofwbus0
Timecounter "ARM MPCore Timecounter" frequency 19200000 Hz quality 1000
Event timer "ARM MPCore Eventtimer" frequency 19200000 Hz quality 1000
usb_nop_xceiv0: <USB NOP PHY> on ofwbus0
mbox0: <BCM2835 VideoCore Mailbox> mem 0x7e00b880-0x7e00b8bf irq 6 on simplebus0
gpioc0: <GPIO controller> on gpio0
uart0: <PrimeCell UART (PL011)> mem 0x7e201000-0x7e2011ff irq 9 on simplebus0
uart0: console (115200,n,8,1)
spi0: <BCM2708/2835 SPI controller> mem 0x7e204000-0x7e2041ff irq 11 on simplebus0
spibus0: <OFW SPI bus> on spi0
spibus0: <unknown card> at cs 0 mode 0
spibus0: <unknown card> at cs 1 mode 0
iichb0: <BCM2708/2835 BSC controller> mem 0x7e804000-0x7e804fff irq 19 on simplebus0
bcm283x_dwcotg0: <DWC OTG 2.0 integrated USB controller (bcm283x)> mem 0x7e980000-0x7e98ffff,0x7e006000-0x7e006fff irq 21,20
usbus0 on bcm283x_dwcotg0
bcm_dma0: <BCM2835 DMA Controller> mem 0x7e007000-0x7e007eff irq 23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38 on simpleb0
bcmwd0: <BCM2708/2835 Watchdog> mem 0x7e100000-0x7e100113,0x7e00a000-0x7e00a023 on simplebus0
bcmrng0: <Broadcom BCM2835 RNG> mem 0x7e104000-0x7e10400f irq 40 on simplebus0
sdhci_bcm0: <Broadcom 2708 SDHCI controller> mem 0x7e300000-0x7e3000ff irq 48 on simplebus0
mmc0: <MMC/SD bus> on sdhci_bcm0
fb0: <BCM2835 VT framebuffer driver> on simplebus0
fbd0 on fb0
VT: Replacing driver "efifb" with new "fb".
fb0: 656x416(656x416@0,0) 24bpp
fb0: fbswap: 1, pitch 1968, base 0x3eb33000, screen_size 818688
pmu0: <Performance Monitoring Unit> irq 0 on ofwbus0
cpulist0: <Open Firmware CPU Group> on ofwbus0
cpu0: <Open Firmware CPU> on cpulist0
bcm2835_cpufreq0: <CPU Frequency Control> on cpu0
cpu1: <Open Firmware CPU> on cpulist0
cpu2: <Open Firmware CPU> on cpulist0
cpu3: <Open Firmware CPU> on cpulist0
gpioled0: <GPIO LEDs> on ofwbus0
gpioled0: <led0> failed to map pin
gpioled0: <led1> failed to map pin
cryptosoft0: <software crypto>
Timecounters tick every 1.000 msec
usbus0: 480Mbps High Speed USB v2.0
iicbus0: <OFW I2C bus> on iichb0
iic0: <I2C generic I/O> on iicbus0
ugen0.1: <DWCOTG OTG Root HUB> at usbus0
uhub0: <DWCOTG OTG Root HUB, class 9/0, rev 2.00/1.00, addr 1> on usbus0
mmcsd0: 16GB <SDHC SL16G 8.0 SN 682835FD MFG 04/2016 by 3 SD> at mmc0 50.0MHz/4bit/65535-block
bcm2835_cpufreq0: ARM 600MHz, Core 250MHz, SDRAM 400MHz, Turbo OFF
uhub0: 1 port with 1 removable, self powered
Release APs...done
CPU  0: ARM Cortex-A53 r0p4 affinity:  0
Trying to mount root from ufs:/dev/ufs/OPNsense [rw]...
 Instruction Set Attributes 0 = <CRC32>
 Instruction Set Attributes 1 = <>
         Processor Features 0 = <AdvSIMD,Float,EL3 32,EL2 32,EL1 32,EL0 32>
         Processor Features 1 = <0>
      Memory Model Features 0 = <4k Granule,64k Granule,S/NS Mem,MixedEndian,16bit ASID,1TB PA>
      Memory Model Features 1 = <>
      Memory Model Features 2 = <32b CCIDX,48b VA>
             Debug Features 0 = <2 CTX Breakpoints,4 Watchpoints,6 Breakpoints,PMUv3,Debug v8>
             Debug Features 1 = <0>
         Auxiliary Features 0 = <0>
         Auxiliary Features 1 = <0>
CPU  1: ARM Cortex-A53 r0p4 affinity:  1
CPU  2: ARM Cortex-A53 r0p4 affinity:  2
CPU  3: ARM Cortex-A53 r0p4 affinity:  3
Warning: no time-of-day clock registered, system time will not be set accurately
lo0: link state changed to UP
pflog0: promiscuous mode enabled
pflog0: promiscuous mode disabled
pflog0: promiscuous mode enabled
pflog0: promiscuous mode disabled
pflog0: promiscuous mode enabled

and

Code: [Select]
usbconfig
ugen0.1: <DWCOTG OTG Root HUB> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA)

Fun fact: If you choose "reboot" the install never comes back (tried about 20 times), but stops before booting

Code: [Select]
*** OPNsense.localdomain: OPNsense 21.1_25 (aarch64/OpenSSL) ***

        No network interfaces are assigned.

  0) Logout                              7) Ping host
  1) Assign interfaces                   8) Shell
  2) Set interface IP address            9) pfTop
  3) Reset the root password            10) Firewall log
  4) Reset to factory defaults          11) Reload all services
  5) Power off system                   12) Update from console
  6) Reboot system                      13) Restore a backup

Enter an option: 6

The system will reboot. Do you want to proceed? [y/N]: y

>>> Invoking stop script 'beep'
>>> Invoking stop script 'freebsd'
>>> Invoking stop script 'backup'
>>> Invoking backup script 'captiveportal'
>>> Invoking backup script 'dhcpleases'
>>> Invoking backup script 'duid'
>>> Invoking backup script 'netflow'
>>> Invoking backup script 'rrd'
>>> Invoking stop script 'config'
shutdown: [pid 9305]
Shutdown NOW!
Consoles: EFI console 
    Reading loader env vars from /efi/freebsd/loader.env
Setting currdev to disk0p1:
FreeBSD/arm64 EFI loader, Revision 1.1
(Thu Jan  7 07:14:48 UTC 2021 root@releng1.nyi.freebsd.org)

   Command line arguments: loader.efi
   Image base: 0x39e16000
   EFI version: 2.80
   EFI Firmware: Das U-Boot (rev 8224.4096)
   Console: comconsole (0)
   Load Path: /efi\boot\bootaa64.efi
   Load Device: /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(2)/SD(0)/HD(1,0x01,0,0x800,0x10000)
Trying ESP: /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(2)/SD(0)/HD(1,0x01,0,0x800,0x10000)
Setting currdev to disk0p1:
Trying: /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(2)/SD(0)/HD(2,0x01,0,0x10800,0x3ef800)
Setting currdev to disk0p2:
Loading /boot/defaults/loader.conf
Loading /boot/device.hints
Loading /boot/loader.conf
Loading /boot/loader.conf.local
[H[J[4;46H uKOS2qsmkfe38kEuXLimP+7XoBiuIt5k[5;46H BMHardenedBSDxfOL9QwvfA6yxGHkNMG[6;46H 2I7ADmw7Mp/P8Y4wjnBFDNKvNzdZa/uu[5
[25;0H[23;4HAutoboot in 2 seconds, hit [Enter] to boot or any other key to stop     
[25;0H[23;4HAutoboot in 1 seconds, hit [Enter] to boot or any other key to stop     
[25;0H[23;4HAutoboot in 0 seconds, hit [Enter] to boot or any other key to stop     
[25;0HLoading kernel...
/boot/kernel/kernel text=0x9857d0 data=0x19b1f0+0x7a3084 syms=[0x8+0x142260+0x8+0x12dbac]
Loading configured modules...
/boot/kernel/pflog.ko text=0xfb0 text=0x830 data=0x10148 syms=[0x8+0x9f0+0x8+0x716]
loading required module 'pf'
/boot/kernel/pf.ko text=0x6061 text=0x2cb90 data=0x10490+0xfd38 syms=[0x8+0x4170+0x8+0x308c]
/boot/kernel/if_enc.ko text=0x1602 text=0x8d0 data=0x10168 syms=[0x8+0xc90+0x8+0xb66]
/boot/kernel/pfsync.ko text=0x2e14 text=0x6ad0 data=0x102e8+0xfd20 syms=[0x8+0x1758+0x8+0x10f0]
/boot/kernel/carp.ko text=0x34c0 text=0x63d0 data=0x10258+0xfdf0 syms=[0x8+0x1980+0x8+0x121f]
/boot/kernel/if_bridge.ko text=0x351e text=0x69a0 data=0x10428+0xfbe0 syms=[0x8+0x1a40+0x8+0x14a3]
loading required module 'bridgestp'
/boot/kernel/bridgestp.ko text=0xe44 text=0x402c data=0x170 data=0x158+0x28 syms=[0x8+0xb10+0x8+0x690]
/boot/kernel/if_tap.ko text=0x2613 text=0x2b90 data=0x10160+0xff18 syms=[0x8+0x1260+0x8+0xbc4]
/boot/kernel/if_lagg.ko text=0x35c0 text=0x7c30 data=0x10440+0xfbc8 syms=[0x8+0x1a70+0x8+0x1325]
/boot/kernel/if_gre.ko text=0x2458 text=0x4640 data=0x10228+0xfe18 syms=[0x8+0x1668+0x8+0xf17]
/boot/entropy size=0x1000
Using DTB provided by EFI at 0x7ef5000.
EFI framebuffer information:
addr, size     0x3eaf0000, 0x10a800
dimensions     656 x 416
stride         656
masks          0x00ff0000, 0x0000ff00, 0x000000ff, 0xff000000
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: testo_cz on February 20, 2021, 06:14:10 pm
@yrzr
@chemlud

Hi . I've just build 20.7.8 from nekoprog's github for RPi3.
I think the problem  of missing network card is the same: "the second USB is missing"

Because when RELEASE-12.1 is booted, there it is:

ugen0.2: <vendor 0x0424 product 0x2514> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (2mA)
ugen0.3: <vendor 0x0424 product 0x2514> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (2mA)
ugen0.4: <vendor 0x0424 product 0x7800> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=ON (2mA)

So I copied bcm2710-rpi-3-b.dtb,  bcm2710-rpi-3-b-plus.dtb and ./dtb/ from the RELEASE-12.1 to my OPNsense image and its fine.

I assume its upstream rpi-firmware package which does this in both cases of image build.

Cheers
T.

Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: chemlud on February 20, 2021, 07:03:23 pm
Hi testo!

Makes sense. But won't help with the no-reboot issues, I guess...

Will give it a try. :-D
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: chemlud on February 21, 2021, 04:41:13 pm
Took the image by @yrzr and copied over from FreeBSD 12.1 ARM the /dtb as well as  bcm2710-rpi-3-b.dtb,  bcm2710-rpi-3-b-plus.dtb.

Now USB detected but won't mount OPPNsense...

Code: [Select]
Consoles: EFI console 
    Reading loader env vars from /efi/freebsd/loader.env
Setting currdev to disk0p1:
FreeBSD/arm64 EFI loader, Revision 1.1
(Thu Jan  7 07:14:48 UTC 2021 root@releng1.nyi.freebsd.org)

   Command line arguments: loader.efi
   Image base: 0x39e17000
   EFI version: 2.80
   EFI Firmware: Das U-Boot (rev 8224.4096)
   Console: comconsole (0)
   Load Path: /efi\boot\bootaa64.efi
   Load Device: /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(0)/SD(0)/HD(1,0x01,0,0x800,0)
Trying ESP: /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(0)/SD(0)/HD(1,0x01,0,0x800,0x100)
Setting currdev to disk0p1:
Trying: /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(0)/SD(0)/HD(2,0x01,0,0x10800,0x3ef80)
Setting currdev to disk0p2:
Loading /boot/defaults/loader.conf
Loading /boot/device.hints
Loading /boot/loader.conf
Loading /boot/loader.conf.local
[0;37;40m[H[J[9;47H[muKOS2qsmkfe38kEuXLimP+7XoBiuIt5k[10;47HBM[36mHardened[34mBSD[mxfOL9Qwv5
[25;0H[23;4HAutoboot in 0 seconds, hit [Enter] to boot or any other key to stop     
[25;0HLoading kernel...
/boot/kernel/kernel text=0x9857d0 data=0x19b1f0+0x7a3084 syms=[0x8+0x142260+0x8+0x12dbac]
Loading configured modules...
/boot/kernel/if_bridge.ko text=0x351e text=0x69a0 data=0x10428+0xfbe0 syms=[0x8+0x1a40+0x8+0]
loading required module 'bridgestp'
/boot/kernel/bridgestp.ko text=0xe44 text=0x402c data=0x170 data=0x158+0x28 syms=[0x8+0xb10+]
/boot/kernel/if_enc.ko text=0x1602 text=0x8d0 data=0x10168 syms=[0x8+0xc90+0x8+0xb66]
/boot/kernel/carp.ko text=0x34c0 text=0x63d0 data=0x10258+0xfdf0 syms=[0x8+0x1980+0x8+0x121f]
/boot/kernel/if_lagg.ko text=0x35c0 text=0x7c30 data=0x10440+0xfbc8 syms=[0x8+0x1a70+0x8+0x1]
/boot/kernel/pfsync.ko text=0x2e14 text=0x6ad0 data=0x102e8+0xfd20 syms=[0x8+0x1758+0x8+0x10]
loading required module 'pf'
/boot/kernel/pf.ko text=0x6061 text=0x2cb90 data=0x10490+0xfd38 syms=[0x8+0x4170+0x8+0x308c]
/boot/kernel/pflog.ko text=0xfb0 text=0x830 data=0x10148 syms=[0x8+0x9f0+0x8+0x716]
/boot/kernel/if_tap.ko text=0x2613 text=0x2b90 data=0x10160+0xff18 syms=[0x8+0x1260+0x8+0xbc]
/boot/entropy size=0x1000
/boot/kernel/if_gre.ko text=0x2458 text=0x4640 data=0x10228+0xfe18 syms=[0x8+0x1668+0x8+0xf1]
Using DTB provided by EFI at 0x7ef6000.
EFI framebuffer information:
addr, size     0x3e536000, 0x6baa80
dimensions     1680 x 1050
stride         1680
masks          0x00ff0000, 0x0000ff00, 0x000000ff, 0xff000000
---<<BOOT>>---
KDB: debugger backends: ddb
KDB: current backend: ddb
Copyright (c) 2013-2019 The HardenedBSD Project.
Copyright (c) 1992-2019 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
        The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 12.1-RELEASE-p13-HBSD #0  5a4151730(stable/21.1)-dirty: Fri Jan  8 01:33:30 UTC 2021
    root@generic:/usr/obj/usr/src/arm64.aarch64/sys/SMP-ARM arm64
FreeBSD clang version 8.0.1 (tags/RELEASE_801/final 366581) (based on LLVM 8.0.1)
VT(efifb): resolution 1680x1050
HardenedBSD: initialize and check features (__HardenedBSD_version 1200059 __FreeBSD_version .
Starting CPU 1 (1)
Starting CPU 2 (2)
Starting CPU 3 (3)
FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs
random: unblocking device.
random: entropy device external interface
MAP 39f48000 mode 2 pages 1
MAP 39f4c000 mode 2 pages 3
MAP 39f50000 mode 2 pages 4
MAP 3b360000 mode 2 pages 16
MAP 3f100000 mode 1 pages 1
000.000021 [4336] netmap_init               netmap: loaded module
kbd0 at kbdmux0
ofwbus0: <Open Firmware Device Tree>
simplebus0: <Flattened device tree simple bus> on ofwbus0
ofw_clkbus0: <OFW clocks bus> on ofwbus0
clk_fixed0: <Fixed clock> on ofw_clkbus0
clk_fixed1: <Fixed clock> on ofw_clkbus0
regfix0: <Fixed Regulator> on ofwbus0
regfix1: <Fixed Regulator> on ofwbus0
psci0: <ARM Power State Co-ordination Interface Driver> on ofwbus0
lintc0: <BCM2836 Interrupt Controller> mem 0x40000000-0x400000ff on simplebus0
intc0: <BCM2835 Interrupt Controller> mem 0x7e00b200-0x7e00b3ff irq 20 on simplebus0
gpio0: <BCM2708/2835 GPIO controller> mem 0x7e200000-0x7e2000b3 irq 23,24 on simplebus0
gpiobus0: <OFW GPIO bus> on gpio0
generic_timer0: <ARMv7 Generic Timer> irq 0,1,2,3 on ofwbus0
Timecounter "ARM MPCore Timecounter" frequency 19200000 Hz quality 1000
Event timer "ARM MPCore Eventtimer" frequency 19200000 Hz quality 1000
usb_nop_xceiv0: <USB NOP PHY> on ofwbus0
bcm_dma0: <BCM2835 DMA Controller> mem 0x7e007000-0x7e007eff irq 4,5,6,7,8,9,10,11,12,13,14,0
bcmwd0: <BCM2708/2835 Watchdog> mem 0x7e100000-0x7e100027 on simplebus0
bcmrng0: <Broadcom BCM2835 RNG> mem 0x7e104000-0x7e10400f irq 21 on simplebus0
mbox0: <BCM2835 VideoCore Mailbox> mem 0x7e00b880-0x7e00b8bf irq 22 on simplebus0
gpioc0: <GPIO controller> on gpio0
uart0: <PrimeCell UART (PL011)> mem 0x7e201000-0x7e201fff irq 25 on simplebus0
sdhost_bcm0: <Broadcom 2708 SDHOST controller> mem 0x7e202000-0x7e2020ff irq 26 on simplebus0
sdhost_bcm0-slot0: Hardware doesn't specify timeout clock frequency, setting BROKEN_TIMEOUT .
mmc0: <MMC/SD bus> on sdhost_bcm0
spi0: <BCM2708/2835 SPI controller> mem 0x7e204000-0x7e204fff irq 27 on simplebus0
spibus0: <OFW SPI bus> on spi0
spibus0: <unknown card> at cs 0 mode 0
spibus0: <unknown card> at cs 1 mode 0
uart1: <BCM2835 Mini-UART> mem 0x7e215040-0x7e21507f irq 33 on simpuart1: console (115200,n,)
iichb0: <BCM2708/2835 BSC controller> mem 0x7e804000-0x7e804fff irq 40 on simplebus0
bcm283x_dwcotg0: <DWC OTG 2.0 integrated USB controller (bcm283x)> mem 0x7e980000-0x7e98ffff0
usbus0 on bcm283x_dwcotg0
sdhci_bcm0: <Broadcom 2708 SDHCI controller> mem 0x7e300000-0x7e3000ff irq 49 on simplebus0
mmc1: <MMC/SD bus> on sdhci_bcm0
fb0: <BCM2835 VT framebuffer driver> on simplebus0
fbd0 on fb0
VT: Replacing driver "efifb" with new "fb".
fb0: 1680x1050(1680x1050@0,0) 24bpp
fb0: fbswap: 1, pitch 5040, base 0x3e6e7000, screen_size 5322240
pmu0: <Performance Monitoring Unit> irq 53 on simplebus0
cpulist0: <Open Firmware CPU Group> on ofwbus0
cpu0: <Open Firmware CPU> on cpulist0
bcm2835_cpufreq0: <CPU Frequency Control> on cpu0
cpu1: <Open Firmware CPU> on cpulist0
cpu2: <Open Firmware CPU> on cpulist0
cpu3: <Open Firmware CPU> on cpulist0
gpioled0: <GPIO LEDs> on ofwbus0
gpioled0: <led0> failed to map pin
gpioled0: <led1> failed to map pin
cryptosoft0: <software crypto>
Timecounters tick every 1.000 msec
usbus0: 480Mbps High Speed USB v2.0
ugen0.1: <DWCOTG OTG Root HUB> at usbus0
uhub0: <DWCOTG OTG Root HUB, class 9/0, rev 2.00/1.00, addr 1> on usbus0
mmcsd0: 16GB <SDHC SL16G 8.0 SN 682835FD MFG 04/2016 by 3 SD> at mmc0 50.0MHz/4bit/65535-blok
iicbus0: <OFW I2C bus> on iichb0
iic0: <I2C generic I/O> on iicbus0
mmc1: No compatible cards found on bus
mbox0: mbox response error
bcm2835_cpufreq0: can't get max voltage
bcm2835_cpufreq0: ARM 600MHz, Core 400MHz, SDRAM 400MHz, Turbo OFF
mbox0: mbox response error
bcm2835_cpufreq0: can't set clock rate (id=3)
mbox0: mbox response error
bcm2835_cpufreq0: can't set clock rate (id=4)
uhub0: 1 port with 1 removable, self powered
ugen0.2: <vendor 0x0424 product 0x9514> at usbus0
uhub1 on uhub0
uhub1: <vendor 0x0424 product 0x9514, class 9/0, rev 2.00/2.00, addr 2> on usbus0
uhub1: MTT enabled
uhub1: 5 ports with 4 removable, self powered
ugen0.3: <vendor 0x0424 product 0xec00> at usbus0
smsc0 on uhub1
smsc0: <vendor 0x0424 product 0xec00, rev 2.00/2.00, addr 3> on usbus0
smsc0: chip 0xec00, rev. 0002
miibus0: <MII bus> on smsc0
smscphy0: <SMC LAN8700 10/100 interface> PHY 1 on miibus0
smscphy0:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
ue0: <USB Ethernet> on smsc0
ue0: Ethernet address: b8:27:eb:16:56:a8
ugen0.4: <ASIX Elec. Corp. AX88x72A> at usbus0
ugen0.5: <ASIX Elec. Corp. AX88x72A> at usbus0
ugen0.6: <vendor 0x1a40 USB 2.0 Hub> at usbus0
uhub2 on uhub1
uhub2: <vendor 0x1a40 USB 2.0 Hub, class 9/0, rev 2.00/1.11, addr 6> on usbus0
uhub2: 4 ports with 4 removable, self powered
ugen0.7: <vendor 0x046a product 0x0023> at usbus0
ukbd0 on uhub2
ukbd0: <vendor 0x046a product 0x0023, class 0/0, rev 2.00/2.20, addr 7> on usbus0
kbd1 at ukbd0
ugen0.8: <Primax Kensington Eagle Trackball> at usbus0
Release APs...done
CPU  0: ARM Cortex-A53 r0p4 affinity:  0
Trying to mount root from ufs:/dev/ufs/OPNsense [rw]...
 Instruction Set Attributes 0 = <CRC32>
mountroot: waiting for device /dev/ufs/OPNsense...
 Instruction Set Attributes 1 = <>
         Processor Features 0 = <AdvSIMD,Float,EL3 32,EL2 32,EL1 32,EL0 32>
         Processor Features 1 = <0>
      Memory Model Features 0 = <4k Granule,64k Granule,S/NS Mem,MixedEndian,16bit ASID,1TB >
      Memory Model Features 1 = <>
      Memory Model Features 2 = <32b CCIDX,48b VA>
             Debug Features 0 = <2 CTX Breakpoints,4 Watchpoints,6 Breakpoints,PMUv3,Debug v>
             Debug Features 1 = <0>
         Auxiliary Features 0 = <0>
         Auxiliary Features 1 = <0>
CPU  1: ARM Cortex-A53 r0p4 affinity:  1
CPU  2: ARM Cortex-A53 r0p4 affinity:  2
CPU  3: ARM Cortex-A53 r0p4 affinity:  3
Mounting from ufs:/dev/ufs/OPNsense failed with error 19.

Loader variables:
  vfs.root.mountfrom=ufs:/dev/ufs/OPNsense
  vfs.root.mountfrom.options=rw

Manual root filesystem specification:
  <fstype>:<device> [options]
      Mount <device> using filesystem <fstype>
      and with the specified (optional) option list.

    eg. ufs:/dev/da0s1a
        zfs:zroot/ROOT/default
        cd9660:/dev/cd0 ro
          (which is equivalent to: mount -t cd9660 -o ro /dev/cd0 /)

  ?               List valid disk boot devices
  .               Yield 1 second (for background tasks)
  <empty line>    Abort manual input

mountroot>
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: chemlud on February 21, 2021, 06:57:51 pm
FreeBSD 12.2 boots just fine...

Code: [Select]
root@generic:~ # usbconfig
ugen0.1: <DWCOTG OTG Root HUB> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA)
ugen0.2: <vendor 0x0424 product 0x9514> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE)
ugen0.3: <vendor 0x0424 product 0xec00> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=ON ()
ugen0.4: <ASIX Elec. Corp. AX88x72A> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=ON (250)
ugen0.5: <ASIX Elec. Corp. AX88x72A> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=ON (250)
root@generic:~ #
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: rega on February 21, 2021, 08:33:57 pm
Hi

Could this work with Orange Pi R1 Plus (http://www.orangepi.org/Orange%20Pi%20R1%20Plus/)? It has dual gigabit, easier to get and cheap.

Thanks
rega
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: testo_cz on February 21, 2021, 11:00:23 pm
Took the image by @yrzr and copied over from FreeBSD 12.1 ARM the /dtb as well as  bcm2710-rpi-3-b.dtb,  bcm2710-rpi-3-b-plus.dtb.

Now USB detected but won't mount OPPNsense...

Code: [Select]
Consoles: EFI console 
    Reading loader env vars from /efi/freebsd/loader.env
Setting currdev to disk0p1:
FreeBSD/arm64 EFI loader, Revision 1.1
(Thu Jan  7 07:14:48 UTC 2021 root@releng1.nyi.freebsd.org)

   Command line arguments: loader.efi
   Image base: 0x39e17000
   EFI version: 2.80
   EFI Firmware: Das U-Boot (rev 8224.4096)
   Console: comconsole (0)
   Load Path: /efi\boot\bootaa64.efi
   Load Device: /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(0)/SD(0)/HD(1,0x01,0,0x800,0)
Trying ESP: /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(0)/SD(0)/HD(1,0x01,0,0x800,0x100)
Setting currdev to disk0p1:
Trying: /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(0)/SD(0)/HD(2,0x01,0,0x10800,0x3ef80)
Setting currdev to disk0p2:
Loading /boot/defaults/loader.conf
Loading /boot/device.hints
Loading /boot/loader.conf
Loading /boot/loader.conf.local
[0;37;40m[H[J[9;47H[muKOS2qsmkfe38kEuXLimP+7XoBiuIt5k[10;47HBM[36mHardened[34mBSD[mxfOL9Qwv5
[25;0H[23;4HAutoboot in 0 seconds, hit [Enter] to boot or any other key to stop     
[25;0HLoading kernel...
/boot/kernel/kernel text=0x9857d0 data=0x19b1f0+0x7a3084 syms=[0x8+0x142260+0x8+0x12dbac]
Loading configured modules...
/boot/kernel/if_bridge.ko text=0x351e text=0x69a0 data=0x10428+0xfbe0 syms=[0x8+0x1a40+0x8+0]
loading required module 'bridgestp'
/boot/kernel/bridgestp.ko text=0xe44 text=0x402c data=0x170 data=0x158+0x28 syms=[0x8+0xb10+]
/boot/kernel/if_enc.ko text=0x1602 text=0x8d0 data=0x10168 syms=[0x8+0xc90+0x8+0xb66]
/boot/kernel/carp.ko text=0x34c0 text=0x63d0 data=0x10258+0xfdf0 syms=[0x8+0x1980+0x8+0x121f]
/boot/kernel/if_lagg.ko text=0x35c0 text=0x7c30 data=0x10440+0xfbc8 syms=[0x8+0x1a70+0x8+0x1]
/boot/kernel/pfsync.ko text=0x2e14 text=0x6ad0 data=0x102e8+0xfd20 syms=[0x8+0x1758+0x8+0x10]
loading required module 'pf'
/boot/kernel/pf.ko text=0x6061 text=0x2cb90 data=0x10490+0xfd38 syms=[0x8+0x4170+0x8+0x308c]
/boot/kernel/pflog.ko text=0xfb0 text=0x830 data=0x10148 syms=[0x8+0x9f0+0x8+0x716]
/boot/kernel/if_tap.ko text=0x2613 text=0x2b90 data=0x10160+0xff18 syms=[0x8+0x1260+0x8+0xbc]
/boot/entropy size=0x1000
/boot/kernel/if_gre.ko text=0x2458 text=0x4640 data=0x10228+0xfe18 syms=[0x8+0x1668+0x8+0xf1]
Using DTB provided by EFI at 0x7ef6000.
EFI framebuffer information:
addr, size     0x3e536000, 0x6baa80
dimensions     1680 x 1050
stride         1680
masks          0x00ff0000, 0x0000ff00, 0x000000ff, 0xff000000
---<<BOOT>>---
KDB: debugger backends: ddb
KDB: current backend: ddb
Copyright (c) 2013-2019 The HardenedBSD Project.
Copyright (c) 1992-2019 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
        The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 12.1-RELEASE-p13-HBSD #0  5a4151730(stable/21.1)-dirty: Fri Jan  8 01:33:30 UTC 2021
    root@generic:/usr/obj/usr/src/arm64.aarch64/sys/SMP-ARM arm64
FreeBSD clang version 8.0.1 (tags/RELEASE_801/final 366581) (based on LLVM 8.0.1)
VT(efifb): resolution 1680x1050
HardenedBSD: initialize and check features (__HardenedBSD_version 1200059 __FreeBSD_version .
Starting CPU 1 (1)
Starting CPU 2 (2)
Starting CPU 3 (3)
FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs
random: unblocking device.
random: entropy device external interface
MAP 39f48000 mode 2 pages 1
MAP 39f4c000 mode 2 pages 3
MAP 39f50000 mode 2 pages 4
MAP 3b360000 mode 2 pages 16
MAP 3f100000 mode 1 pages 1
000.000021 [4336] netmap_init               netmap: loaded module
kbd0 at kbdmux0
ofwbus0: <Open Firmware Device Tree>
simplebus0: <Flattened device tree simple bus> on ofwbus0
ofw_clkbus0: <OFW clocks bus> on ofwbus0
clk_fixed0: <Fixed clock> on ofw_clkbus0
clk_fixed1: <Fixed clock> on ofw_clkbus0
regfix0: <Fixed Regulator> on ofwbus0
regfix1: <Fixed Regulator> on ofwbus0
psci0: <ARM Power State Co-ordination Interface Driver> on ofwbus0
lintc0: <BCM2836 Interrupt Controller> mem 0x40000000-0x400000ff on simplebus0
intc0: <BCM2835 Interrupt Controller> mem 0x7e00b200-0x7e00b3ff irq 20 on simplebus0
gpio0: <BCM2708/2835 GPIO controller> mem 0x7e200000-0x7e2000b3 irq 23,24 on simplebus0
gpiobus0: <OFW GPIO bus> on gpio0
generic_timer0: <ARMv7 Generic Timer> irq 0,1,2,3 on ofwbus0
Timecounter "ARM MPCore Timecounter" frequency 19200000 Hz quality 1000
Event timer "ARM MPCore Eventtimer" frequency 19200000 Hz quality 1000
usb_nop_xceiv0: <USB NOP PHY> on ofwbus0
bcm_dma0: <BCM2835 DMA Controller> mem 0x7e007000-0x7e007eff irq 4,5,6,7,8,9,10,11,12,13,14,0
bcmwd0: <BCM2708/2835 Watchdog> mem 0x7e100000-0x7e100027 on simplebus0
bcmrng0: <Broadcom BCM2835 RNG> mem 0x7e104000-0x7e10400f irq 21 on simplebus0
mbox0: <BCM2835 VideoCore Mailbox> mem 0x7e00b880-0x7e00b8bf irq 22 on simplebus0
gpioc0: <GPIO controller> on gpio0
uart0: <PrimeCell UART (PL011)> mem 0x7e201000-0x7e201fff irq 25 on simplebus0
sdhost_bcm0: <Broadcom 2708 SDHOST controller> mem 0x7e202000-0x7e2020ff irq 26 on simplebus0
sdhost_bcm0-slot0: Hardware doesn't specify timeout clock frequency, setting BROKEN_TIMEOUT .
mmc0: <MMC/SD bus> on sdhost_bcm0
spi0: <BCM2708/2835 SPI controller> mem 0x7e204000-0x7e204fff irq 27 on simplebus0
spibus0: <OFW SPI bus> on spi0
spibus0: <unknown card> at cs 0 mode 0
spibus0: <unknown card> at cs 1 mode 0
uart1: <BCM2835 Mini-UART> mem 0x7e215040-0x7e21507f irq 33 on simpuart1: console (115200,n,)
iichb0: <BCM2708/2835 BSC controller> mem 0x7e804000-0x7e804fff irq 40 on simplebus0
bcm283x_dwcotg0: <DWC OTG 2.0 integrated USB controller (bcm283x)> mem 0x7e980000-0x7e98ffff0
usbus0 on bcm283x_dwcotg0
sdhci_bcm0: <Broadcom 2708 SDHCI controller> mem 0x7e300000-0x7e3000ff irq 49 on simplebus0
mmc1: <MMC/SD bus> on sdhci_bcm0
fb0: <BCM2835 VT framebuffer driver> on simplebus0
fbd0 on fb0
VT: Replacing driver "efifb" with new "fb".
fb0: 1680x1050(1680x1050@0,0) 24bpp
fb0: fbswap: 1, pitch 5040, base 0x3e6e7000, screen_size 5322240
pmu0: <Performance Monitoring Unit> irq 53 on simplebus0
cpulist0: <Open Firmware CPU Group> on ofwbus0
cpu0: <Open Firmware CPU> on cpulist0
bcm2835_cpufreq0: <CPU Frequency Control> on cpu0
cpu1: <Open Firmware CPU> on cpulist0
cpu2: <Open Firmware CPU> on cpulist0
cpu3: <Open Firmware CPU> on cpulist0
gpioled0: <GPIO LEDs> on ofwbus0
gpioled0: <led0> failed to map pin
gpioled0: <led1> failed to map pin
cryptosoft0: <software crypto>
Timecounters tick every 1.000 msec
usbus0: 480Mbps High Speed USB v2.0
ugen0.1: <DWCOTG OTG Root HUB> at usbus0
uhub0: <DWCOTG OTG Root HUB, class 9/0, rev 2.00/1.00, addr 1> on usbus0
mmcsd0: 16GB <SDHC SL16G 8.0 SN 682835FD MFG 04/2016 by 3 SD> at mmc0 50.0MHz/4bit/65535-blok
iicbus0: <OFW I2C bus> on iichb0
iic0: <I2C generic I/O> on iicbus0
mmc1: No compatible cards found on bus
mbox0: mbox response error
bcm2835_cpufreq0: can't get max voltage
bcm2835_cpufreq0: ARM 600MHz, Core 400MHz, SDRAM 400MHz, Turbo OFF
mbox0: mbox response error
bcm2835_cpufreq0: can't set clock rate (id=3)
mbox0: mbox response error
bcm2835_cpufreq0: can't set clock rate (id=4)
uhub0: 1 port with 1 removable, self powered
ugen0.2: <vendor 0x0424 product 0x9514> at usbus0
uhub1 on uhub0
uhub1: <vendor 0x0424 product 0x9514, class 9/0, rev 2.00/2.00, addr 2> on usbus0
uhub1: MTT enabled
uhub1: 5 ports with 4 removable, self powered
ugen0.3: <vendor 0x0424 product 0xec00> at usbus0
smsc0 on uhub1
smsc0: <vendor 0x0424 product 0xec00, rev 2.00/2.00, addr 3> on usbus0
smsc0: chip 0xec00, rev. 0002
miibus0: <MII bus> on smsc0
smscphy0: <SMC LAN8700 10/100 interface> PHY 1 on miibus0
smscphy0:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
ue0: <USB Ethernet> on smsc0
ue0: Ethernet address: b8:27:eb:16:56:a8
ugen0.4: <ASIX Elec. Corp. AX88x72A> at usbus0
ugen0.5: <ASIX Elec. Corp. AX88x72A> at usbus0
ugen0.6: <vendor 0x1a40 USB 2.0 Hub> at usbus0
uhub2 on uhub1
uhub2: <vendor 0x1a40 USB 2.0 Hub, class 9/0, rev 2.00/1.11, addr 6> on usbus0
uhub2: 4 ports with 4 removable, self powered
ugen0.7: <vendor 0x046a product 0x0023> at usbus0
ukbd0 on uhub2
ukbd0: <vendor 0x046a product 0x0023, class 0/0, rev 2.00/2.20, addr 7> on usbus0
kbd1 at ukbd0
ugen0.8: <Primax Kensington Eagle Trackball> at usbus0
Release APs...done
CPU  0: ARM Cortex-A53 r0p4 affinity:  0
Trying to mount root from ufs:/dev/ufs/OPNsense [rw]...
 Instruction Set Attributes 0 = <CRC32>
mountroot: waiting for device /dev/ufs/OPNsense...
 Instruction Set Attributes 1 = <>
         Processor Features 0 = <AdvSIMD,Float,EL3 32,EL2 32,EL1 32,EL0 32>
         Processor Features 1 = <0>
      Memory Model Features 0 = <4k Granule,64k Granule,S/NS Mem,MixedEndian,16bit ASID,1TB >
      Memory Model Features 1 = <>
      Memory Model Features 2 = <32b CCIDX,48b VA>
             Debug Features 0 = <2 CTX Breakpoints,4 Watchpoints,6 Breakpoints,PMUv3,Debug v>
             Debug Features 1 = <0>
         Auxiliary Features 0 = <0>
         Auxiliary Features 1 = <0>
CPU  1: ARM Cortex-A53 r0p4 affinity:  1
CPU  2: ARM Cortex-A53 r0p4 affinity:  2
CPU  3: ARM Cortex-A53 r0p4 affinity:  3
Mounting from ufs:/dev/ufs/OPNsense failed with error 19.

Loader variables:
  vfs.root.mountfrom=ufs:/dev/ufs/OPNsense
  vfs.root.mountfrom.options=rw

Manual root filesystem specification:
  <fstype>:<device> [options]
      Mount <device> using filesystem <fstype>
      and with the specified (optional) option list.

    eg. ufs:/dev/da0s1a
        zfs:zroot/ROOT/default
        cd9660:/dev/cd0 ro
          (which is equivalent to: mount -t cd9660 -o ro /dev/cd0 /)

  ?               List valid disk boot devices
  .               Yield 1 second (for background tasks)
  <empty line>    Abort manual input

mountroot>

I'm not that BSD skilled person, I'm afraid. But it is strange,  you're almost there with final RW mount.
Whats the error=19 means ? filesystem damage ?
Your boot log seems alright . What if you diff compare it with the previous one ?

T.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: yrzr on February 24, 2021, 02:58:18 am
@testo_cz I have tested that the image is working under both qemu and esxi. Therefore, the code is running on aarch64 properly, while works need to be done with the firmware and boot-related configs.

I have recently built a version 21.1 test image (https://ftp.yrzr.tk/opnsense/build/21.1/aarch64/images/) for rpi3 (may also work on rpi4).

Feel free to try it, and don't forget to modify config.txt before the first run ;).

Hi

Thanks for sharing.

I got lost in this thread about How to build RPi3 image. There's too many forks of codes. Which git/source or git/crochet you actually used to build your image pls ?

I'd like to reuse my RPi3, simply.


Update: my RPi 3b+ does not boot with your test-image and using config_rpi3.txt.
 Gets stucked after:
CPU  3: ARM Cortex-A53 r0p4 affinity:  3

BTW: the screenshot shows Cortex-A72 , does that mean you successfully run in on RPi 4 too ?

BTW2: It seem there might be a progress soon:
https://github.com/opnsense/tools/pull/203

Thanks
T.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: yrzr on February 24, 2021, 03:04:56 am
@chemlud Thanks for your great news.

I have figured out that the problem of boot failure after the second boot issue is caused by the `hw.uart.console` configuration in /boot/loader.conf. As it is auto-generated by opnsense, modification on /boot/loader.conf will be flushed. You can add `hw.uart.console=""` in /boot/loader.conf.local as a temporarily solution.

I have recently built a version 21.1 test image (https://ftp.yrzr.tk/opnsense/build/21.1/aarch64/images/) for rpi3 (may also work on rpi4).

Feel free to try it, and don't forget to modify config.txt before the first run ;).

Edited config.txt and opnsense up and running, but no Interfaces detected, not the built-in RJ45, not the wifi, not the USB2-RJ45. All hardware OK, as everything works as expected with opensuse Leap on the raspi 3b (not 3b+). I tried with raspi 3 config.txt, with 64bit version etc. and added uart=1 to have serial consol over GPIO.

Did anybody get this running?

PS: some info

Code: [Select]
dmesg
---<<BOOT>>---
KDB: debugger backends: ddb
KDB: current backend: ddb
Copyright (c) 2013-2019 The HardenedBSD Project.
Copyright (c) 1992-2019 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
        The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 12.1-RELEASE-p13-HBSD #0  5a4151730(stable/21.1)-dirty: Fri Jan  8 01:33:30 UTC 2021
    root@generic:/usr/obj/usr/src/arm64.aarch64/sys/SMP-ARM arm64
FreeBSD clang version 8.0.1 (tags/RELEASE_801/final 366581) (based on LLVM 8.0.1)
VT(efifb): resolution 656x416
HardenedBSD: initialize and check features (__HardenedBSD_version 1200059 __FreeBSD_version 1201000).
Starting CPU 1 (1)
Starting CPU 2 (2)
Starting CPU 3 (3)
FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs
random: unblocking device.
random: entropy device external interface
MAP 39f47000 mode 2 pages 1
MAP 39f4b000 mode 2 pages 3
MAP 39f4f000 mode 2 pages 4
MAP 3b360000 mode 2 pages 16
MAP 3f100000 mode 1 pages 1
000.000021 [4336] netmap_init               netmap: loaded module
kbd0 at kbdmux0
ofwbus0: <Open Firmware Device Tree>
simplebus0: <Flattened device tree simple bus> on ofwbus0
ofw_clkbus0: <OFW clocks bus> on ofwbus0
clk_fixed0: <Fixed clock> on ofw_clkbus0
clk_fixed1: <Fixed clock> on ofw_clkbus0
regfix0: <Fixed Regulator> on ofwbus0
regfix1: <Fixed Regulator> on ofwbus0
simple_mfd0: <Simple MFD (Multi-Functions Device)> on simplebus0
ofw_clkbus1: <OFW clocks bus> on simple_mfd0
psci0: <ARM Power State Co-ordination Interface Driver> on ofwbus0
lintc0: <BCM2836 Interrupt Controller> mem 0x40000000-0x400000ff on simplebus0
intc0: <BCM2835 Interrupt Controller> mem 0x7e00b200-0x7e00b3ff irq 39 on simplebus0
gpio0: <BCM2708/2835 GPIO controller> mem 0x7e200000-0x7e2000b3 irq 7,8 on simplebus0
gpiobus0: <OFW GPIO bus> on gpio0
generic_timer0: <ARMv7 Generic Timer> irq 1,2,3,4 on ofwbus0
Timecounter "ARM MPCore Timecounter" frequency 19200000 Hz quality 1000
Event timer "ARM MPCore Eventtimer" frequency 19200000 Hz quality 1000
usb_nop_xceiv0: <USB NOP PHY> on ofwbus0
mbox0: <BCM2835 VideoCore Mailbox> mem 0x7e00b880-0x7e00b8bf irq 6 on simplebus0
gpioc0: <GPIO controller> on gpio0
uart0: <PrimeCell UART (PL011)> mem 0x7e201000-0x7e2011ff irq 9 on simplebus0
uart0: console (115200,n,8,1)
spi0: <BCM2708/2835 SPI controller> mem 0x7e204000-0x7e2041ff irq 11 on simplebus0
spibus0: <OFW SPI bus> on spi0
spibus0: <unknown card> at cs 0 mode 0
spibus0: <unknown card> at cs 1 mode 0
iichb0: <BCM2708/2835 BSC controller> mem 0x7e804000-0x7e804fff irq 19 on simplebus0
bcm283x_dwcotg0: <DWC OTG 2.0 integrated USB controller (bcm283x)> mem 0x7e980000-0x7e98ffff,0x7e006000-0x7e006fff irq 21,20
usbus0 on bcm283x_dwcotg0
bcm_dma0: <BCM2835 DMA Controller> mem 0x7e007000-0x7e007eff irq 23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38 on simpleb0
bcmwd0: <BCM2708/2835 Watchdog> mem 0x7e100000-0x7e100113,0x7e00a000-0x7e00a023 on simplebus0
bcmrng0: <Broadcom BCM2835 RNG> mem 0x7e104000-0x7e10400f irq 40 on simplebus0
sdhci_bcm0: <Broadcom 2708 SDHCI controller> mem 0x7e300000-0x7e3000ff irq 48 on simplebus0
mmc0: <MMC/SD bus> on sdhci_bcm0
fb0: <BCM2835 VT framebuffer driver> on simplebus0
fbd0 on fb0
VT: Replacing driver "efifb" with new "fb".
fb0: 656x416(656x416@0,0) 24bpp
fb0: fbswap: 1, pitch 1968, base 0x3eb33000, screen_size 818688
pmu0: <Performance Monitoring Unit> irq 0 on ofwbus0
cpulist0: <Open Firmware CPU Group> on ofwbus0
cpu0: <Open Firmware CPU> on cpulist0
bcm2835_cpufreq0: <CPU Frequency Control> on cpu0
cpu1: <Open Firmware CPU> on cpulist0
cpu2: <Open Firmware CPU> on cpulist0
cpu3: <Open Firmware CPU> on cpulist0
gpioled0: <GPIO LEDs> on ofwbus0
gpioled0: <led0> failed to map pin
gpioled0: <led1> failed to map pin
cryptosoft0: <software crypto>
Timecounters tick every 1.000 msec
usbus0: 480Mbps High Speed USB v2.0
iicbus0: <OFW I2C bus> on iichb0
iic0: <I2C generic I/O> on iicbus0
ugen0.1: <DWCOTG OTG Root HUB> at usbus0
uhub0: <DWCOTG OTG Root HUB, class 9/0, rev 2.00/1.00, addr 1> on usbus0
mmcsd0: 16GB <SDHC SL16G 8.0 SN 682835FD MFG 04/2016 by 3 SD> at mmc0 50.0MHz/4bit/65535-block
bcm2835_cpufreq0: ARM 600MHz, Core 250MHz, SDRAM 400MHz, Turbo OFF
uhub0: 1 port with 1 removable, self powered
Release APs...done
CPU  0: ARM Cortex-A53 r0p4 affinity:  0
Trying to mount root from ufs:/dev/ufs/OPNsense [rw]...
 Instruction Set Attributes 0 = <CRC32>
 Instruction Set Attributes 1 = <>
         Processor Features 0 = <AdvSIMD,Float,EL3 32,EL2 32,EL1 32,EL0 32>
         Processor Features 1 = <0>
      Memory Model Features 0 = <4k Granule,64k Granule,S/NS Mem,MixedEndian,16bit ASID,1TB PA>
      Memory Model Features 1 = <>
      Memory Model Features 2 = <32b CCIDX,48b VA>
             Debug Features 0 = <2 CTX Breakpoints,4 Watchpoints,6 Breakpoints,PMUv3,Debug v8>
             Debug Features 1 = <0>
         Auxiliary Features 0 = <0>
         Auxiliary Features 1 = <0>
CPU  1: ARM Cortex-A53 r0p4 affinity:  1
CPU  2: ARM Cortex-A53 r0p4 affinity:  2
CPU  3: ARM Cortex-A53 r0p4 affinity:  3
Warning: no time-of-day clock registered, system time will not be set accurately
lo0: link state changed to UP
pflog0: promiscuous mode enabled
pflog0: promiscuous mode disabled
pflog0: promiscuous mode enabled
pflog0: promiscuous mode disabled
pflog0: promiscuous mode enabled

and

Code: [Select]
usbconfig
ugen0.1: <DWCOTG OTG Root HUB> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA)

Fun fact: If you choose "reboot" the install never comes back (tried about 20 times), but stops before booting

Code: [Select]
*** OPNsense.localdomain: OPNsense 21.1_25 (aarch64/OpenSSL) ***

        No network interfaces are assigned.

  0) Logout                              7) Ping host
  1) Assign interfaces                   8) Shell
  2) Set interface IP address            9) pfTop
  3) Reset the root password            10) Firewall log
  4) Reset to factory defaults          11) Reload all services
  5) Power off system                   12) Update from console
  6) Reboot system                      13) Restore a backup

Enter an option: 6

The system will reboot. Do you want to proceed? [y/N]: y

>>> Invoking stop script 'beep'
>>> Invoking stop script 'freebsd'
>>> Invoking stop script 'backup'
>>> Invoking backup script 'captiveportal'
>>> Invoking backup script 'dhcpleases'
>>> Invoking backup script 'duid'
>>> Invoking backup script 'netflow'
>>> Invoking backup script 'rrd'
>>> Invoking stop script 'config'
shutdown: [pid 9305]
Shutdown NOW!
Consoles: EFI console 
    Reading loader env vars from /efi/freebsd/loader.env
Setting currdev to disk0p1:
FreeBSD/arm64 EFI loader, Revision 1.1
(Thu Jan  7 07:14:48 UTC 2021 root@releng1.nyi.freebsd.org)

   Command line arguments: loader.efi
   Image base: 0x39e16000
   EFI version: 2.80
   EFI Firmware: Das U-Boot (rev 8224.4096)
   Console: comconsole (0)
   Load Path: /efi\boot\bootaa64.efi
   Load Device: /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(2)/SD(0)/HD(1,0x01,0,0x800,0x10000)
Trying ESP: /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(2)/SD(0)/HD(1,0x01,0,0x800,0x10000)
Setting currdev to disk0p1:
Trying: /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(2)/SD(0)/HD(2,0x01,0,0x10800,0x3ef800)
Setting currdev to disk0p2:
Loading /boot/defaults/loader.conf
Loading /boot/device.hints
Loading /boot/loader.conf
Loading /boot/loader.conf.local
[H[J[4;46H uKOS2qsmkfe38kEuXLimP+7XoBiuIt5k[5;46H BMHardenedBSDxfOL9QwvfA6yxGHkNMG[6;46H 2I7ADmw7Mp/P8Y4wjnBFDNKvNzdZa/uu[5
[25;0H[23;4HAutoboot in 2 seconds, hit [Enter] to boot or any other key to stop     
[25;0H[23;4HAutoboot in 1 seconds, hit [Enter] to boot or any other key to stop     
[25;0H[23;4HAutoboot in 0 seconds, hit [Enter] to boot or any other key to stop     
[25;0HLoading kernel...
/boot/kernel/kernel text=0x9857d0 data=0x19b1f0+0x7a3084 syms=[0x8+0x142260+0x8+0x12dbac]
Loading configured modules...
/boot/kernel/pflog.ko text=0xfb0 text=0x830 data=0x10148 syms=[0x8+0x9f0+0x8+0x716]
loading required module 'pf'
/boot/kernel/pf.ko text=0x6061 text=0x2cb90 data=0x10490+0xfd38 syms=[0x8+0x4170+0x8+0x308c]
/boot/kernel/if_enc.ko text=0x1602 text=0x8d0 data=0x10168 syms=[0x8+0xc90+0x8+0xb66]
/boot/kernel/pfsync.ko text=0x2e14 text=0x6ad0 data=0x102e8+0xfd20 syms=[0x8+0x1758+0x8+0x10f0]
/boot/kernel/carp.ko text=0x34c0 text=0x63d0 data=0x10258+0xfdf0 syms=[0x8+0x1980+0x8+0x121f]
/boot/kernel/if_bridge.ko text=0x351e text=0x69a0 data=0x10428+0xfbe0 syms=[0x8+0x1a40+0x8+0x14a3]
loading required module 'bridgestp'
/boot/kernel/bridgestp.ko text=0xe44 text=0x402c data=0x170 data=0x158+0x28 syms=[0x8+0xb10+0x8+0x690]
/boot/kernel/if_tap.ko text=0x2613 text=0x2b90 data=0x10160+0xff18 syms=[0x8+0x1260+0x8+0xbc4]
/boot/kernel/if_lagg.ko text=0x35c0 text=0x7c30 data=0x10440+0xfbc8 syms=[0x8+0x1a70+0x8+0x1325]
/boot/kernel/if_gre.ko text=0x2458 text=0x4640 data=0x10228+0xfe18 syms=[0x8+0x1668+0x8+0xf17]
/boot/entropy size=0x1000
Using DTB provided by EFI at 0x7ef5000.
EFI framebuffer information:
addr, size     0x3eaf0000, 0x10a800
dimensions     656 x 416
stride         656
masks          0x00ff0000, 0x0000ff00, 0x000000ff, 0xff000000
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: testo_cz on March 05, 2021, 12:03:27 pm
@yrzr

Thanks,
this new image https://forum.opnsense.org/index.php?topic=12186.msg100319#msg100319 (https://forum.opnsense.org/index.php?topic=12186.msg100319#msg100319)
works nice over HDMI. Modified hw.uart.console="" too.

It seems the best to keep 12.1-RELEASE MSDOSBOOT files for RPI3 with the current OPNsense kernel.

I didn't manage to run your image with serial console, but nevermind, I rather build arm image by myself (from your tools fork up to commit d15d63475220a7d9f16762b80720744394fe9685) , Thanks,  getting version 21.1.2_8 now.
Note w.r.t. serial console: 
When I took nekoprog's arm_hook (config/21.1/extras.conf)  and applied to your fork , I got nice serial console. Both things a) load.conf variables and b) opnsense default xml config matters.

Some minor steps optionally done after the first boot - to have a nicely polished image:
Code: [Select]
kldxref -R /boot

cat >>/boot/loader.conf.local <<EOF
hw.uart.console=""
bcm283x_clkman_load="YES"
EOF

echo 'powerd_enable="YES"' >/etc/rc.conf.d/powerd


T.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: chemlud on March 07, 2021, 03:03:05 pm
hi guys! will give it a try :-D

would be cool if you could post SHA512 for the images here... ;-)
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: chemlud on March 07, 2021, 04:57:17 pm
First boot was OK with HDMI, had interfaces this time. Configured serial console in GUI, but on reboot it never finishes

Code: [Select]
U-Boot 2020.10 (Feb 02 2021 - 23:40:41 +0000)

DRAM:  948 MiB
RPI 3 Model B (0xa02082)
MMC:   mmc@7e300000: 1
Loading Environment from FAT... *** Warning - bad CRC, using default environment

In:    serial
Out:   vidconsole
Err:   vidconsole
Net:   No ethernet found.
starting USB...
Bus usb@7e980000: USB DWC2
scanning bus usb@7e980000 for devices... 5 USB Device(s) found
       scanning usb for storage devices... 0 Storage Device(s) found
Hit any key to stop autoboot:  0
MMC Device 0 not found
no mmc device at slot 0
switch to partitions #0, OK
mmc1 is current device
Scanning mmc 1:1...
Found EFI removable media binary efi/boot/bootaa64.efi
-       _    _               _                     _ ____   _____ _____ 
       | |  | |             | |                   | |  _ \ / ____|  __ \
       | |__| | __ _ _ __ __| | ___ _ __   ___  __| | |_) | (___ | |  | |
       |  __  |/ _` | '__/ _` |/ _ \ '_ \ / _ \/ _` |  _ < \___ \| |  | |uIt5k
       | |  | | (_| | | | (_| |  __/ | | |  __/ (_| | |_) |____) | |__| |HkNMG
       |_|  |_|\__,_|_|  \__,_|\___|_| |_|\___|\__,_|____/|_____/|_____/ Za/uu
                                              7jx0/j28DcHs1oTUiFxDezXj0+bYBAjk
                                              M/WeI4vOFPUZQcUiqAhCItlLY/1/YsdU
 ????????????????????????????????????????????????????????????????????????      ??  bYCu3JOWsOA/Ctw0oVmHA+jY6Z8RJnsT                            ??
 ??                                         ??  NTm3YVdJVYQ+O2ltoSwHardenedBSDVD
 ??  1. Boot Multi user [Enter]             ??  vji9p89gQvsPgS9hh9ekUCw/0TnSeQ1W
 ??  2. Boot Single user                    ??  NHcmBLfiNO7mU9D4rCxiSQfifcIZzC78
 ??  3. Escape to loader prompt             ??  uwaNYp+XGq+qEt7pQ+aX2nsJ2juBCGai
 ??  4. Reboot                              ??  fTclPrFDFBNSqyrmOEI3Lrkn3eudPbJU
 ??                                         ??  NlHardenedBSDvCOXT59dcSRw9mB3bOl
 ??  Options:                               ??  gEcyCwdlh1xWKOu9qGWcmsAhOVReHec4\
 ??  5. Kernel: default/kernel (1 of 1)     ??
 ??  6. Boot Options                        ??
 ??                                         ??
 ??                                         ??
 ??                                         ??
 ????????????????????????????????????????????????????????????????????????      ??                                                              ??
   Autoboot in 0 seconds, hit [Enter] to boot or any other key to stop     

Loading kernel...
/boot/kernel/kernel text=0x97f010 data=0x19b1f0+0x7a3084 syms=[0x8+0x141c30+0x8+0x12dbaa]
Loading configured modules...
/boot/kernel/pflog.ko text=0xfb0 text=0x830 data=0x10148 syms=[0x8+0x9f0+0x8+0x716]
/boot/kernel/pfsync.ko text=0x2e14 text=0x6ad0 data=0x102e8+0xfd20 syms=[0x8+0x1758+0x8+0x10f0]
/boot/kernel/carp.ko text=0x34c0 text=0x63d0 data=0x10258+0xfdf0 syms=[0x8+0x1980+0x8+0x121f]
/boot/kernel/bcm283x_clkman.ko text=0xcf7 text=0x680 data=0x10150+0xfeb8 syms=[0x8+0x6d8+0x8+0x4f2]
/boot/kernel/pf.ko text=0x6061 text=0x2cb90 data=0x10490+0xfd38 syms=[0x8+0x4170+0x8+0x308c]
/boot/kernel/if_tap.ko text=0x2613 text=0x2b90 data=0x10160+0xff18 syms=[0x8+0x1260+0x8+0xbc4]
/boot/kernel/if_lagg.ko text=0x35c0 text=0x7c30 data=0x10440+0xfbc8 syms=[0x8+0x1a70+0x8+0x1325]
/boot/kernel/if_gre.ko text=0x2458 text=0x4640 data=0x10228+0xfe18 syms=[0x8+0x1668+0x8+0xf17]
/boot/kernel/if_bridge.ko text=0x351e text=0x69a0 data=0x10428+0xfbe0 syms=[0x8+0x1a40+0x8+0x14a3]
/boot/kernel/if_enc.ko text=0x1602 text=0x8d0 data=0x10168 syms=[0x8+0xc90+0x8+0xb66]
/boot/entropy size=0x1000
Using DTB provided by EFI at 0x7ef6000.
EFI framebuffer information:
addr, size     0x3e536000, 0x6baa80
dimensions     1680 x 1050
stride         1680
masks          0x00ff0000, 0x0000ff00, 0x000000ff, 0xff000000
---<<BOOT>>---
KDB: debugger backends: ddb
KDB: current backend: ddb
Copyright (c) 2013-2019 The HardenedBSD Project.
Copyright (c) 1992-2019 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
        The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 12.1-RELEASE-p13-HBSD #0  5a4151730(stable/21.1)-dirty: Mon Feb 22 22:06:31 HKT 2021
    root@freebsd12:/usr/obj/usr/src/arm64.aarch64/sys/SMP-ARM arm64
FreeBSD clang version 8.0.1 (tags/RELEASE_801/final 366581) (based on LLVM 8.0.1)
VT(efifb): resolution 1680x1050
HardenedBSD: initialize and check features (__HardenedBSD_version 1200059 __FreeBSD_version 1201000).
KLD file if_bridge.ko is missing dependencies
Starting CPU 1 (1)
Starting CPU 2 (2)
Starting CPU 3 (3)
FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs
random: unblocking device.
random: entropy device external interface
MAP 39f48000 mode 2 pages 1
MAP 39f4c000 mode 2 pages 3
MAP 39f50000 mode 2 pages 4
MAP 3b360000 mode 2 pages 16
MAP 3f100000 mode 1 pages 1
000.000021 [4336] netmap_init               netmap: loaded module
kbd0 at kbdmux0
ofwbus0: <Open Firmware Device Tree>
simplebus0: <Flattened device tree simple bus> on ofwbus0
ofw_clkbus0: <OFW clocks bus> on ofwbus0
clk_fixed0: <Fixed clock> on ofw_clkbus0
clk_fixed1: <Fixed clock> on ofw_clkbus0
regfix0: <Fixed Regulator> on ofwbus0
regfix1: <Fixed Regulator> on ofwbus0
psci0: <ARM Power State Co-ordination Interface Driver> on ofwbus0
lintc0: <BCM2836 Interrupt Controller> mem 0x40000000-0x400000ff on simplebus0
intc0: <BCM2835 Interrupt Controller> mem 0x7e00b200-0x7e00b3ff irq 20 on simplebus0
gpio0: <BCM2708/2835 GPIO controller> mem 0x7e200000-0x7e2000b3 irq 23,24 on simplebus0
gpiobus0: <OFW GPIO bus> on gpio0
generic_timer0: <ARMv7 Generic Timer> irq 0,1,2,3 on ofwbus0
Timecounter "ARM MPCore Timecounter" frequency 19200000 Hz quality 1000
Event timer "ARM MPCore Eventtimer" frequency 19200000 Hz quality 1000
usb_nop_xceiv0: <USB NOP PHY> on ofwbus0
bcm_dma0: <BCM2835 DMA Controller> mem 0x7e007000-0x7e007eff irq 4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,190
bcmwd0: <BCM2708/2835 Watchdog> mem 0x7e100000-0x7e100027 on simplebus0
bcm2835_clkman0: <BCM283x Clock Manager> mem 0x7e101000-0x7e102fff on simplebus0
bcmrng0: <Broadcom BCM2835 RNG> mem 0x7e104000-0x7e10400f irq 21 on simplebus0
mbox0: <BCM2835 VideoCore Mailbox> mem 0x7e00b880-0x7e00b8bf irq 22 on simplebus0
gpioc0: <GPIO controller> on gpio0
uart0: <PrimeCell UART (PL011)> mem 0x7e201000-0x7e201fff irq 25 on simplebus0
spi0: <BCM2708/2835 SPI controller> mem 0x7e204000-0x7e204fff irq 27 on simplebus0
spibus0: <OFW SPI bus> on spi0
spibus0: <unknown card> at cs 0 mode 0
spibus0: <unknown card> at cs 1 mode 0
uart1: <BCM2835 Mini-UART> mem 0x7e215040-0x7e21507f irq 33 on simpuart1: console (115200,n,8,1)
iichb0: <BCM2708/2835 BSC controller> mem 0x7e804000-0x7e804fff irq 40 on simplebus0
bcm283x_dwcotg0: <DWC OTG 2.0 integrated USB controller (bcm283x)> mem 0x7e980000-0x7e98ffff,0x7e006000-0x0
usbus0 on bcm283x_dwcotg0
sdhci_bcm0: <Broadcom 2708 SDHCI controller> mem 0x7e300000-0x7e3000ff irq 49 on simplebus0
mmc0: <MMC/SD bus> on sdhci_bcm0
fb0: <BCM2835 VT framebuffer driver> on simplebus0
fbd0 on fb0
VT: Replacing driver "efifb" with new "fb".
fb0: 1680x1050(1680x1050@0,0) 24bpp
fb0: fbswap: 1, pitch 5040, base 0x3e6e7000, screen_size 5322240
pmu0: <Performance Monitoring Unit> irq 53 on simplebus0
cpulist0: <Open Firmware CPU Group> on ofwbus0
cpu0: <Open Firmware CPU> on cpulist0
bcm2835_cpufreq0: <CPU Frequency Control> on cpu0
cpu1: <Open Firmware CPU> on cpulist0
cpu2: <Open Firmware CPU> on cpulist0
cpu3: <Open Firmware CPU> on cpulist0
gpioled0: <GPIO LEDs> on ofwbus0
gpioled0: <led0> failed to map pin
gpioled0: <led1> failed to map pin
ZX??????7??T??????V5Z????PY??????TX????7??)y??I????????RR??Q????K??-????)yI????????X??@RR\??????I????x????????R??Y????????


This is the output from serial console. On monitor I saw some messages on ue1 and ue2 going down and up, the boot hang and then the monitor went into power saving. No DHCP on the configured LAN.

So rebooting is still an issue here...
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: chemlud on March 07, 2021, 05:52:39 pm
Still no serial console, tried various config from GUI, serial first etc...

btw, no nano in packages? vi is still a pain :-D
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: chemlud on March 07, 2021, 08:24:36 pm
Hmm, still no driver for the wifi module of the raspi 3b in BSD? Strange...
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: testo_cz on March 07, 2021, 11:23:24 pm
Still no serial console, tried various config from GUI, serial first etc...

btw, no nano in packages? vi is still a pain :-D

Had to admit , I didnt have enough patience and skills to setup YRZR's image to work with serial console.  Mostly because I built my own from his fork (little extended by Nekoprog's).

If you feel like doing it , have a look on Nekoprog's arm_hook() function here https://github.com/nekoprog/tools/blob/master/config/20.7/extras.conf (https://github.com/nekoprog/tools/blob/master/config/20.7/extras.conf)
This particular piece helped me with my build.

T.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: testo_cz on March 07, 2021, 11:33:07 pm
Hmm, still no driver for the wifi module of the raspi 3b in BSD? Strange...

I web-searched for the RPI3 Wifi recently. It seems to me that the problem is in HW implementation, as its Broadcom Wifi chip is normally supported, but not behind SDIO pins. https://wiki.freebsd.org/SDIO (https://wiki.freebsd.org/SDIO) work in progress, they say.

T.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: TheSilentKid on March 08, 2021, 01:30:27 pm
I am trying to cross compile on freebsd 14.0 using tools from nekoprog to compile it for rpi4, but I am getting errors related to duplicate symbol.

Using Freebsd 14 becoz freebsd > 12 are running in rpi4.

Any solutions or should I compile it in rpi ?
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: chemlud on March 14, 2021, 09:59:27 am
I had the sense now running on my raspi 3B for about one week, then the SD-card slot broke, lots of

Code: [Select]
vm_fault pager read error, pid 1
in the console.

Tried new SD-card, new power supply, but finally ended with enabeling boot from USB... Now it's stable for some hours. Could not get it to work from a brand new Sandisk Cruzer USB3-stick (never ending stream of "CAM status: CDB request completed with error"),

https://forums.freebsd.org/threads/usb-disks-unusable-ccb-request-completed-with-an-error.60419/

only older USB2 Sandisk Cruzer works. And sometimes some random USB-port won't boot. Have to change to other USB-port. Never had such a pain with any raspberry pi and I have a lot of them (but no other 3B). Pain!
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: chemlud on March 14, 2021, 11:31:40 am
The raspi 2B v1.2 has the same 64bit CPU as the 3B and 3B+

https://en.wikipedia.org/wiki/Raspberry_pi

but I could not get the image working on this machine. Any ideas what is needed? .dtb?
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: abal on March 15, 2021, 11:49:04 am
Hi yrzr,

I'm trying to deploy your image on RPI4 (Model B 4GB), but unfortunately it is not booting. It stops at point:

Code: [Select]
Using DTB provided by EFI at 0x7ef0000.
EFI framebuffer information:
addr, size     0x3eac2000, 0x103000
dimensions     592 x 448
stride         592
masks          0x00ff0000, 0x0000ff00, 0x000000ff, 0xff000000

No other messages ... Can you or someone give me any info, what to check or how to continue?
I'm using the following config (connected through UART):
Code: [Select]
arm_64bit=1
dtoverlay=disable-bt
dtoverlay=mmc
device_tree_address=0x4000
kernel=u-boot.bin
armstub=armstub8-gic.bin
hdmi_safe=1
enable_uart=1
uart_2ndstage=1

I've also attached the whole boot log.

Thanks!

@chemlud Thanks for your great news.

I have figured out that the problem of boot failure after the second boot issue is caused by the `hw.uart.console` configuration in /boot/loader.conf. As it is auto-generated by opnsense, modification on /boot/loader.conf will be flushed. You can add `hw.uart.console=""` in /boot/loader.conf.local as a temporarily solution.

I have recently built a version 21.1 test image (https://ftp.yrzr.tk/opnsense/build/21.1/aarch64/images/) for rpi3 (may also work on rpi4).

Feel free to try it, and don't forget to modify config.txt before the first run ;).

Edited config.txt and opnsense up and running, but no Interfaces detected, not the built-in RJ45, not the wifi, not the USB2-RJ45. All hardware OK, as everything works as expected with opensuse Leap on the raspi 3b (not 3b+). I tried with raspi 3 config.txt, with 64bit version etc. and added uart=1 to have serial consol over GPIO.

Did anybody get this running?

PS: some info

Code: [Select]
dmesg
---<<BOOT>>---
KDB: debugger backends: ddb
KDB: current backend: ddb
Copyright (c) 2013-2019 The HardenedBSD Project.
Copyright (c) 1992-2019 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
        The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 12.1-RELEASE-p13-HBSD #0  5a4151730(stable/21.1)-dirty: Fri Jan  8 01:33:30 UTC 2021
    root@generic:/usr/obj/usr/src/arm64.aarch64/sys/SMP-ARM arm64
FreeBSD clang version 8.0.1 (tags/RELEASE_801/final 366581) (based on LLVM 8.0.1)
VT(efifb): resolution 656x416
HardenedBSD: initialize and check features (__HardenedBSD_version 1200059 __FreeBSD_version 1201000).
Starting CPU 1 (1)
Starting CPU 2 (2)
Starting CPU 3 (3)
FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs
random: unblocking device.
random: entropy device external interface
MAP 39f47000 mode 2 pages 1
MAP 39f4b000 mode 2 pages 3
MAP 39f4f000 mode 2 pages 4
MAP 3b360000 mode 2 pages 16
MAP 3f100000 mode 1 pages 1
000.000021 [4336] netmap_init               netmap: loaded module
kbd0 at kbdmux0
ofwbus0: <Open Firmware Device Tree>
simplebus0: <Flattened device tree simple bus> on ofwbus0
ofw_clkbus0: <OFW clocks bus> on ofwbus0
clk_fixed0: <Fixed clock> on ofw_clkbus0
clk_fixed1: <Fixed clock> on ofw_clkbus0
regfix0: <Fixed Regulator> on ofwbus0
regfix1: <Fixed Regulator> on ofwbus0
simple_mfd0: <Simple MFD (Multi-Functions Device)> on simplebus0
ofw_clkbus1: <OFW clocks bus> on simple_mfd0
psci0: <ARM Power State Co-ordination Interface Driver> on ofwbus0
lintc0: <BCM2836 Interrupt Controller> mem 0x40000000-0x400000ff on simplebus0
intc0: <BCM2835 Interrupt Controller> mem 0x7e00b200-0x7e00b3ff irq 39 on simplebus0
gpio0: <BCM2708/2835 GPIO controller> mem 0x7e200000-0x7e2000b3 irq 7,8 on simplebus0
gpiobus0: <OFW GPIO bus> on gpio0
generic_timer0: <ARMv7 Generic Timer> irq 1,2,3,4 on ofwbus0
Timecounter "ARM MPCore Timecounter" frequency 19200000 Hz quality 1000
Event timer "ARM MPCore Eventtimer" frequency 19200000 Hz quality 1000
usb_nop_xceiv0: <USB NOP PHY> on ofwbus0
mbox0: <BCM2835 VideoCore Mailbox> mem 0x7e00b880-0x7e00b8bf irq 6 on simplebus0
gpioc0: <GPIO controller> on gpio0
uart0: <PrimeCell UART (PL011)> mem 0x7e201000-0x7e2011ff irq 9 on simplebus0
uart0: console (115200,n,8,1)
spi0: <BCM2708/2835 SPI controller> mem 0x7e204000-0x7e2041ff irq 11 on simplebus0
spibus0: <OFW SPI bus> on spi0
spibus0: <unknown card> at cs 0 mode 0
spibus0: <unknown card> at cs 1 mode 0
iichb0: <BCM2708/2835 BSC controller> mem 0x7e804000-0x7e804fff irq 19 on simplebus0
bcm283x_dwcotg0: <DWC OTG 2.0 integrated USB controller (bcm283x)> mem 0x7e980000-0x7e98ffff,0x7e006000-0x7e006fff irq 21,20
usbus0 on bcm283x_dwcotg0
bcm_dma0: <BCM2835 DMA Controller> mem 0x7e007000-0x7e007eff irq 23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38 on simpleb0
bcmwd0: <BCM2708/2835 Watchdog> mem 0x7e100000-0x7e100113,0x7e00a000-0x7e00a023 on simplebus0
bcmrng0: <Broadcom BCM2835 RNG> mem 0x7e104000-0x7e10400f irq 40 on simplebus0
sdhci_bcm0: <Broadcom 2708 SDHCI controller> mem 0x7e300000-0x7e3000ff irq 48 on simplebus0
mmc0: <MMC/SD bus> on sdhci_bcm0
fb0: <BCM2835 VT framebuffer driver> on simplebus0
fbd0 on fb0
VT: Replacing driver "efifb" with new "fb".
fb0: 656x416(656x416@0,0) 24bpp
fb0: fbswap: 1, pitch 1968, base 0x3eb33000, screen_size 818688
pmu0: <Performance Monitoring Unit> irq 0 on ofwbus0
cpulist0: <Open Firmware CPU Group> on ofwbus0
cpu0: <Open Firmware CPU> on cpulist0
bcm2835_cpufreq0: <CPU Frequency Control> on cpu0
cpu1: <Open Firmware CPU> on cpulist0
cpu2: <Open Firmware CPU> on cpulist0
cpu3: <Open Firmware CPU> on cpulist0
gpioled0: <GPIO LEDs> on ofwbus0
gpioled0: <led0> failed to map pin
gpioled0: <led1> failed to map pin
cryptosoft0: <software crypto>
Timecounters tick every 1.000 msec
usbus0: 480Mbps High Speed USB v2.0
iicbus0: <OFW I2C bus> on iichb0
iic0: <I2C generic I/O> on iicbus0
ugen0.1: <DWCOTG OTG Root HUB> at usbus0
uhub0: <DWCOTG OTG Root HUB, class 9/0, rev 2.00/1.00, addr 1> on usbus0
mmcsd0: 16GB <SDHC SL16G 8.0 SN 682835FD MFG 04/2016 by 3 SD> at mmc0 50.0MHz/4bit/65535-block
bcm2835_cpufreq0: ARM 600MHz, Core 250MHz, SDRAM 400MHz, Turbo OFF
uhub0: 1 port with 1 removable, self powered
Release APs...done
CPU  0: ARM Cortex-A53 r0p4 affinity:  0
Trying to mount root from ufs:/dev/ufs/OPNsense [rw]...
 Instruction Set Attributes 0 = <CRC32>
 Instruction Set Attributes 1 = <>
         Processor Features 0 = <AdvSIMD,Float,EL3 32,EL2 32,EL1 32,EL0 32>
         Processor Features 1 = <0>
      Memory Model Features 0 = <4k Granule,64k Granule,S/NS Mem,MixedEndian,16bit ASID,1TB PA>
      Memory Model Features 1 = <>
      Memory Model Features 2 = <32b CCIDX,48b VA>
             Debug Features 0 = <2 CTX Breakpoints,4 Watchpoints,6 Breakpoints,PMUv3,Debug v8>
             Debug Features 1 = <0>
         Auxiliary Features 0 = <0>
         Auxiliary Features 1 = <0>
CPU  1: ARM Cortex-A53 r0p4 affinity:  1
CPU  2: ARM Cortex-A53 r0p4 affinity:  2
CPU  3: ARM Cortex-A53 r0p4 affinity:  3
Warning: no time-of-day clock registered, system time will not be set accurately
lo0: link state changed to UP
pflog0: promiscuous mode enabled
pflog0: promiscuous mode disabled
pflog0: promiscuous mode enabled
pflog0: promiscuous mode disabled
pflog0: promiscuous mode enabled

and

Code: [Select]
usbconfig
ugen0.1: <DWCOTG OTG Root HUB> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA)

Fun fact: If you choose "reboot" the install never comes back (tried about 20 times), but stops before booting

Code: [Select]
*** OPNsense.localdomain: OPNsense 21.1_25 (aarch64/OpenSSL) ***

        No network interfaces are assigned.

  0) Logout                              7) Ping host
  1) Assign interfaces                   8) Shell
  2) Set interface IP address            9) pfTop
  3) Reset the root password            10) Firewall log
  4) Reset to factory defaults          11) Reload all services
  5) Power off system                   12) Update from console
  6) Reboot system                      13) Restore a backup

Enter an option: 6

The system will reboot. Do you want to proceed? [y/N]: y

>>> Invoking stop script 'beep'
>>> Invoking stop script 'freebsd'
>>> Invoking stop script 'backup'
>>> Invoking backup script 'captiveportal'
>>> Invoking backup script 'dhcpleases'
>>> Invoking backup script 'duid'
>>> Invoking backup script 'netflow'
>>> Invoking backup script 'rrd'
>>> Invoking stop script 'config'
shutdown: [pid 9305]
Shutdown NOW!
Consoles: EFI console 
    Reading loader env vars from /efi/freebsd/loader.env
Setting currdev to disk0p1:
FreeBSD/arm64 EFI loader, Revision 1.1
(Thu Jan  7 07:14:48 UTC 2021 root@releng1.nyi.freebsd.org)

   Command line arguments: loader.efi
   Image base: 0x39e16000
   EFI version: 2.80
   EFI Firmware: Das U-Boot (rev 8224.4096)
   Console: comconsole (0)
   Load Path: /efi\boot\bootaa64.efi
   Load Device: /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(2)/SD(0)/HD(1,0x01,0,0x800,0x10000)
Trying ESP: /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(2)/SD(0)/HD(1,0x01,0,0x800,0x10000)
Setting currdev to disk0p1:
Trying: /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(2)/SD(0)/HD(2,0x01,0,0x10800,0x3ef800)
Setting currdev to disk0p2:
Loading /boot/defaults/loader.conf
Loading /boot/device.hints
Loading /boot/loader.conf
Loading /boot/loader.conf.local
[H[J[4;46H uKOS2qsmkfe38kEuXLimP+7XoBiuIt5k[5;46H BMHardenedBSDxfOL9QwvfA6yxGHkNMG[6;46H 2I7ADmw7Mp/P8Y4wjnBFDNKvNzdZa/uu[5
[25;0H[23;4HAutoboot in 2 seconds, hit [Enter] to boot or any other key to stop     
[25;0H[23;4HAutoboot in 1 seconds, hit [Enter] to boot or any other key to stop     
[25;0H[23;4HAutoboot in 0 seconds, hit [Enter] to boot or any other key to stop     
[25;0HLoading kernel...
/boot/kernel/kernel text=0x9857d0 data=0x19b1f0+0x7a3084 syms=[0x8+0x142260+0x8+0x12dbac]
Loading configured modules...
/boot/kernel/pflog.ko text=0xfb0 text=0x830 data=0x10148 syms=[0x8+0x9f0+0x8+0x716]
loading required module 'pf'
/boot/kernel/pf.ko text=0x6061 text=0x2cb90 data=0x10490+0xfd38 syms=[0x8+0x4170+0x8+0x308c]
/boot/kernel/if_enc.ko text=0x1602 text=0x8d0 data=0x10168 syms=[0x8+0xc90+0x8+0xb66]
/boot/kernel/pfsync.ko text=0x2e14 text=0x6ad0 data=0x102e8+0xfd20 syms=[0x8+0x1758+0x8+0x10f0]
/boot/kernel/carp.ko text=0x34c0 text=0x63d0 data=0x10258+0xfdf0 syms=[0x8+0x1980+0x8+0x121f]
/boot/kernel/if_bridge.ko text=0x351e text=0x69a0 data=0x10428+0xfbe0 syms=[0x8+0x1a40+0x8+0x14a3]
loading required module 'bridgestp'
/boot/kernel/bridgestp.ko text=0xe44 text=0x402c data=0x170 data=0x158+0x28 syms=[0x8+0xb10+0x8+0x690]
/boot/kernel/if_tap.ko text=0x2613 text=0x2b90 data=0x10160+0xff18 syms=[0x8+0x1260+0x8+0xbc4]
/boot/kernel/if_lagg.ko text=0x35c0 text=0x7c30 data=0x10440+0xfbc8 syms=[0x8+0x1a70+0x8+0x1325]
/boot/kernel/if_gre.ko text=0x2458 text=0x4640 data=0x10228+0xfe18 syms=[0x8+0x1668+0x8+0xf17]
/boot/entropy size=0x1000
Using DTB provided by EFI at 0x7ef5000.
EFI framebuffer information:
addr, size     0x3eaf0000, 0x10a800
dimensions     656 x 416
stride         656
masks          0x00ff0000, 0x0000ff00, 0x000000ff, 0xff000000
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: chemlud on March 18, 2021, 02:14:19 pm
@yrzr

https://ftp.yrzr.tk/opnsense/build/21.1/aarch64/images/

latest image is a vm thingy (vmdk.lzo), how to make an .img out of this? ;-)
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: korhojoa on March 18, 2021, 02:59:38 pm
@yrzr

https://ftp.yrzr.tk/opnsense/build/21.1/aarch64/images/

latest image is a vm thingy (vmdk.lzo), how to make an .img out of this? ;-)

I just run it on ESXi. Works nice on a Pi4. Use vmkfstools -i image-in.vmdk -d thin image-out.vmdk to make esxi happy.

If you want to convert it to something else,qemu-img is helpful.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: chemlud on March 18, 2021, 03:01:07 pm
No esxi, no pi4 :-p
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: abal on March 18, 2021, 06:37:37 pm
@korhojoa,

I just run it on ESXi. Works nice on a Pi4. Use vmkfstools -i image-in.vmdk -d thin image-out.vmdk to make esxi happy.

If you want to convert it to something else,qemu-img is helpful.

Do you have a working image for PI4? Can you share your config file? Or any steps, how to make it working on it? My image is just not booting :(

Thanks!
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: abal on March 19, 2021, 09:48:24 am
Unfortunately I do not have VMWare on my machine, only HyperV. I've tried to convert the vmdk to img (raw) using qemu-img, but it failed right at the beginning :(

qemu-img: error while writing sector 0: Input/output error

@korhojoa, if you could share your img file, that could help me a lot!

Thanks!
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: korhojoa on March 19, 2021, 11:26:35 am
Unfortunately I do not have VMWare on my machine, only HyperV. I've tried to convert the vmdk to img (raw) using qemu-img, but it failed right at the beginning :(

qemu-img: error while writing sector 0: Input/output error

@korhojoa, if you could share your img file, that could help me a lot!

Thanks!

Hyper-V doesn't run on Windows on the Pi4, afaik, so are you trying to run a aarch64 os on a non-aarch64-platform or do you have a actual ARM device you're trying to run Hyper-V on?
I'm not going to put it anywhere, but just doing
Code: [Select]
$ qemu-img -V
qemu-img version 5.2.0 (Debian 1:5.2+dfsg-6)
Copyright (c) 2003-2020 Fabrice Bellard and the QEMU Project developers
$ qemu-img convert OPNsense-21.1.3-OpenSSL-vm-aarch64.vmdk -O raw OPNsense-21.1.3-OpenSSL-vm-aarch64.img
worked fine for me. Again, note: not running it on a Pi natively, but virtualized.

ESXi that I'm running it on is the arm fling for Pi 4: https://flings.vmware.com/esxi-arm-edition

Important note though, if you downloaded the compressed version and are trying to use it without decompressing it first, well, you're going to have a problem.
hint:
Code: [Select]
lzop -d file.lzo
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: abal on March 19, 2021, 02:20:18 pm
@korhojoa,

Thank you for your answer. I'm having a PI4 (real device), for what I would like to create an image, what I can then copy to SD card and boot my PI from it. So, I need to convert the VMDK somehow to a format, I can copy to SD card.

I'm running on a win10 machine, so my qemu-img was also for win64 (v2.3). Ok, then I'll try to convert it on a linux machine (I already have a debian vm), hopefully it will work.

BTW: I've downloaded the VMDK directly, not the compressed one.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: yrzr on March 25, 2021, 06:43:43 am
Hi abal,

Sorry to tell you that RPI4 is not supported yet. You can find the reason here (https://www.yrzr.tk/opnsense-images-for-aarch64/#4-rpis).

Hi yrzr,

I'm trying to deploy your image on RPI4 (Model B 4GB), but unfortunately it is not booting. It stops at point:

Code: [Select]
Using DTB provided by EFI at 0x7ef0000.
EFI framebuffer information:
addr, size     0x3eac2000, 0x103000
dimensions     592 x 448
stride         592
masks          0x00ff0000, 0x0000ff00, 0x000000ff, 0xff000000

No other messages ... Can you or someone give me any info, what to check or how to continue?
I'm using the following config (connected through UART):
Code: [Select]
arm_64bit=1
dtoverlay=disable-bt
dtoverlay=mmc
device_tree_address=0x4000
kernel=u-boot.bin
armstub=armstub8-gic.bin
hdmi_safe=1
enable_uart=1
uart_2ndstage=1

I've also attached the whole boot log.

Thanks!

@chemlud Thanks for your great news.

I have figured out that the problem of boot failure after the second boot issue is caused by the `hw.uart.console` configuration in /boot/loader.conf. As it is auto-generated by opnsense, modification on /boot/loader.conf will be flushed. You can add `hw.uart.console=""` in /boot/loader.conf.local as a temporarily solution.

I have recently built a version 21.1 test image (https://ftp.yrzr.tk/opnsense/build/21.1/aarch64/images/) for rpi3 (may also work on rpi4).

Feel free to try it, and don't forget to modify config.txt before the first run ;).

Edited config.txt and opnsense up and running, but no Interfaces detected, not the built-in RJ45, not the wifi, not the USB2-RJ45. All hardware OK, as everything works as expected with opensuse Leap on the raspi 3b (not 3b+). I tried with raspi 3 config.txt, with 64bit version etc. and added uart=1 to have serial consol over GPIO.

Did anybody get this running?

PS: some info

Code: [Select]
dmesg
---<<BOOT>>---
KDB: debugger backends: ddb
KDB: current backend: ddb
Copyright (c) 2013-2019 The HardenedBSD Project.
Copyright (c) 1992-2019 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
        The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 12.1-RELEASE-p13-HBSD #0  5a4151730(stable/21.1)-dirty: Fri Jan  8 01:33:30 UTC 2021
    root@generic:/usr/obj/usr/src/arm64.aarch64/sys/SMP-ARM arm64
FreeBSD clang version 8.0.1 (tags/RELEASE_801/final 366581) (based on LLVM 8.0.1)
VT(efifb): resolution 656x416
HardenedBSD: initialize and check features (__HardenedBSD_version 1200059 __FreeBSD_version 1201000).
Starting CPU 1 (1)
Starting CPU 2 (2)
Starting CPU 3 (3)
FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs
random: unblocking device.
random: entropy device external interface
MAP 39f47000 mode 2 pages 1
MAP 39f4b000 mode 2 pages 3
MAP 39f4f000 mode 2 pages 4
MAP 3b360000 mode 2 pages 16
MAP 3f100000 mode 1 pages 1
000.000021 [4336] netmap_init               netmap: loaded module
kbd0 at kbdmux0
ofwbus0: <Open Firmware Device Tree>
simplebus0: <Flattened device tree simple bus> on ofwbus0
ofw_clkbus0: <OFW clocks bus> on ofwbus0
clk_fixed0: <Fixed clock> on ofw_clkbus0
clk_fixed1: <Fixed clock> on ofw_clkbus0
regfix0: <Fixed Regulator> on ofwbus0
regfix1: <Fixed Regulator> on ofwbus0
simple_mfd0: <Simple MFD (Multi-Functions Device)> on simplebus0
ofw_clkbus1: <OFW clocks bus> on simple_mfd0
psci0: <ARM Power State Co-ordination Interface Driver> on ofwbus0
lintc0: <BCM2836 Interrupt Controller> mem 0x40000000-0x400000ff on simplebus0
intc0: <BCM2835 Interrupt Controller> mem 0x7e00b200-0x7e00b3ff irq 39 on simplebus0
gpio0: <BCM2708/2835 GPIO controller> mem 0x7e200000-0x7e2000b3 irq 7,8 on simplebus0
gpiobus0: <OFW GPIO bus> on gpio0
generic_timer0: <ARMv7 Generic Timer> irq 1,2,3,4 on ofwbus0
Timecounter "ARM MPCore Timecounter" frequency 19200000 Hz quality 1000
Event timer "ARM MPCore Eventtimer" frequency 19200000 Hz quality 1000
usb_nop_xceiv0: <USB NOP PHY> on ofwbus0
mbox0: <BCM2835 VideoCore Mailbox> mem 0x7e00b880-0x7e00b8bf irq 6 on simplebus0
gpioc0: <GPIO controller> on gpio0
uart0: <PrimeCell UART (PL011)> mem 0x7e201000-0x7e2011ff irq 9 on simplebus0
uart0: console (115200,n,8,1)
spi0: <BCM2708/2835 SPI controller> mem 0x7e204000-0x7e2041ff irq 11 on simplebus0
spibus0: <OFW SPI bus> on spi0
spibus0: <unknown card> at cs 0 mode 0
spibus0: <unknown card> at cs 1 mode 0
iichb0: <BCM2708/2835 BSC controller> mem 0x7e804000-0x7e804fff irq 19 on simplebus0
bcm283x_dwcotg0: <DWC OTG 2.0 integrated USB controller (bcm283x)> mem 0x7e980000-0x7e98ffff,0x7e006000-0x7e006fff irq 21,20
usbus0 on bcm283x_dwcotg0
bcm_dma0: <BCM2835 DMA Controller> mem 0x7e007000-0x7e007eff irq 23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38 on simpleb0
bcmwd0: <BCM2708/2835 Watchdog> mem 0x7e100000-0x7e100113,0x7e00a000-0x7e00a023 on simplebus0
bcmrng0: <Broadcom BCM2835 RNG> mem 0x7e104000-0x7e10400f irq 40 on simplebus0
sdhci_bcm0: <Broadcom 2708 SDHCI controller> mem 0x7e300000-0x7e3000ff irq 48 on simplebus0
mmc0: <MMC/SD bus> on sdhci_bcm0
fb0: <BCM2835 VT framebuffer driver> on simplebus0
fbd0 on fb0
VT: Replacing driver "efifb" with new "fb".
fb0: 656x416(656x416@0,0) 24bpp
fb0: fbswap: 1, pitch 1968, base 0x3eb33000, screen_size 818688
pmu0: <Performance Monitoring Unit> irq 0 on ofwbus0
cpulist0: <Open Firmware CPU Group> on ofwbus0
cpu0: <Open Firmware CPU> on cpulist0
bcm2835_cpufreq0: <CPU Frequency Control> on cpu0
cpu1: <Open Firmware CPU> on cpulist0
cpu2: <Open Firmware CPU> on cpulist0
cpu3: <Open Firmware CPU> on cpulist0
gpioled0: <GPIO LEDs> on ofwbus0
gpioled0: <led0> failed to map pin
gpioled0: <led1> failed to map pin
cryptosoft0: <software crypto>
Timecounters tick every 1.000 msec
usbus0: 480Mbps High Speed USB v2.0
iicbus0: <OFW I2C bus> on iichb0
iic0: <I2C generic I/O> on iicbus0
ugen0.1: <DWCOTG OTG Root HUB> at usbus0
uhub0: <DWCOTG OTG Root HUB, class 9/0, rev 2.00/1.00, addr 1> on usbus0
mmcsd0: 16GB <SDHC SL16G 8.0 SN 682835FD MFG 04/2016 by 3 SD> at mmc0 50.0MHz/4bit/65535-block
bcm2835_cpufreq0: ARM 600MHz, Core 250MHz, SDRAM 400MHz, Turbo OFF
uhub0: 1 port with 1 removable, self powered
Release APs...done
CPU  0: ARM Cortex-A53 r0p4 affinity:  0
Trying to mount root from ufs:/dev/ufs/OPNsense [rw]...
 Instruction Set Attributes 0 = <CRC32>
 Instruction Set Attributes 1 = <>
         Processor Features 0 = <AdvSIMD,Float,EL3 32,EL2 32,EL1 32,EL0 32>
         Processor Features 1 = <0>
      Memory Model Features 0 = <4k Granule,64k Granule,S/NS Mem,MixedEndian,16bit ASID,1TB PA>
      Memory Model Features 1 = <>
      Memory Model Features 2 = <32b CCIDX,48b VA>
             Debug Features 0 = <2 CTX Breakpoints,4 Watchpoints,6 Breakpoints,PMUv3,Debug v8>
             Debug Features 1 = <0>
         Auxiliary Features 0 = <0>
         Auxiliary Features 1 = <0>
CPU  1: ARM Cortex-A53 r0p4 affinity:  1
CPU  2: ARM Cortex-A53 r0p4 affinity:  2
CPU  3: ARM Cortex-A53 r0p4 affinity:  3
Warning: no time-of-day clock registered, system time will not be set accurately
lo0: link state changed to UP
pflog0: promiscuous mode enabled
pflog0: promiscuous mode disabled
pflog0: promiscuous mode enabled
pflog0: promiscuous mode disabled
pflog0: promiscuous mode enabled

and

Code: [Select]
usbconfig
ugen0.1: <DWCOTG OTG Root HUB> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA)

Fun fact: If you choose "reboot" the install never comes back (tried about 20 times), but stops before booting

Code: [Select]
*** OPNsense.localdomain: OPNsense 21.1_25 (aarch64/OpenSSL) ***

        No network interfaces are assigned.

  0) Logout                              7) Ping host
  1) Assign interfaces                   8) Shell
  2) Set interface IP address            9) pfTop
  3) Reset the root password            10) Firewall log
  4) Reset to factory defaults          11) Reload all services
  5) Power off system                   12) Update from console
  6) Reboot system                      13) Restore a backup

Enter an option: 6

The system will reboot. Do you want to proceed? [y/N]: y

>>> Invoking stop script 'beep'
>>> Invoking stop script 'freebsd'
>>> Invoking stop script 'backup'
>>> Invoking backup script 'captiveportal'
>>> Invoking backup script 'dhcpleases'
>>> Invoking backup script 'duid'
>>> Invoking backup script 'netflow'
>>> Invoking backup script 'rrd'
>>> Invoking stop script 'config'
shutdown: [pid 9305]
Shutdown NOW!
Consoles: EFI console 
    Reading loader env vars from /efi/freebsd/loader.env
Setting currdev to disk0p1:
FreeBSD/arm64 EFI loader, Revision 1.1
(Thu Jan  7 07:14:48 UTC 2021 root@releng1.nyi.freebsd.org)

   Command line arguments: loader.efi
   Image base: 0x39e16000
   EFI version: 2.80
   EFI Firmware: Das U-Boot (rev 8224.4096)
   Console: comconsole (0)
   Load Path: /efi\boot\bootaa64.efi
   Load Device: /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(2)/SD(0)/HD(1,0x01,0,0x800,0x10000)
Trying ESP: /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(2)/SD(0)/HD(1,0x01,0,0x800,0x10000)
Setting currdev to disk0p1:
Trying: /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(2)/SD(0)/HD(2,0x01,0,0x10800,0x3ef800)
Setting currdev to disk0p2:
Loading /boot/defaults/loader.conf
Loading /boot/device.hints
Loading /boot/loader.conf
Loading /boot/loader.conf.local
[H[J[4;46H uKOS2qsmkfe38kEuXLimP+7XoBiuIt5k[5;46H BMHardenedBSDxfOL9QwvfA6yxGHkNMG[6;46H 2I7ADmw7Mp/P8Y4wjnBFDNKvNzdZa/uu[5
[25;0H[23;4HAutoboot in 2 seconds, hit [Enter] to boot or any other key to stop     
[25;0H[23;4HAutoboot in 1 seconds, hit [Enter] to boot or any other key to stop     
[25;0H[23;4HAutoboot in 0 seconds, hit [Enter] to boot or any other key to stop     
[25;0HLoading kernel...
/boot/kernel/kernel text=0x9857d0 data=0x19b1f0+0x7a3084 syms=[0x8+0x142260+0x8+0x12dbac]
Loading configured modules...
/boot/kernel/pflog.ko text=0xfb0 text=0x830 data=0x10148 syms=[0x8+0x9f0+0x8+0x716]
loading required module 'pf'
/boot/kernel/pf.ko text=0x6061 text=0x2cb90 data=0x10490+0xfd38 syms=[0x8+0x4170+0x8+0x308c]
/boot/kernel/if_enc.ko text=0x1602 text=0x8d0 data=0x10168 syms=[0x8+0xc90+0x8+0xb66]
/boot/kernel/pfsync.ko text=0x2e14 text=0x6ad0 data=0x102e8+0xfd20 syms=[0x8+0x1758+0x8+0x10f0]
/boot/kernel/carp.ko text=0x34c0 text=0x63d0 data=0x10258+0xfdf0 syms=[0x8+0x1980+0x8+0x121f]
/boot/kernel/if_bridge.ko text=0x351e text=0x69a0 data=0x10428+0xfbe0 syms=[0x8+0x1a40+0x8+0x14a3]
loading required module 'bridgestp'
/boot/kernel/bridgestp.ko text=0xe44 text=0x402c data=0x170 data=0x158+0x28 syms=[0x8+0xb10+0x8+0x690]
/boot/kernel/if_tap.ko text=0x2613 text=0x2b90 data=0x10160+0xff18 syms=[0x8+0x1260+0x8+0xbc4]
/boot/kernel/if_lagg.ko text=0x35c0 text=0x7c30 data=0x10440+0xfbc8 syms=[0x8+0x1a70+0x8+0x1325]
/boot/kernel/if_gre.ko text=0x2458 text=0x4640 data=0x10228+0xfe18 syms=[0x8+0x1668+0x8+0xf17]
/boot/entropy size=0x1000
Using DTB provided by EFI at 0x7ef5000.
EFI framebuffer information:
addr, size     0x3eaf0000, 0x10a800
dimensions     656 x 416
stride         656
masks          0x00ff0000, 0x0000ff00, 0x000000ff, 0xff000000
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: yrzr on March 25, 2021, 06:46:16 am
I have updated the images. You can find them in https://ftp.yrzr.tk/opnsense/FreeBSD%3A12%3Aaarch64/21.1/images/.

@yrzr

https://ftp.yrzr.tk/opnsense/build/21.1/aarch64/images/

latest image is a vm thingy (vmdk.lzo), how to make an .img out of this? ;-)
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: chemlud on March 25, 2021, 09:38:30 am
I have updated the images. You can find them in https://ftp.yrzr.tk/opnsense/FreeBSD%3A12%3Aaarch64/21.1/images/.

@yrzr

https://ftp.yrzr.tk/opnsense/build/21.1/aarch64/images/

latest image is a vm thingy (vmdk.lzo), how to make an .img out of this? ;-)

Many thanks! Will give it a try and report back :-)
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: chemlud on March 25, 2021, 03:10:46 pm
As I wrote above, I can only boot from USB-stick (SD-slot broken), this works fine for the first boot, but after importing the config.xml via GUI the reboot fails completely:

Code: [Select]
Raspberry Pi Bootcode
Read File: config.txt, 171
Read File: start.elf, 2857060 (bytes)
Read File: fixup.dat, 6666 (bytes)
MESS:00:00:09.099525:0: brfs: File read: /mfs/sd/config.txt
MESS:00:00:09.103786:0: brfs: File read: 171 bytes
MESS:00:00:09.146340:0: HDMI:EDID error reading EDID block 0 attempt 0
MESS:00:00:09.152417:0: HDMI:EDID error reading EDID block 0 attempt 1
MESS:00:00:09.158661:0: HDMI:EDID error reading EDID block 0 attempt 2
MESS:00:00:09.164911:0: HDMI:EDID error reading EDID block 0 attempt 3
MESS:00:00:09.171161:0: HDMI:EDID error reading EDID block 0 attempt 4
MESS:00:00:09.177412:0: HDMI:EDID error reading EDID block 0 attempt 5
MESS:00:00:09.183661:0: HDMI:EDID error reading EDID block 0 attempt 6
MESS:00:00:09.189911:0: HDMI:EDID error reading EDID block 0 attempt 7
MESS:00:00:09.196162:0: HDMI:EDID error reading EDID block 0 attempt 8
MESS:00:00:09.202411:0: HDMI:EDID error reading EDID block 0 attempt 9
MESS:00:00:09.208424:0: HDMI:EDID giving up on reading EDID block 0
MESS:00:00:09.296678:0: brfs: File read: /mfs/sd/config.txt
MESS:00:00:09.300808:0: HDMI:Setting property pixel encoding to Default
MESS:00:00:09.306887:0: HDMI:Setting property pixel clock type to PAL
MESS:00:00:09.313050:0: HDMI:Setting property content type flag to No data
MESS:00:00:09.319647:0: HDMI:Setting property fuzzy format match to enabled
MESS:00:00:09.326423:0: gpioman: gpioman_get_pin_num: pin LEDS_PWR_OK not defined
MESS:00:00:09.529779:0: gpioman: gpioman_get_pin_num: pin DISPLAY_DSI_PORT not defined
MESS:00:00:09.537232:0: gpioman: gpioman_get_pin_num: pin LEDS_PWR_OK not defined
MESS:00:00:09.543495:0: hdmi: HDMI:hdmi_get_state is deprecated, use hdmi_get_display_state instead
MESS:00:00:09.551983:0: hdmi: HDMI:>>>>>>>>>>>>>Rx sensed, reading EDID<<<<<<<<<<<<<
MESS:00:00:09.559728:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 0
MESS:00:00:09.567461:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 1
MESS:00:00:09.574227:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 2
MESS:00:00:09.580997:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 3
MESS:00:00:09.587769:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 4
MESS:00:00:09.594540:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 5
MESS:00:00:09.601309:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 6
MESS:00:00:09.608080:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 7
MESS:00:00:09.614852:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 8
MESS:00:00:09.621623:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 9
MESS:00:00:09.628156:0: hdmi: HDMI:EDID giving up on reading EDID block 0
MESS:00:00:09.633671:0: hdmi: HDMI: No lookup table for resolution group 0
MESS:00:00:09.640256:0: hdmi: HDMI: hotplug attached with DVI support
MESS:00:00:09.646433:0: hdmi: HDMI:hdmi_get_state is deprecated, use hdmi_get_display_state instead
MESS:00:00:09.655467:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 0
MESS:00:00:09.663202:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 1
MESS:00:00:09.669974:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 2
MESS:00:00:09.676745:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 3
MESS:00:00:09.683514:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 4
MESS:00:00:09.690285:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 5
MESS:00:00:09.697057:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 6
MESS:00:00:09.703827:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 7
MESS:00:00:09.710599:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 8
MESS:00:00:09.717370:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 9
MESS:00:00:09.723904:0: hdmi: HDMI:EDID giving up on reading EDID block 0
MESS:00:00:09.729675:0: hdmi: HDMI: hotplug deassert
MESS:00:00:09.734090:0: hdmi: HDMI: HDMI is currently off
MESS:00:00:09.739211:0: hdmi: HDMI: changing mode to unplugged
MESS:00:00:09.744776:0: hdmi: HDMI:hdmi_get_state is deprecated, use hdmi_get_display_state instead
MESS:00:00:09.754204:0: *** Restart logging
MESS:00:00:09.757451:0: brfs: File read: 171 bytes
MESS:00:00:09.820882:0: Failed to open command line file 'cmdline.txt'
MESS:00:00:09.952018:0: brfs: File read: /mfs/sd/armstub8.bin
MESS:00:00:09.956065:0: Loading 'armstub8.bin' to 0x0 size 0x1700
MESS:00:00:09.961909:0: brfs: File read: 5888 bytes
MESS:00:00:10.161173:0: brfs: File read: /mfs/sd/u-boot.bin
MESS:00:00:10.165050:0: Loading 'u-boot.bin' to 0x80000 size 0x78b50
MESS:00:00:10.175460:0: No kernel trailer - assuming DT-capable
MESS:00:00:10.179702:0: brfs: File read: 494416 bytes
MESS:00:00:10.254058:0: brfs: File read: /mfs/sd/bcm2710-rpi-3-b.dtb
MESS:00:00:10.258712:0: Loading 'bcm2710-rpi-3-b.dtb' to 0xf8b50 size 0x62df
MESS:00:00:10.404699:0: brfs: File read: 25311 bytes
MESS:00:00:10.450208:0: brfs: File read: /mfs/sd/config.txt
MESS:00:00:10.454102:0: dtparam: audio=on
MESS:00:00:10.476678:0: dtparam: i2c_arm=on
MESS:00:00:10.495792:0: dtparam: spi=on
MESS:00:00:10.512405:0: brfs: File read: 171 bytes
MESS:00:00:10.847009:0: brfs: File read: /mfs/sd/overlays/mmc.dtbo
MESS:00:00:10.868936:0: Loaded overlay 'mmc'
MESS:00:00:10.919659:0: brfs: File read: 1099 bytes
MESS:00:00:11.397723:0: brfs: File read: /mfs/sd/overlays/pwm.dtbo
MESS:00:00:11.414949:0: Loaded overlay 'pwm'
MESS:00:00:11.452197:0: brfs: File read: 946 bytes
MESS:00:00:11.719752:0: brfs: File read: /mfs/sd/overlays/disable-bt.dtbo
MESS:00:00:11.743774:0: dterror: can't find symbol 'bt'
MESS:00:00:11.747305:0: Failed to resolve overlay 'disable-bt'
MESS:00:00:12.908149:0: gpioman: gpioman_get_pin_num: pin EMMC_ENABLE not defined
MESS:00:00:13.029436:0: Device tree loaded to 0x4000 (size 0x67aa)
MESS:00:00:13.035094:0: uart: Set PL011 baud rate to 103448.300000 Hz
MESS:00:00:13.041628:0: uart: Baud rate change done...
MESS:00:00:13.045056:0: uart: Baud rateMMC:   mmc@7e300000: 1
Loading Environment from FAT... Card did not respond to voltage select!
In:    serial
Out:   vidconsole
Err:   vidconsole
Net:   No ethernet found.
starting USB...
Bus usb@7e980000: scanning bus usb@7e980000 for devices... unable to get device descriptor (error=-110)
3 USB Device(s) found
       scanning usb for storage devices... 0 Storage Device(s) found
Hit any key to stop autoboot:  0
MMC Device 0 not found
no mmc device at slot 0
Card did not respond to voltage select!

Device 0: unknown device
missing environment variable: pxeuuid
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/01-b8-27-eb-16-56-a8
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/00000000
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/0000000
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/000000
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/00000
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/0000
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/000
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/00
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/0
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/default-arm-bcm283x-rpi
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/default-arm-bcm283x
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/default-arm
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/default
Config file not found
U-Boot>   
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: yrzr on March 26, 2021, 01:15:53 pm
Well, It seems to be some booting problem. Did you change anything else in the first partition?

The booting sequence should be on-chip ROM -> firmware(bootcode.bin -> start.elf) -> u-boot.bin (defined in config.txt,"kernel=u-boot.bin") -> EFI (efi/boot/bootaa64.efi) -> OPNsense kernel (/boot/kernel/kernel).

I think you get some problems between u-boot.bin -> EFI.

Here is the entire boot log for my RPI3+:

Code: [Select]
Raspberry Pi Bootcode
Read File: config.txt, 171
Read File: start.elf, 2857060 (bytes)
Read File: fixup.dat, 6666 (bytes)
MESS:00:00:01.056002:0: brfs: File read: /mfs/sd/config.txt
MESS:00:00:01.060264:0: brfs: File read: 171 bytes
MESS:00:00:01.074138:0: HDMI:EDID error reading EDID block 0 attempt 0
MESS:00:00:01.080209:0: HDMI:EDID error reading EDID block 0 attempt 1
MESS:00:00:01.086459:0: HDMI:EDID error reading EDID block 0 attempt 2
MESS:00:00:01.092709:0: HDMI:EDID error reading EDID block 0 attempt 3
MESS:00:00:01.098959:0: HDMI:EDID error reading EDID block 0 attempt 4
MESS:00:00:01.105209:0: HDMI:EDID error reading EDID block 0 attempt 5
MESS:00:00:01.111459:0: HDMI:EDID error reading EDID block 0 attempt 6
MESS:00:00:01.117709:0: HDMI:EDID error reading EDID block 0 attempt 7
MESS:00:00:01.123959:0: HDMI:EDID error reading EDID block 0 attempt 8
MESS:00:00:01.130209:0: HDMI:EDID error reading EDID block 0 attempt 9
MESS:00:00:01.136222:0: HDMI:EDID giving up on reading EDID block 0
MESS:00:00:01.156338:0: brfs: File read: /mfs/sd/config.txt
MESS:00:00:01.160469:0: HDMI:Setting property pixel encoding to Default
MESS:00:00:01.166548:0: HDMI:Setting property pixel clock type to PAL
MESS:00:00:01.172711:0: HDMI:Setting property content type flag to No data
MESS:00:00:01.179308:0: HDMI:Setting property fuzzy format match to enabled
MESS:00:00:01.407853:0: gpioman: gpioman_get_pin_num: pin DISPLAY_DSI_PORT not defined
MESS:00:00:01.415330:0: hdmi: HDMI:hdmi_get_state is deprecated, use hdmi_get_display_state instead
MESS:00:00:01.422845:0: hdmi: HDMI:>>>>>>>>>>>>>Rx sensed, reading EDID<<<<<<<<<<<<<
MESS:00:00:01.430591:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 0
MESS:00:00:01.438324:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 1
MESS:00:00:01.445089:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 2
MESS:00:00:01.451860:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 3
MESS:00:00:01.458632:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 4
MESS:00:00:01.465402:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 5
MESS:00:00:01.472172:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 6
MESS:00:00:01.478944:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 7
MESS:00:00:01.485714:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 8
MESS:00:00:01.492485:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 9
MESS:00:00:01.499019:0: hdmi: HDMI:EDID giving up on reading EDID block 0
MESS:00:00:01.504534:0: hdmi: HDMI: No lookup table for resolution group 0
MESS:00:00:01.511118:0: hdmi: HDMI: hotplug attached with DVI support
MESS:00:00:01.517297:0: hdmi: HDMI:hdmi_get_state is deprecated, use hdmi_get_display_state instead
MESS:00:00:01.526330:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 0
MESS:00:00:01.534065:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 1
MESS:00:00:01.540836:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 2
MESS:00:00:01.547606:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 3
MESS:00:00:01.554378:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 4
MESS:00:00:01.561148:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 5
MESS:00:00:01.567919:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 6
MESS:00:00:01.574690:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 7
MESS:00:00:01.581461:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 8
MESS:00:00:01.588232:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 9
MESS:00:00:01.594767:0: hdmi: HDMI:EDID giving up on reading EDID block 0
MESS:00:00:01.600286:0: hdmi: HDMI: hotplug deassert
MESS:00:00:01.604952:0: hdmi: HDMI: HDMI is currently off
MESS:00:00:01.610073:0: hdmi: HDMI: changing mode to unplugged
MESS:00:00:01.615639:0: hdmi: HDMI:hdmi_get_state is deprecated, use hdmi_get_display_state instead
MESS:00:00:01.625853:0: *** Restart logging
MESS:00:00:01.628343:0: brfs: File read: 171 bytes
MESS:00:00:01.634030:0: Failed to open command line file 'cmdline.txt'
MESS:00:00:01.643603:0: brfs: File read: /mfs/sd/armstub8.bin
MESS:00:00:01.647652:0: Loading 'armstub8.bin' to 0x0 size 0x1700
MESS:00:00:01.653495:0: brfs: File read: 5888 bytes
MESS:00:00:01.690171:0: brfs: File read: /mfs/sd/u-boot.bin

>> FreeBSD EFI boot block
   Loader path: /boot/loader.efi

   Initializing modules: ZFS UFS
   Load Path: /efi\boot\bootaa64.efi
   Load Device: /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(1)/SD(0)/HD(1,0x01,0,0x800,0x10000)
   Probing 3 block devices.....* done
    ZFS found no pools
    UFS found 1 partition
    command args: -S115200 -D

Consoles: EFI console 
console comconsole is invalid!
Available consoles:
    efi
FreeBSD/arm64 EFI loader, Revision 1.1
(Sun Mar 21 06:55:21 HKT 2021 root@freebsd12)

   Command line arguments: loader.efi -S115200 -D
   EFI version: 2.70
   EFI Firmware: Das U-Boot (rev 8217.1792)
   Console: efi comconsole (0x20000000)
   Load Device: /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(1)/SD(0)/HD(2,0x01,0,0x10800,0x3b61800)
Trying ESP: /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(1)/SD(0)/HD(2,0x01,0,0x10800,0x3b61800)
Setting currdev to disk0p2:
Loading /boot/defaults/loader.conf
console vidconsole is invalid!
console comconsole is invalid!
no valid consoles!
Available consoles:
    efi
/boot/kernel/kernel text=0x97f068 data=0x19b1f0+0x7a3084 syms=[0x8+0x141c48+0x8+0x12dbbb]
/boot/entropy size=0x1000
/boot/kernel/carp.ko text=0x34c0 text=0x63d0 data=0x10258+0xfdf0 syms=[0x8+0x1980+0x8+0x121f]
/boot/kernel/if_bridge.ko text=0x351e text=0x69a0 data=0x10428+0xfbe0 syms=[0x8+0x1a40+0x8+0x14a3]
/boot/kernel/if_enc.ko text=0x1602 text=0x8d0 data=0x10168 syms=[0x8+0xc90+0x8+0xb66]
/boot/kernel/if_gre.ko text=0x2458 text=0x4640 data=0x10228+0xfe18 syms=[0x8+0x1668+0x8+0xf17]
/boot/kernel/if_lagg.ko text=0x35c0 text=0x7c30 data=0x10440+0xfbc8 syms=[0x8+0x1a70+0x8+0x1325]
/boot/kernel/if_tap.ko text=0x2613 text=0x2b90 data=0x10160+0xff18 syms=[0x8+0x1260+0x8+0xbc4]
/boot/kernel/pf.ko text=0x6061 text=0x2cb90 data=0x10490+0xfd38 syms=[0x8+0x4170+0x8+0x308c]
/boot/kernel/pflog.ko text=0xfb0 text=0x830 data=0x10148 syms=[0x8+0x9f0+0x8+0x716]
/boot/kernel/pfsync.ko text=0x2e14 text=0x6ad0 data=0x102e8+0xfd20 syms=[0x8+0x1758+0x8+0x10f0]

Hit [Enter] to boot immediately, or any other key for command prompt.
Booting [/boot/kernel/kernel]...               
Using DTB provided by EFI at 0x7ef6000.
EFI framebuffer information:
addr, size     0x3eaf0000, 0x10a800
dimensions     656 x 416
stride         656
masks          0x00ff0000, 0x0000ff00, 0x000000ff, 0xff000000
---<<BOOT>>---
KDB: debugger backends: ddb
KDB: current backend: ddb
Copyright (c) 2013-2019 The HardenedBSD Project.
Copyright (c) 1992-2019 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
        The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 12.1-RELEASE-p14-HBSD #0  e10a7efce(stable/21.1)-dirty: Sun Mar 21 08:00:57 HKT 2021
    root@freebsd12:/usr/obj/usr/src/arm64.aarch64/sys/SMP-ARM arm64
FreeBSD clang version 8.0.1 (tags/RELEASE_801/final 366581) (based on LLVM 8.0.1)
VT(efifb): resolution 656x416
HardenedBSD: initialize and check features (__HardenedBSD_version 1200059 __FreeBSD_version 1201000).
KLD file if_bridge.ko is missing dependencies
Starting CPU 1 (1)
Starting CPU 2 (2)
Starting CPU 3 (3)
FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs
random: unblocking device.
random: entropy device external interface
MAP 39f4a000 mode 2 pages 1
MAP 39f4f000 mode 2 pages 1
MAP 3b350000 mode 2 pages 16
MAP 3f100000 mode 1 pages 1
000.000021 [4336] netmap_init               netmap: loaded module
kbd0 at kbdmux0
ofwbus0: <Open Firmware Device Tree>
simplebus0: <Flattened device tree simple bus> on ofwbus0
ofw_clkbus0: <OFW clocks bus> on ofwbus0
clk_fixed0: <Fixed clock> on ofw_clkbus0
clk_fixed1: <Fixed clock> on ofw_clkbus0
regfix0: <Fixed Regulator> on ofwbus0
regfix1: <Fixed Regulator> on ofwbus0
psci0: <ARM Power State Co-ordination Interface Driver> on ofwbus0
lintc0: <BCM2836 Interrupt Controller> mem 0x40000000-0x400000ff on simplebus0
intc0: <BCM2835 Interrupt Controller> mem 0x7e00b200-0x7e00b3ff irq 20 on simplebus0
gpio0: <BCM2708/2835 GPIO controller> mem 0x7e200000-0x7e2000b3 irq 23,24 on simplebus0
gpiobus0: <OFW GPIO bus> on gpio0
generic_timer0: <ARMv7 Generic Timer> irq 0,1,2,3 on ofwbus0
Timecounter "ARM MPCore Timecounter" frequency 19200000 Hz quality 1000
Event timer "ARM MPCore Eventtimer" frequency 19200000 Hz quality 1000
usb_nop_xceiv0: <USB NOP PHY> on ofwbus0
bcm_dma0: <BCM2835 DMA Controller> mem 0x7e007000-0x7e007eff irq 4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19 on simplebus0
bcmwd0: <BCM2708/2835 Watchdog> mem 0x7e100000-0x7e100027 on simplebus0
bcmrng0: <Broadcom BCM2835 RNG> mem 0x7e104000-0x7e10400f irq 21 on simplebus0
mbox0: <BCM2835 VideoCore Mailbox> mem 0x7e00b880-0x7e00b8bf irq 22 on simplebus0
gpioc0: <GPIO controller> on gpio0
uart0: <PrimeCell UART (PL011)> mem 0x7e201000-0x7e201fff irq 25 on simplebus0
spi0: <BCM2708/2835 SPI controller> mem 0x7e204000-0x7e204fff irq 27 on simplebus0
spibus0: <OFW SPI bus> on spi0
spibus0: <unknown card> at cs 0 mode 0
spibus0: <unknown card> at cs 1 mode 0
uart1: <BCM2835 Mini-UART> mem 0x7e215040-0x7e21507f irq 33 on simplebus0
uart1: console (115200,n,8,1)
iichb0: <BCM2708/2835 BSC controller> mem 0x7e804000-0x7e804fff irq 40 on simplebus0
bcm283x_dwcotg0: <DWC OTG 2.0 integrated USB controller (bcm283x)> mem 0x7e980000-0x7e98ffff,0x7e006000-0x7e006fff irq 46,47 on simplebus0
usbus0 on bcm283x_dwcotg0
sdhci_bcm0: <Broadcom 2708 SDHCI controller> mem 0x7e300000-0x7e3000ff irq 49 on simplebus0
mmc0: <MMC/SD bus> on sdhci_bcm0
fb0: <BCM2835 VT framebuffer driver> on simplebus0
fbd0 on fb0
VT: Replacing driver "efifb" with new "fb".
fb0: 656x416(656x416@0,0) 24bpp
fb0: fbswap: 1, pitch 1968, base 0x3eb33000, screen_size 818688
pmu0: <Performance Monitoring Unit> irq 53 on simplebus0
cpulist0: <Open Firmware CPU Group> on ofwbus0
cpu0: <Open Firmware CPU> on cpulist0
bcm2835_cpufreq0: <CPU Frequency Control> on cpu0
cpu1: <Open Firmware CPU> on cpulist0
cpu2: <Open Firmware CPU> on cpulist0
cpu3: <Open Firmware CPU> on cpulist0
gpioled0: <GPIO LEDs> on ofwbus0
gpioled0: <led1> failed to map pin
cryptosoft0: <software crypto>
Timecounters tick every 1.000 msec
usbus0: 480Mbps High Speed USB v2.0
iicbus0: <OFW I2C bus> on iichb0
iic0: <I2C generic I/O> on iicbus0
ugen0.1: <DWCOTG OTG Root HUB> at usbus0
uhub0: <DWCOTG OTG Root HUB, class 9/0, rev 2.00/1.00, addr 1> on usbus0
mmcsd0: 32GB <SDHC SC32G 8.0 SN 9DC03993 MFG 10/2018 by 3 SD> at mmc0 50.0MHz/4bit/65535-block
bcm2835_cpufreq0: ARM 600MHz, Core 250MHz, SDRAM 400MHz, Turbo OFF
mbox0: mbox response error
bcm2835_cpufreq0: can't set clock rate (id=4)
Release APs...done
CPU  0: ARM Cortex-A53 r0p4 affinity:  0
Trying to mount root from ufs:/dev/ufs/OPNsense [rw]...
 Instruction Set Attributes 0 = <CRC32>
 Instruction Set Attributes 1 = <>
         Processor Features 0 = <AdvSIMD,Float,EL3 32,EL2 32,EL1 32,EL0 32>
         Processor Features 1 = <0>
      Memory Model Features 0 = <4k Granule,64k Granule,S/NS Mem,MixedEndian,16bit ASID,1TB PA>
      Memory Model Features 1 = <>
      Memory Model Features 2 = <32b CCIDX,48b VA>
             Debug Features 0 = <2 CTX Breakpoints,4 Watchpoints,6 Breakpoints,PMUv3,Debug v8>
             Debug Features 1 = <0>
         Auxiliary Features 0 = <0>
         Auxiliary Features 1 = <0>
CPU  1: ARM Cortex-A53 r0p4 affinity:  1
CPU  2: ARM Cortex-A53 r0p4 affinity:  2
CPU  3: ARM Cortex-A53 r0p4 affinity:  3
Warning: no time-of-day clock registered, system time will not be set accurately
uhub0: 1 port with 1 removable, self powered
Mounting filesystems...
tunefs: soft updates remains unchanged as enabled
tunefs: file system reloaded
camcontrol: cam_ugen0.2: <vendor 0x0424 product 0x2514> at usbus0
uhub1 on uhub0
uhub1: <vendor 0x0424 product 0x2514, class 9/0, rev 2.00/b.b3, addr 2> on usbus0
uhub1: MTT enabled
lookup_pass: CAMGETPASSTHRU ioctl failed
cam_lookup_pass: No such file or directory
cam_lookup_pass: either the pass driver isn't in your kernel
cam_lookup_pass: or mmcsd0 doesn't exist
** /dev/ufs/OPNsense
FILE SYSTEM CLEAN; SKIPPING CHECKS
clean, 7101844 fuhub1: 4 ports with 3 removable, self powered
ree (220 frags, 887703 blocks, 0.0% fragmentation)
ugen0.3: <vendor 0x0424 product 0x2514> at usbus0
uhub2 on uhub1
uhub2: <vendor 0x0424 product 0x2514, class 9/0, rev 2.00/b.b3, addr 3> on usbus0
uhub2: MTT enabled
Setting hostuuid: 30303030-3030-3030-3139-663138353365.
Setting hostid: 0x56d89878.
Configurinuhub2: 3 ports with 2 removable, self powered
g vt: blanktime.
ugen0.4: <vendor 0x0424 product 0x7800> at usbus0
muge0 on uhub2
muge0: <vendor 0x0424 product 0x7800, rev 2.10/3.00, addr 4> on usbus0
muge0: Chip ID 0x7800 rev 0002
miibus0: <MII bus> on muge0
ukphy0: <Generic IEEE 802.3u media interface> PHY 1 on miibus0
ukphy0:  none, 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 1000baseT-master, 1000baseT-FDX, 1000baseT-FDX-master, auto
ue0: <USB Ethernet> on muge0
ue0: Ethernet address: b8:27:eb:f1:85:3e
Setting up memory disks...done.
Configuring crash dump device: /dev/null
.ELF ldconfig path: /lib /usr/lib /usr/local/lib /usr/local/lib/compat/pkg /usr/local/lib/compat/pkg /usr/local/lib/ipsec /usr/local/lib/perl5/5.32/mach/CORE
done.
>>> Invoking early script 'upgrade'
>>> Invoking early script 'configd'
Starting configd.
>>> Invoking early script 'templates'
Generating configuration: OK
>>> Invoking early script 'backup'
>>> Invoking backup script 'captiveportal'
>>> Invoking backup script 'dhcpleases'
>>> Invoking backup script 'duid'
>>> Invoking backup script 'netflow'
>>> Invoking backup script 'rrd'
>>> Invoking early script 'carp'
CARP event system: OK
Launching the init system...done.
Initializing...........done.
ue0: link state changed to UP
Starting device manager...done.
Configuring login behaviour...done.
Configuring looplo0: link state changed to UP
back interface...done.
Configuring kernel modules...done.
Setting up extended sysctls...done.
Setting timezone...done.
Writing firmware setting...done.
Writing trust files...done.
Setting hostname: opnsense.yrzr.tk
Generating /etc/hosts...done.
Configuring system logging...done.
Configuring loopback interface...done.
Creating wireless clone interfaces...donmuge0: Chip ID 0x7800 rev 0002
e.
Configuring WAN interface...done.
Creating IPsec VTI instances...done.
Generating /etc/resolv.conf...done.
Configuring firewall........done.
Starting PFLOG...done.
Configuring OpenSSH...done.
Starting web GUI...done.
Configuring CRON...done.
Setting up routes...done.
Generating /etc/hosts...done.
Starting Unbound DNS...done.
Setting up gateway monitors...done.
Configuring firewall........done.
Starting PFLOG...done.
Syncing OpenVPN settings...done.
Starting NTP service...deferred.
Starting Unbound DNS...done.
Generating RRD graphs...done.
Configuring system logging...done.
>>> Invoking start script 'newwanip'
Reconfiguring IPv4 on ue0: OK
Reconfiguring routes: OK
>>> Invoking start script 'freebsd'
Starting powerd.
>>> Invoking start script 'syslog-ng'
Stopping syslog_ng.
Waiting for PIDS: 31435.
Starting syslog_ng.
>>> Invoking start script 'wireguard'
Setting up routes...done.
Setting up gateway monitors...done.
Configuring firewall........done.
Starting PFLOG...done.
>>> Invoking start script 'carp'
>>> Invoking start script 'cron'
Starting Cron: OK
>>> Invoking start script 'beep'
Root file system: /dev/ufs/OPNsense
Fri Mar 26 20:11:52 HKT 2021

*** opnsense.yrzr.tk: OPNsense 21.1.3 (aarch64/OpenSSL) ***


As I wrote above, I can only boot from USB-stick (SD-slot broken), this works fine for the first boot, but after importing the config.xml via GUI the reboot fails completely:

Code: [Select]
Raspberry Pi Bootcode
Read File: config.txt, 171
Read File: start.elf, 2857060 (bytes)
Read File: fixup.dat, 6666 (bytes)
MESS:00:00:09.099525:0: brfs: File read: /mfs/sd/config.txt
MESS:00:00:09.103786:0: brfs: File read: 171 bytes
MESS:00:00:09.146340:0: HDMI:EDID error reading EDID block 0 attempt 0
MESS:00:00:09.152417:0: HDMI:EDID error reading EDID block 0 attempt 1
MESS:00:00:09.158661:0: HDMI:EDID error reading EDID block 0 attempt 2
MESS:00:00:09.164911:0: HDMI:EDID error reading EDID block 0 attempt 3
MESS:00:00:09.171161:0: HDMI:EDID error reading EDID block 0 attempt 4
MESS:00:00:09.177412:0: HDMI:EDID error reading EDID block 0 attempt 5
MESS:00:00:09.183661:0: HDMI:EDID error reading EDID block 0 attempt 6
MESS:00:00:09.189911:0: HDMI:EDID error reading EDID block 0 attempt 7
MESS:00:00:09.196162:0: HDMI:EDID error reading EDID block 0 attempt 8
MESS:00:00:09.202411:0: HDMI:EDID error reading EDID block 0 attempt 9
MESS:00:00:09.208424:0: HDMI:EDID giving up on reading EDID block 0
MESS:00:00:09.296678:0: brfs: File read: /mfs/sd/config.txt
MESS:00:00:09.300808:0: HDMI:Setting property pixel encoding to Default
MESS:00:00:09.306887:0: HDMI:Setting property pixel clock type to PAL
MESS:00:00:09.313050:0: HDMI:Setting property content type flag to No data
MESS:00:00:09.319647:0: HDMI:Setting property fuzzy format match to enabled
MESS:00:00:09.326423:0: gpioman: gpioman_get_pin_num: pin LEDS_PWR_OK not defined
MESS:00:00:09.529779:0: gpioman: gpioman_get_pin_num: pin DISPLAY_DSI_PORT not defined
MESS:00:00:09.537232:0: gpioman: gpioman_get_pin_num: pin LEDS_PWR_OK not defined
MESS:00:00:09.543495:0: hdmi: HDMI:hdmi_get_state is deprecated, use hdmi_get_display_state instead
MESS:00:00:09.551983:0: hdmi: HDMI:>>>>>>>>>>>>>Rx sensed, reading EDID<<<<<<<<<<<<<
MESS:00:00:09.559728:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 0
MESS:00:00:09.567461:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 1
MESS:00:00:09.574227:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 2
MESS:00:00:09.580997:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 3
MESS:00:00:09.587769:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 4
MESS:00:00:09.594540:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 5
MESS:00:00:09.601309:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 6
MESS:00:00:09.608080:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 7
MESS:00:00:09.614852:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 8
MESS:00:00:09.621623:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 9
MESS:00:00:09.628156:0: hdmi: HDMI:EDID giving up on reading EDID block 0
MESS:00:00:09.633671:0: hdmi: HDMI: No lookup table for resolution group 0
MESS:00:00:09.640256:0: hdmi: HDMI: hotplug attached with DVI support
MESS:00:00:09.646433:0: hdmi: HDMI:hdmi_get_state is deprecated, use hdmi_get_display_state instead
MESS:00:00:09.655467:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 0
MESS:00:00:09.663202:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 1
MESS:00:00:09.669974:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 2
MESS:00:00:09.676745:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 3
MESS:00:00:09.683514:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 4
MESS:00:00:09.690285:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 5
MESS:00:00:09.697057:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 6
MESS:00:00:09.703827:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 7
MESS:00:00:09.710599:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 8
MESS:00:00:09.717370:0: hdmi: HDMI:EDID error reading EDID block 0 attempt 9
MESS:00:00:09.723904:0: hdmi: HDMI:EDID giving up on reading EDID block 0
MESS:00:00:09.729675:0: hdmi: HDMI: hotplug deassert
MESS:00:00:09.734090:0: hdmi: HDMI: HDMI is currently off
MESS:00:00:09.739211:0: hdmi: HDMI: changing mode to unplugged
MESS:00:00:09.744776:0: hdmi: HDMI:hdmi_get_state is deprecated, use hdmi_get_display_state instead
MESS:00:00:09.754204:0: *** Restart logging
MESS:00:00:09.757451:0: brfs: File read: 171 bytes
MESS:00:00:09.820882:0: Failed to open command line file 'cmdline.txt'
MESS:00:00:09.952018:0: brfs: File read: /mfs/sd/armstub8.bin
MESS:00:00:09.956065:0: Loading 'armstub8.bin' to 0x0 size 0x1700
MESS:00:00:09.961909:0: brfs: File read: 5888 bytes
MESS:00:00:10.161173:0: brfs: File read: /mfs/sd/u-boot.bin
MESS:00:00:10.165050:0: Loading 'u-boot.bin' to 0x80000 size 0x78b50
MESS:00:00:10.175460:0: No kernel trailer - assuming DT-capable
MESS:00:00:10.179702:0: brfs: File read: 494416 bytes
MESS:00:00:10.254058:0: brfs: File read: /mfs/sd/bcm2710-rpi-3-b.dtb
MESS:00:00:10.258712:0: Loading 'bcm2710-rpi-3-b.dtb' to 0xf8b50 size 0x62df
MESS:00:00:10.404699:0: brfs: File read: 25311 bytes
MESS:00:00:10.450208:0: brfs: File read: /mfs/sd/config.txt
MESS:00:00:10.454102:0: dtparam: audio=on
MESS:00:00:10.476678:0: dtparam: i2c_arm=on
MESS:00:00:10.495792:0: dtparam: spi=on
MESS:00:00:10.512405:0: brfs: File read: 171 bytes
MESS:00:00:10.847009:0: brfs: File read: /mfs/sd/overlays/mmc.dtbo
MESS:00:00:10.868936:0: Loaded overlay 'mmc'
MESS:00:00:10.919659:0: brfs: File read: 1099 bytes
MESS:00:00:11.397723:0: brfs: File read: /mfs/sd/overlays/pwm.dtbo
MESS:00:00:11.414949:0: Loaded overlay 'pwm'
MESS:00:00:11.452197:0: brfs: File read: 946 bytes
MESS:00:00:11.719752:0: brfs: File read: /mfs/sd/overlays/disable-bt.dtbo
MESS:00:00:11.743774:0: dterror: can't find symbol 'bt'
MESS:00:00:11.747305:0: Failed to resolve overlay 'disable-bt'
MESS:00:00:12.908149:0: gpioman: gpioman_get_pin_num: pin EMMC_ENABLE not defined
MESS:00:00:13.029436:0: Device tree loaded to 0x4000 (size 0x67aa)
MESS:00:00:13.035094:0: uart: Set PL011 baud rate to 103448.300000 Hz
MESS:00:00:13.041628:0: uart: Baud rate change done...
MESS:00:00:13.045056:0: uart: Baud rateMMC:   mmc@7e300000: 1
Loading Environment from FAT... Card did not respond to voltage select!
In:    serial
Out:   vidconsole
Err:   vidconsole
Net:   No ethernet found.
starting USB...
Bus usb@7e980000: scanning bus usb@7e980000 for devices... unable to get device descriptor (error=-110)
3 USB Device(s) found
       scanning usb for storage devices... 0 Storage Device(s) found
Hit any key to stop autoboot:  0
MMC Device 0 not found
no mmc device at slot 0
Card did not respond to voltage select!

Device 0: unknown device
missing environment variable: pxeuuid
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/01-b8-27-eb-16-56-a8
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/00000000
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/0000000
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/000000
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/00000
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/0000
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/000
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/00
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/0
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/default-arm-bcm283x-rpi
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/default-arm-bcm283x
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/default-arm
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/default
Config file not found
U-Boot>   
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: chemlud on March 26, 2021, 03:25:56 pm
No matter if I copy over the DTB etc. from FeeBSD for raspi 3 or not the second boot fails

Difference to your boot start after

Code: [Select]
MESS:00:00:01.690171:0: brfs: File read: /mfs/sd/u-boot.bin
Your next linie is

Code: [Select]
>> FreeBSD EFI boot block
   Loader path: /boot/loader.efi

   Initializing modules: ZFS UFS
   Load Path: /efi\boot\bootaa64.efi
   Load Device: /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(1)/SD(0)/HD(1,0x01,0,0x800,0x10000)
   Probing 3 block devices.....* done
    ZFS found no pools
    UFS found 1 partition
    command args: -S115200 -D
...

while my USB-stick takes a swing to a parallel universe not meant to be used for production:

Code: [Select]
...
MESS:00:00:10.166426:0: Loading 'u-boot.bin' to 0x80000 size 0x78b50
MESS:00:00:10.176834:0: No kernel trailer - assuming DT-capable
MESS:00:00:10.181076:0: brfs: File read: 494416 bytes
MESS:00:00:10.242557:0: brfs: File read: /mfs/sd/bcm2710-rpi-3-b.dtb
MESS:00:00:10.247212:0: Loading 'bcm2710-rpi-3-b.dtb' to 0xf8b50 size 0x62df
MESS:00:00:10.393105:0: brfs: File read: 25311 bytes
MESS:00:00:10.438707:0: brfs: File read: /mfs/sd/config.txt
MESS:00:00:10.442600:0: dtparam: audio=on
MESS:00:00:10.465152:0: dtparam: i2c_arm=on
MESS:00:00:10.484265:0: dtparam: spi=on
MESS:00:00:10.500871:0: brfs: File read: 171 bytes
MESS:00:00:10.835383:0: brfs: File read: /mfs/sd/overlays/mmc.dtbo
MESS:00:00:10.857296:0: Loaded overlay 'mmc'
MESS:00:00:10.908017:0: brfs: File read: 1099 bytes
MESS:00:00:11.385221:0: brfs: File read: /mfs/sd/overlays/pwm.dtbo
MESS:00:00:11.402444:0: Loaded overlay 'pwm'
MESS:00:00:11.439702:0: brfs: File read: 946 bytes
MESS:00:00:11.707876:0: brfs: File read: /mfs/sd/overlays/disable-bt.dtbo
MESS:00:00:11.732142:0: dterror: can't find symbol 'bt'
MESS:00:00:11.735660:0: Failed to resolve overlay 'disable-bt'
MESS:00:00:12.883018:0: gpioman: gpioman_get_pin_num: pin EMMC_ENABLE not defined
MESS:00:00:13.004264:0: Device tree loaded to 0x4000 (size 0x67aa)
MESS:00:00:13.009938:0: uart: Set PL011 baud rate to 103448.300000 Hz
MESS:00:00:13.016456:0: uart: Baud rate change done...
MESS:00:00:13.019884:0: uart: Baud rateMMC:   mmc@7e300000: 1
Loading Environment from FAT... Card did not respond to voltage select!
In:    serial
Out:   vidconsole
Err:   vidconsole
Net:   No ethernet found.
starting USB...
Bus usb@7e980000: scanning bus usb@7e980000 for devices... unable to get device descriptor (error=-110)
3 USB Device(s) found
       scanning usb for storage devices... 0 Storage Device(s) found
Hit any key to stop autoboot:  0
MMC Device 0 not found
no mmc device at slot 0
Card did not respond to voltage select!

Device 0: unknown device
missing environment variable: pxeuuid
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/01-b8-27-eb-16-56-a8
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/00000000
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/0000000
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/000000
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/00000
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/0000
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/000
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/00
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/0
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/default-arm-bcm283x-rpi
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/default-arm-bcm283x
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/default-arm
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/default
Config file not found

I thought this fix is included now:

Code: [Select]
I have figured out that the problem of boot failure after the second boot issue is caused by the `hw.uart.console` configuration in /boot/loader.conf. As it is auto-generated by opnsense, modification on /boot/loader.conf will be flushed. You can add `hw.uart.console=""` in /boot/loader.conf.local as a temporarily solution.

Or do I still have to add the loader.conf.local?
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: yrzr on March 28, 2021, 10:05:05 am
`hw.uart.console=""`is to override the misconfiguration auto-generated by OPNsense in /boot/loader.conf. It is related to uart console after the kernel is booted.

While your problem is far before the kernel is booted. So I don't think these two problems are related. However, you could still have a try after deleting /boot/loader.conf.local.

My suggestion is to override your whole boot loader partition (the first partition) with my image except your config.txt, then boot again. Moreover, booting from USB may also affect but I have never tried.

No matter if I copy over the DTB etc. from FeeBSD for raspi 3 or not the second boot fails

Difference to your boot start after

Code: [Select]
MESS:00:00:01.690171:0: brfs: File read: /mfs/sd/u-boot.bin
Your next linie is

Code: [Select]
>> FreeBSD EFI boot block
   Loader path: /boot/loader.efi

   Initializing modules: ZFS UFS
   Load Path: /efi\boot\bootaa64.efi
   Load Device: /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(1)/SD(0)/HD(1,0x01,0,0x800,0x10000)
   Probing 3 block devices.....* done
    ZFS found no pools
    UFS found 1 partition
    command args: -S115200 -D
...

while my USB-stick takes a swing to a parallel universe not meant to be used for production:

Code: [Select]
...
MESS:00:00:10.166426:0: Loading 'u-boot.bin' to 0x80000 size 0x78b50
MESS:00:00:10.176834:0: No kernel trailer - assuming DT-capable
MESS:00:00:10.181076:0: brfs: File read: 494416 bytes
MESS:00:00:10.242557:0: brfs: File read: /mfs/sd/bcm2710-rpi-3-b.dtb
MESS:00:00:10.247212:0: Loading 'bcm2710-rpi-3-b.dtb' to 0xf8b50 size 0x62df
MESS:00:00:10.393105:0: brfs: File read: 25311 bytes
MESS:00:00:10.438707:0: brfs: File read: /mfs/sd/config.txt
MESS:00:00:10.442600:0: dtparam: audio=on
MESS:00:00:10.465152:0: dtparam: i2c_arm=on
MESS:00:00:10.484265:0: dtparam: spi=on
MESS:00:00:10.500871:0: brfs: File read: 171 bytes
MESS:00:00:10.835383:0: brfs: File read: /mfs/sd/overlays/mmc.dtbo
MESS:00:00:10.857296:0: Loaded overlay 'mmc'
MESS:00:00:10.908017:0: brfs: File read: 1099 bytes
MESS:00:00:11.385221:0: brfs: File read: /mfs/sd/overlays/pwm.dtbo
MESS:00:00:11.402444:0: Loaded overlay 'pwm'
MESS:00:00:11.439702:0: brfs: File read: 946 bytes
MESS:00:00:11.707876:0: brfs: File read: /mfs/sd/overlays/disable-bt.dtbo
MESS:00:00:11.732142:0: dterror: can't find symbol 'bt'
MESS:00:00:11.735660:0: Failed to resolve overlay 'disable-bt'
MESS:00:00:12.883018:0: gpioman: gpioman_get_pin_num: pin EMMC_ENABLE not defined
MESS:00:00:13.004264:0: Device tree loaded to 0x4000 (size 0x67aa)
MESS:00:00:13.009938:0: uart: Set PL011 baud rate to 103448.300000 Hz
MESS:00:00:13.016456:0: uart: Baud rate change done...
MESS:00:00:13.019884:0: uart: Baud rateMMC:   mmc@7e300000: 1
Loading Environment from FAT... Card did not respond to voltage select!
In:    serial
Out:   vidconsole
Err:   vidconsole
Net:   No ethernet found.
starting USB...
Bus usb@7e980000: scanning bus usb@7e980000 for devices... unable to get device descriptor (error=-110)
3 USB Device(s) found
       scanning usb for storage devices... 0 Storage Device(s) found
Hit any key to stop autoboot:  0
MMC Device 0 not found
no mmc device at slot 0
Card did not respond to voltage select!

Device 0: unknown device
missing environment variable: pxeuuid
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/01-b8-27-eb-16-56-a8
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/00000000
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/0000000
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/000000
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/00000
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/0000
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/000
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/00
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/0
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/default-arm-bcm283x-rpi
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/default-arm-bcm283x
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/default-arm
missing environment variable: bootfile
Retrieving file: pxelinux.cfg/default
Config file not found

I thought this fix is included now:

Code: [Select]
I have figured out that the problem of boot failure after the second boot issue is caused by the `hw.uart.console` configuration in /boot/loader.conf. As it is auto-generated by opnsense, modification on /boot/loader.conf will be flushed. You can add `hw.uart.console=""` in /boot/loader.conf.local as a temporarily solution.

Or do I still have to add the loader.conf.local?
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: mipsou on April 01, 2021, 04:13:12 am
Hi yrzr,

I found a good documentation on https://github.com/sreinhardt/armada-8040-images

i think with this item you can generate img
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: yrzr on April 05, 2021, 04:51:54 am
Hi mipsou,

Sorry I cannot. First of all, I don't have a macchiatobin, so whatever I generated, I could not test it. Secondly, the tools (https://github.com/yrzr/tools) I am using are different from the document you provide. Finally, why not buy some Intel-based machines with the price of macchiatobin?

If I were you, I would ask the author of the document for further supports.

Hi yrzr,

I found a good documentation on https://github.com/sreinhardt/armada-8040-images

i think with this item you can generate img
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: mipsou on April 12, 2021, 11:19:38 pm
I already have this material which should run in aarch64.
I have LAN 10GB and my fiber ISP too.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: michaelsage on May 20, 2021, 06:36:42 pm
Hi,
Firstly thank you to the OPNSense developers and the ARM port developer for all the work so far.

I have successfully installed 21.1.5 from the image provided on to a Pi 3+.

I was wondering if anyone had tried to add a 4G/LTE connection? I guess there would need to be hardware support in the ARM/BSD build as well as OPNSense? I have been looking at the Waveshare hat (https://www.waveshare.com/wiki/SIM7600G-H_4G_HAT). I don't think this will work "out of the box" but I just wanted to see if anyone had tried? If not has anyone tried a 4G USB dongle? Was thinking the OPNSense Pi would make a great "road warrior" router / firewall.
Thanks!

Michael
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: wilmardo on May 20, 2021, 09:16:07 pm
Hi all,

Thanks for the progress on getting this to work on ARM devices @nekoprog and @yrzr. Hopefully the PR will get merged soon :)

For now I resumed my effort to get a working NanoPi R2s image going, but I am stuck at U-Boot problems. I hope someone here is able to help me forward again :)

I have this as my config now:
https://github.com/wilmardo/tools/blob/nanopi-r2s/device/NPIR2S.conf

It contains all kinds of stabs in the dark like the .dtb from Debian and the loadaddr 32K moved over from the address in u-boot.

I currently have a working U-boot but it can't seem to find the kernel (or an UFS partition for that matter). I can mount the UFS partition fine on my PC so the SD card seems to be fine.

This is my current bootlog:
Code: [Select]
DDR version 1.16 20190528
ID:0x805 N
In
DDR4
333MHz
Bus Width=32 Col=10 Bank=4 Bank Group=2 Row=15 CS=1 Die Bus-Width=16 Size=1024MB
ddrconfig:14
OUT
Boot1 Release Time: May 13 2019 17:34:36, version: 2.50
ChipType = 0x11, 248
mmc2:cmd1,20
emmc reinit
mmc2:cmd1,20
emmc reinit
mmc2:cmd1,20
SdmmcInit=2 1
mmc0:cmd5,20
SdmmcInit=0 0
BootCapSize=0
UserCapSize=3781MB
FwPartOffset=2000 , 0
StorageInit ok = 34120
Raw SecureMode = 0
SecureInit read PBA: 0x4
SecureInit read PBA: 0x404
SecureInit read PBA: 0x804
SecureInit read PBA: 0xc04
SecureInit read PBA: 0x1004
SecureInit ret = 0, SecureMode = 0
atags_set_bootdev: ret:(0)
GPT 0x337a9f0 signature is wrong
recovery gpt...
GPT part:  0, name:                 , start:0x800, size:0x762000
recovery gpt success!
no find partition:uboot.
LoadTrust Addr:0x4000
No find bl30.bin
No find bl32.bin
Load uboot, ReadLba = 2000
hdr 000000000337a3b0 + 0x0:0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,

Load OK, addr=0x200000, size=0xab950
RunBL31 0x40000
INFO:    Preloader serial: 2
NOTICE:  BL31: v1.3(debug):403e0b816
NOTICE:  BL31: Built : 14:13:08, Aug 11 2020
NOTICE:  BL31:Rockchip release version: v1.3
INFO:    ARM GICv2 driver initialized
INFO:    Using opteed sec cpu_context!
INFO:    boot cpu mask: 1
INFO:    plat_rockchip_pmu_init: pd status 0xe
INFO:    BL31: Initializing runtime services
WARNING: No OPTEE provided by BL2 boot loader, Booting device without OPTEE initialization. SMC`s destined for OPTEE will return SMC_UNK
ERROR:   Error initializing runtime service opteed_fast
INFO:    BL31: Preparing for EL3 exit to normal world
INFO:    Entry point address = 0x200000
INFO:    SPSR = 0x3c9


U-Boot 2020.10-armbian (May 06 2021 - 18:04:51 +0000)

Model: FriendlyElec NanoPi R2S
DRAM:  1022 MiB
PMIC:  RK8050 (on=0x40, off=0x01)
MMC:   mmc@ff500000: 1
Loading Environment from MMC... MMC Device 0 not found
*** Warning - No MMC card found, using default environment

In:    serial@ff130000
Out:   serial@ff130000
Err:   serial@ff130000
Model: FriendlyElec NanoPi R2S
Net:   eth0: ethernet@ff540000
Hit any key to stop autoboot:  0
switch to partitions #0, OK
mmc1 is current device
Scanning mmc 1:1...
Found EFI removable media binary efi/boot/bootaa64.efi
libfdt fdt_check_header(): FDT_ERR_BADMAGIC
Scanning disk mmc@ff500000.blk...
** Unrecognized filesystem type **
Found 3 disks
No EFI system partition
BootOrder not defined
EFI boot manager: Cannot load any image
393216 bytes read in 68 ms (5.5 MiB/s)
libfdt fdt_check_header(): FDT_ERR_BADMAGIC
Booting /efi\boot\bootaa64.efi

>> FreeBSD EFI boot block
   Loader path: /boot/loader.efi

   Initializing modules: ZFS UFS
   Load Path: /efi\boot\bootaa64.efi
   Load Device: /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(1)/SD(0)/HD(1,0x01,0,0x800,0x19000)
   Probing 3 block devices...... done
    ZFS found no pools
    UFS found no partitions
Failed to load '/boot/loader.efi'
panic: No bootable partitions found!
## Application failed, r = 1
EFI LOAD FAILED: continuing...
MMC Device 0 not found
no mmc device at slot 0
starting USB...
No working controllers found
USB is stopped. Please issue 'usb start' first.
starting USB...
No working controllers found
ethernet@ff540000 Waiting for PHY auto negotiation to complete......... TIMEOUT !

Could anyone point me into a new direction or something to try? I am really stuck at the moment, I tried everything I could think off.

Again, massive thanks for the porting of tools to ARM!
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: spikerguy on June 19, 2021, 01:29:25 am
There is a working image gor freebsd and opnsense for NanoPi R2S as since the rtl drivers were recently merged in freebsd.


https://personalbsd.org/images/OPNsense-21.1-OpenSSL-aarch64-NanoPi-R2S-20210612.img.xz.

Please donate to sergey for all his effort at personalbsd.org
Feel free to join telegram chat for opnsense on arm @personalbsd
Thanks.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: aesth on June 19, 2021, 05:21:58 pm
There is a working image gor freebsd and opnsense for NanoPi R2S as since the rtl drivers were recently merged in freebsd.


https://personalbsd.org/images/OPNsense-21.1-OpenSSL-aarch64-NanoPi-R2S-20210612.img.xz.

Please donate to sergey for all his effort at personalbsd.org
Feel free to join telegram chat for opnsense on arm @personalbsd
Thanks.

Nice! Thanks for the link.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: mentaluproar on July 01, 2021, 06:54:06 am
How is this doing performance wise? Compared to atom and celeron-powered boxes, how well can these ARM SBCs hold up? Has anyone tried activating anything heavy on them, like intrusion detection?
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: gokulkgm on July 10, 2021, 09:57:50 am
There is a working image gor freebsd and opnsense for NanoPi R2S as since the rtl drivers were recently merged in freebsd.


https://personalbsd.org/images/OPNsense-21.1-OpenSSL-aarch64-NanoPi-R2S-20210612.img.xz.

Please donate to sergey for all his effort at personalbsd.org
Feel free to join telegram chat for opnsense on arm @personalbsd
Thanks.

I would like to try the image on R4S, @spikerguy Can you link to the telegram chat? I couldn't find it.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: wilmardo on July 12, 2021, 10:22:56 am
I would like to try the image on R4S, @spikerguy Can you link to the telegram chat? I couldn't find it.

https://personalbsd.org/?p=313 (https://personalbsd.org/?p=313) < there you go.

I tried booting the R2S image but that didn't work.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: yrzr on July 20, 2021, 03:18:38 pm
I have recently built a version 21.1 test image (https://ftp.yrzr.tk/opnsense/FreeBSD%3A12%3Aaarch64/21.1/images/) for rpi3 (may also work on rpi4).

Feel free to try it, and don't forget to modify config.txt before the first run ;).

------------

update on 2021-02-24

An updated image is now out, which works properly on rpi3b+ with the advice of @testo_cz.

Moreover, after the first boot, add `hw.uart.console=""` to /boot/loader.conf.local or the console will goes nowhere in the next boot.

Finally, you can use https://ftp.yrzr.tk/opnsense/ as the Repo to get almost all the plugins as if on amd64. Edit /usr/local/etc/pkg/repos/OPNsense.conf:

Code: [Select]
OPNsense: {
  fingerprints: "/usr/local/etc/pkg/fingerprints/OPNsense",
  url: "https://ftp.yrzr.tk/opnsense/${ABI}/21.1/latest",
  signature_type: "NONE",
  mirror_type: "NONE",
  priority: 11,
  enabled: yes
}

------------

update on 2021-03-25

Thanks to @nekoprog's code and @testo_cz's advice, the RPI3 images now work fine with the serial console.

I have also made a rough introduction to the images on https://www.yrzr.tk/opnsense-images-for-aarch64.

Here is something interesting. I saw the news that OPNsense 22.1 will base on FreeBSD 13.x instead of HardenedBSD. So the idea jumps into my mind that if the kernel is 13.x then RPI4 works.

And, it works! Although, with flaws as expected.

The kernel version I use is FreeBSD 13.0-RELEASE
Code: [Select]
FreeBSD 13.0-RELEASE #0 releng/13.0-n244733-ea31abc261f: Fri Apr  9 06:06:55 UTC 2021
    root@releng1.nyi.freebsd.org:/usr/obj/usr/src/arm64.aarch64/sys/GENERIC arm64
FreeBSD clang version 11.0.1 (git@github.com:llvm/llvm-project.git llvmorg-11.0.1-0-g43ff75f2c3fe)

Moreover, the modules `if_bridge` and `if_enc` stops the kernel from recognizing the sd card. It seems both unrelated, I have no idea why.
Code: [Select]
mmcsd0: Error indicated: 1 Timeout
mmcsd0: Error indicated: 1 Timeout
mmcsd0: Error indicated: 1 Timeout
mmcsd0: Error indicated: 1 Timeout
mmcsd0: Error indicated: 1 Timeout
mountroot: waiting for device /dev/ufs/OPNsense...
Mounting from ufs:/dev/ufs/OPNsense failed with error 19.

Loader variables:
  vfs.root.mountfrom=ufs:/dev/ufs/OPNsense
  vfs.root.mountfrom.options=rw

Manual root filesystem specification:
  <fstype>:<device> [options]
      Mount <device> using filesystem <fstype>
      and with the specified (optional) option list.

    eg. ufs:/dev/da0s1a
        zfs:zroot/ROOT/default
        cd9660:/dev/cd0 ro
          (which is equivalent to: mount -t cd9660 -o ro /dev/cd0 /)

  ?               List valid disk boot devices
  .               Yield 1 second (for background tasks)
  <empty line>    Abort manual input

mountroot>

Luckily, the system boots by disabling the two modules. But I think at least the `if_bridge` module is rather important for OPNsense. Would try nightly build kernels later. But still, it boots.

Finally, you can try the dirty image (https://ftp.yrzr.tk/opnsense/FreeBSD%3A12%3Aaarch64/21.1/images/dirty/) I made on a RPI4 yourself.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: jclendineng on July 26, 2021, 01:56:30 am
Would something like this work on the netgate SG-3100 (ARM not aarch64)?  Having issues with pfsense on it...
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: dsbibby on August 06, 2021, 09:47:58 am
I have recently built a version 21.1 test image (https://ftp.yrzr.tk/opnsense/FreeBSD%3A12%3Aaarch64/21.1/images/) for rpi3 (may also work on rpi4).

Feel free to try it, and don't forget to modify config.txt before the first run ;).

------------

update on 2021-02-24

An updated image is now out, which works properly on rpi3b+ with the advice of @testo_cz.

Moreover, after the first boot, add `hw.uart.console=""` to /boot/loader.conf.local or the console will goes nowhere in the next boot.

Finally, you can use https://ftp.yrzr.tk/opnsense/ as the Repo to get almost all the plugins as if on amd64. Edit /usr/local/etc/pkg/repos/OPNsense.conf:

Code: [Select]
OPNsense: {
  fingerprints: "/usr/local/etc/pkg/fingerprints/OPNsense",
  url: "https://ftp.yrzr.tk/opnsense/${ABI}/21.1/latest",
  signature_type: "NONE",
  mirror_type: "NONE",
  priority: 11,
  enabled: yes
}

------------

update on 2021-03-25

Thanks to @nekoprog's code and @testo_cz's advice, the RPI3 images now work fine with the serial console.

I have also made a rough introduction to the images on https://www.yrzr.tk/opnsense-images-for-aarch64.

Thanks @yrzr for this amazing work and for hosting the arm64 repo! I have opnsense 21.7 up and running happily on my rpi4 under ESXi.

Only thing I was wondering is if there is a reason the "os-vmware" plugin isn't available in your repo? It would be great to get vmware tools going too. I can have a go at compiling and installing vmwtools by hand, but it would be even better if this was possible through opnsense's ui.

Many thanks!
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: yrzr on August 07, 2021, 05:21:44 am
The plugin depends on open-vm-tools-nox11 (https://www.freshports.org/emulators/open-vm-tools-nox11/), currently not supported on aarch64.

However, there are patches out there that you can install on aarch64. See https://vincerants.com/open-vm-tools-on-freebsd-under-vmware-esxi-arm-fling/.

I have recently built a version 21.1 test image (https://ftp.yrzr.tk/opnsense/FreeBSD%3A12%3Aaarch64/21.1/images/) for rpi3 (may also work on rpi4).

Feel free to try it, and don't forget to modify config.txt before the first run ;).

------------

update on 2021-02-24

An updated image is now out, which works properly on rpi3b+ with the advice of @testo_cz.

Moreover, after the first boot, add `hw.uart.console=""` to /boot/loader.conf.local or the console will goes nowhere in the next boot.

Finally, you can use https://ftp.yrzr.tk/opnsense/ as the Repo to get almost all the plugins as if on amd64. Edit /usr/local/etc/pkg/repos/OPNsense.conf:

Code: [Select]
OPNsense: {
  fingerprints: "/usr/local/etc/pkg/fingerprints/OPNsense",
  url: "https://ftp.yrzr.tk/opnsense/${ABI}/21.1/latest",
  signature_type: "NONE",
  mirror_type: "NONE",
  priority: 11,
  enabled: yes
}

------------

update on 2021-03-25

Thanks to @nekoprog's code and @testo_cz's advice, the RPI3 images now work fine with the serial console.

I have also made a rough introduction to the images on https://www.yrzr.tk/opnsense-images-for-aarch64.

Thanks @yrzr for this amazing work and for hosting the arm64 repo! I have opnsense 21.7 up and running happily on my rpi4 under ESXi.

Only thing I was wondering is if there is a reason the "os-vmware" plugin isn't available in your repo? It would be great to get vmware tools going too. I can have a go at compiling and installing vmwtools by hand, but it would be even better if this was possible through opnsense's ui.

Many thanks!
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: dsbibby on August 07, 2021, 10:37:02 pm
Amazing - thanks for the link. That's working perfectly.

In case anyone else sees this, I had to temporarily enable the FreeBSD pkg repo in /usr/local/etc/pkg/FreeBSD.conf in order to install some dependancies.

Also, looks like the PR the author of the post you linked to submitted in to the open-vm-tools repo was merged and is released in version 11.3.0 of open-vm-tools. Does this help unlock the official opnsense plugin at all?

Many thanks!

The plugin depends on open-vm-tools-nox11 (https://www.freshports.org/emulators/open-vm-tools-nox11/), currently not supported on aarch64.

However, there are patches out there that you can install on aarch64. See https://vincerants.com/open-vm-tools-on-freebsd-under-vmware-esxi-arm-fling/.

I have recently built a version 21.1 test image (https://ftp.yrzr.tk/opnsense/FreeBSD%3A12%3Aaarch64/21.1/images/) for rpi3 (may also work on rpi4).

Feel free to try it, and don't forget to modify config.txt before the first run ;).

------------

update on 2021-02-24

An updated image is now out, which works properly on rpi3b+ with the advice of @testo_cz.

Moreover, after the first boot, add `hw.uart.console=""` to /boot/loader.conf.local or the console will goes nowhere in the next boot.

Finally, you can use https://ftp.yrzr.tk/opnsense/ as the Repo to get almost all the plugins as if on amd64. Edit /usr/local/etc/pkg/repos/OPNsense.conf:

Code: [Select]
OPNsense: {
  fingerprints: "/usr/local/etc/pkg/fingerprints/OPNsense",
  url: "https://ftp.yrzr.tk/opnsense/${ABI}/21.1/latest",
  signature_type: "NONE",
  mirror_type: "NONE",
  priority: 11,
  enabled: yes
}

------------

update on 2021-03-25

Thanks to @nekoprog's code and @testo_cz's advice, the RPI3 images now work fine with the serial console.

I have also made a rough introduction to the images on https://www.yrzr.tk/opnsense-images-for-aarch64.

Thanks @yrzr for this amazing work and for hosting the arm64 repo! I have opnsense 21.7 up and running happily on my rpi4 under ESXi.

Only thing I was wondering is if there is a reason the "os-vmware" plugin isn't available in your repo? It would be great to get vmware tools going too. I can have a go at compiling and installing vmwtools by hand, but it would be even better if this was possible through opnsense's ui.

Many thanks!
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: mentaluproar on August 11, 2021, 01:17:18 am
I am attempting to boot that image on a pi 4 CM but getting PHY startup failed -110 messages. :(. any ideas?
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: roninxt on August 19, 2021, 11:39:45 am
Can anyone build and share the R4S image from https://github.com/yrzr/opnsense-tools/tree/22.1/r4s?
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: spaxxilein on August 26, 2021, 10:41:55 am
Is there any work toward building an Apple Silicon version of Opnsense?
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: spikerguy on August 30, 2021, 01:21:41 am
Can anyone build and share the R4S image from https://github.com/yrzr/opnsense-tools/tree/22.1/r4s?

You can download it from here.  Sergey is the guy maintaining it for aarch64.
His website
https://personalbsd.org/?page_id=2

Please donate to his work if you like the built.  I am using the built images on my RockPiE and R4S since long time. 
Check both devices working for me on how built images.
Images attached.


Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: Dg.Os on August 30, 2021, 10:26:08 am
Has anyone succesfully built an OPNSense imagine for RPI 4?
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: spikerguy on September 11, 2021, 12:40:13 am
To use opnsense on rpi you will need a usb to lan adaptor and not all devices are supported in freebsd .


Also performance will not be good with usb adaptor, hence many no one is working on it.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: sparticle on September 12, 2021, 01:34:25 am
To use opnsense on rpi you will need a usb to lan adaptor and not all devices are supported in freebsd .


Also performance will not be good with usb adaptor, hence many no one is working on it.

I was under the impression that the USB3 type adaptors were essentially running at Gb speed and the Pi4 native Gb adaptor is not limited by the USB sussystem as on previous generation of pi's.

UPDATE:

just for a bit of fun and mainly because I can. I built a new rpi4 running Ubuntu Server 21.04 and attached a Jcreate USB Adaptor.

Which result is the USB3 Adaptor?

iperf3 -p 5201 -c 192.168.0.18
Connecting to host 192.168.0.18, port 5201
[  4] local 192.168.0.105 port 60016 connected to 192.168.0.18 port 5201
[ ID] Interval           Transfer     Bandwidth       Retr  Cwnd
[  4]   0.00-1.00   sec   113 MBytes   952 Mbits/sec    0    631 KBytes       
[  4]   1.00-2.00   sec   108 MBytes   904 Mbits/sec    0    631 KBytes       
[  4]   2.00-3.00   sec   108 MBytes   902 Mbits/sec    0    631 KBytes       
[  4]   3.00-4.00   sec   108 MBytes   904 Mbits/sec    0    631 KBytes       
[  4]   4.00-5.00   sec   108 MBytes   905 Mbits/sec    0    631 KBytes       
[  4]   5.00-6.00   sec   108 MBytes   902 Mbits/sec    0    631 KBytes       
[  4]   6.00-7.00   sec   111 MBytes   932 Mbits/sec    0    631 KBytes       
[  4]   7.00-8.00   sec   111 MBytes   932 Mbits/sec    0    631 KBytes       
[  4]   8.00-9.00   sec   111 MBytes   935 Mbits/sec    0    631 KBytes       
[  4]   9.00-10.00  sec   111 MBytes   935 Mbits/sec    0    631 KBytes       
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bandwidth       Retr
[  4]   0.00-10.00  sec  1.07 GBytes   920 Mbits/sec    0             sender
[  4]   0.00-10.00  sec  1.07 GBytes   917 Mbits/sec                  receiver

iperf Done.
iperf3 -p 5201 -c 192.168.0.20
Connecting to host 192.168.0.20, port 5201
[  4] local 192.168.0.105 port 40788 connected to 192.168.0.20 port 5201
[ ID] Interval           Transfer     Bandwidth       Retr  Cwnd
[  4]   0.00-1.00   sec   112 MBytes   941 Mbits/sec   13    305 KBytes       
[  4]   1.00-2.00   sec   110 MBytes   925 Mbits/sec    0    378 KBytes       
[  4]   2.00-3.00   sec   110 MBytes   924 Mbits/sec    0    386 KBytes       
[  4]   3.00-4.00   sec   110 MBytes   920 Mbits/sec    0    386 KBytes       
[  4]   4.00-5.00   sec   109 MBytes   916 Mbits/sec    0    386 KBytes       
[  4]   5.00-6.00   sec   110 MBytes   919 Mbits/sec    0    386 KBytes       
[  4]   6.00-7.00   sec   110 MBytes   921 Mbits/sec    0    390 KBytes       
[  4]   7.00-8.00   sec   110 MBytes   919 Mbits/sec    0    390 KBytes       
[  4]   8.00-9.00   sec   110 MBytes   921 Mbits/sec    0    393 KBytes       
[  4]   9.00-10.00  sec   110 MBytes   923 Mbits/sec    0    393 KBytes       
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bandwidth       Retr
[  4]   0.00-10.00  sec  1.07 GBytes   923 Mbits/sec   13             sender
[  4]   0.00-10.00  sec  1.07 GBytes   921 Mbits/sec                  receiver

Just needs decent drivers on BSD!

Cheers
Spart
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: efetropy on November 14, 2021, 04:32:49 pm
I am trying to built an arm64 image with the stable/22.1 source on a native arm64 (RPi CM4) FreeBSD 13 STABLE host, but keep running into the same issue as stated here:

https://github.com/opnsense/tools/pull/222#issuecomment-948657705

Has anyone tried the same or actually knows a solution for that?

If someone has a working image, I would be happy to have a look at it.


EDIT: After another run, I managed to build the world and kernel successfully. Currently compiling packages – stay tuned for further updates.
Packages also compiled (and took quite a long time) and required a lot of space.
With some little changes, I managed to make an image. Booting worked on my CM4. I won't provide an image here as this was just to see whether compilation works or not
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: quiOt on December 03, 2021, 05:58:37 pm
I'm trying to create a OPNSense VM on Proxmox with diry image from @yrzr without success. Anyone have tried it and successfully installed it ?
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: efetropy on December 03, 2021, 09:10:23 pm
I'm trying to create a OPNSense VM on Proxmox with diry image from @yrzr without success. Anyone have tried it and successfully installed it ?

What do you mean by dirty image? I recall there being a 21.7 version with the kernel from FreeBSD 13 for the RPi 4. Is that the one you are talking about?

Would be great if you provide more information. I can probably help you out :)
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: quiOt on December 04, 2021, 03:25:09 pm
Hey @efetropy, I used this one - https://ftp.yrzr.tk/opnsense/FreeBSD%3A12%3Aaarch64/21.1/images/dirty/ (https://ftp.yrzr.tk/opnsense/FreeBSD%3A12%3Aaarch64/21.1/images/dirty/) but VM didn't boot
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: efetropy on December 04, 2021, 04:49:34 pm
Hey @efetropy, I used this one - https://ftp.yrzr.tk/opnsense/FreeBSD%3A12%3Aaarch64/21.1/images/dirty/ (https://ftp.yrzr.tk/opnsense/FreeBSD%3A12%3Aaarch64/21.1/images/dirty/) but VM didn't boot

Ahh that's not a VM image actually. If you like to, I can try to create a qcow2 or raw image for you. Maybe that will help
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: quiOt on December 05, 2021, 12:42:58 pm
@efetropy ok. I would be grateful if you could send me the correct file or help me how I can do it.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: efetropy on December 06, 2021, 03:19:53 pm
@efetropy ok. I would be grateful if you could send me the correct file or help me how I can do it.

You can try building an image yourself, but I guess that would take a long time. If you are interested in the current beta (based on FreeBSD 13 which has support for RPi4), have a look in this thread:
https://forum.opnsense.org/index.php?topic=25705.0

You will find a VMDK image there with some other instructions. You can of course convert the VMDK image to whatever format you want (qcow2, raw, etc.)
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: quiOt on December 07, 2021, 11:04:33 am
@efetropy thank you so much! I'll try it later.

edit: I posted my results on your topic.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: PackElend on December 29, 2021, 10:11:43 pm
it is feasible to port OPNsense to an ARM Cortex-A72 (Marvell® ARMADA® 7040)?
There is a OpenWrt SNAPSHOT (https://firmware-selector.openwrt.org/?version=SNAPSHOT&target=mvebu%2Fcortexa72&id=globalscale_mochabin) available for the Globalscale MOCHAbin (I do have dev board).
Moreover I have Debian and Ubuntu image.

What would be the way to go to port it?


thank you
stefan
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: efetropy on January 02, 2022, 07:34:52 pm
it is feasible to port OPNsense to an ARM Cortex-A72 (Marvell® ARMADA® 7040)?
There is a OpenWrt SNAPSHOT (https://firmware-selector.openwrt.org/?version=SNAPSHOT&target=mvebu%2Fcortexa72&id=globalscale_mochabin) available for the Globalscale MOCHAbin (I do have dev board).
Moreover I have Debian and Ubuntu image.

What would be the way to go to port it?


thank you
stefan

Afaik the Armada 7k SoC is already supported by FreeBSD (see https://www.freebsd.org/status/report-2021-01-2021-03/marvell/)
The report is from early 2021 so can't tell whether they mean HEAD as in FreeBSD 14 or 13. Nevertheless, you are probably one of the few people who own a MOCHAbin dev board. Aren't the latter supposed to get shipped around Q2 2022?

If you have access to the datasheet, and maybe also the kernel source code (besides the image, so that you have an idea about how the drivers etc. work) you can start porting to FreeBSD. Don't know if OPNsense is the right place for it, but I guess you can get more help in the FreeBSD forums / mailing lists.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: spikerguy on January 08, 2022, 04:57:01 pm
Sergey from Personalbsd.org project is waiting for his device to arrive.

Once he have it then he will start working on Opnsense port for that device.

Please subscribe fro regular donation to his project so he can afford to buy devices to support at opnsense community arm project called personalbsd.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: HappyOpnSense on February 02, 2022, 09:45:53 am
Hi,

struggling for some days now to create a working x-build for a AMD64 host to a NanoPI R4S. Has someone this really working as I continue to run into error messages with the package build (base and kernel build seem to run fine).

I guess it's related to the cc target not being right because when I do a chroot in the build directory (make chroot DEVICE=R4S) and check the cc output I get the following

>>> chroot'ing into /usr/obj/usr/tools/config/22.1/OpenSSL:aarch64/...
root@freebsd-13-0-1:/ # cc --version
FreeBSD clang version 13.0.0 (git@github.com:llvm/llvm-project.git llvmorg-13.0.0-0-gd7b669b3a303)
Target: x86_64-unknown-freebsd13.0
Thread model: posix
InstalledDir: /usr/bin

Where I would expect an aarch64 target. Not sure where this is going wrong.

Thnx for your support
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: ryker@utanet.at on February 02, 2022, 05:02:25 pm
https://personalbsd.org/?page_id=2
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: efetropy on February 11, 2022, 12:25:23 pm
Up and running on my ROCKPro 64

(https://i.ibb.co/PzVL89b/oie-b5z86-N3-IX5j-A.png)
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: mestafin on February 20, 2022, 11:02:26 am
Hi,

Which image did you use?

Would you mind sharing?


Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: efetropy on February 20, 2022, 08:41:02 pm
Hi,

Which image did you use?

Would you mind sharing?

Are you referring to the ROCKPro64 image? You can simply get the R4S image from https://ftp.yrzr.tk/opnsense/FreeBSD%3A13%3Aaarch64/22.1/images/

All you gotta do is write the bootloader files and you're set
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: mupi2k on March 08, 2022, 04:21:25 am
I really wanted to like OPNSense.

However, after installing it on my R4S (what an amazing tiny device!), I found that my best throughput on a hardwire to my GB fiber was about 500Mbps (usually less!).

When I installed OpenWRT, I can get 940+ (that is to say, wire speed, for a Gigabit ethernet line).

Same hardware, same connections.  Even the same plugin (AdGuardHome) running.

Open to suggestions for improving speed, but otherwise, I really can't justify sticking with OPNSense.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: spikerguy on April 04, 2022, 12:30:34 am
R2S using rtl usb to lan chip which does not have good drive support on freebsd hence it's broken. 
That chip is only used in few devices so developers are not putting effort to fix it..

Best is to use R4S. 
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: rcat on May 01, 2022, 02:55:15 am
Hi,

struggling for some days now to create a working x-build for a AMD64 host to a NanoPI R4S. Has someone this really working as I continue to run into error messages with the package build (base and kernel build seem to run fine).

I guess it's related to the cc target not being right because when I do a chroot in the build directory (make chroot DEVICE=R4S) and check the cc output I get the following

>>> chroot'ing into /usr/obj/usr/tools/config/22.1/OpenSSL:aarch64/...
root@freebsd-13-0-1:/ # cc --version
FreeBSD clang version 13.0.0 (git@github.com:llvm/llvm-project.git llvmorg-13.0.0-0-gd7b669b3a303)
Target: x86_64-unknown-freebsd13.0
Thread model: posix
InstalledDir: /usr/bin

Where I would expect an aarch64 target. Not sure where this is going wrong.

Thnx for your support

I'm having this same problem. Did you ever find a solution?

::EDIT::
I was able to build using a FreeBSD VM on my M1 MacBook. The image boots up just fine on my RockPro64 but the PCI slot doesn't seem to work while it does on FreeBSD 13.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: rcat on May 04, 2022, 03:32:29 am
Ok, tried a few different things, and still no luck with getting the PCI slot recognized in OPNsense with my RockPro64. Would anyone more familiar with what the differences are between FreeBSD 13 and OPNsense 22.1 be able to chime in with some thoughts?

With the 4 port NIC on OPNsense 22.1, dmesg shows:
Code: [Select]
pcib0: <Rockchip PCIe controller> mem 0xf8000000-0xf9ffffff,0xfd000000-0xfdffffff irq 6,7,8 on ofwbus0
pcib0: Cannot get 'pcie-phy-0' phy
device_attach: pcib0 attach returned 6

With the 4 port PCI NIC on FreeBSD 13 shows:
Code: [Select]
pcib0: <Rockchip PCIe controller> mem 0xf8000000-0xf9ffffff,0xfd000000-0xfdffffff irq 6,7,8 on ofwbus0
pci0: <PCI bus> on pcib0
pcib1: <PCI-PCI bridge> at device 0.0 on pci0
pcib0: failed to reserve resource for pcib1
pcib1: failed to allocate initial memory window: 0-0xfffff
pci1: <PCI bus> on pcib1
pcib0: route pin 1 for device 0.0 to 78
pcib0: route pin 2 for device 0.0 to 79
pcib0: route pin 3 for device 0.0 to 80
pcib0: route pin 4 for device 0.0 to 81

Running "pciconf -lv" returns nothing on OPNsense while FreeBSD 13 shows my pci devices...  :-\


::EDIT::
So I switched the kernel to one downloaded straight from FreeBSD but still had the same problem...this is about as far as my troubleshooting goes I think...Not sure where the problem lies.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: Husqvik on May 11, 2022, 04:59:39 pm
Quote
Are you referring to the ROCKPro64 image? You can simply get the R4S image from https://ftp.yrzr.tk/opnsense/FreeBSD%3A13%3Aaarch64/22.1/images/

All you gotta do is write the bootloader files and you're set

Hi! Could you please explain what do you mean with "All you gotta do is write the bootloader files and you're set"? I tried to install a lot of images for RockPro64 without any problems but I'm no able to run any OPNsense image. All files hangs during booting. Is there something special to update in OPNsense image? Thanks in advance.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: PDP11 on May 12, 2022, 03:08:45 pm
1) On a FreeBSD machine, pkg install u-boot-rockpro64
2) Then from /usr/local/share/u-boot/u-boot-rockpro64 pick up idbloader.img and u-boot.itb
3) Overwrite the boot loader on the OPNsense-22.1-OpenSSL-arm-aarch64-R4S.img (which is for Nanopi-R4S) with the boot loader for ROCKPro64
dd if=u-boot-rockpro64/idbloader.img of=OPNsense-22.1-OpenSSL-arm-aarch64-R4S.img seek=64 bs=512  conv=notrunc
dd if=u-boot-rockpro64/u-boot.itb of=OPNsense-22.1-OpenSSL-arm-aarch64-R4S.img seek=16384 bs=512 conv=notrunc
Note: conv=notrunk prevents the output file from being truncated after the end of the respective boot images.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: rcat on May 16, 2022, 02:30:03 am
Figured out the problem with the RockPro64 PCI slot!

With FreeBSD, there are a bunch of .dtb files (device tree blobs) on the MSDOSBOOT partition that are not present when making OPNsense for ARM. Sure enough, there is one for the RockPro64.

Copying that dtb folder over resolved the problem. The PCI slot and the 4 port NIC are both detected immediately upon boot.

I can't do anymore testing today, but I'll definitely be doing more testing in the days to come. Exciting!
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: Skippy96 on May 16, 2022, 06:58:28 pm
https://personalbsd.org/?page_id=2

Has anybody been able to get this image working on the NanoPi-R4S with 1GB throughput working on both Ports?  Also is there any instructions on how to connect 1st time and set up? 

Thank you all for the information and help on this port.  really exited to start using it in my home lab!!
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: john_matrix on May 21, 2022, 10:05:04 am
Hello,
Can someone give me some hints to compile a build for Compute Module 4?
Because Makefile give me some errors, ex:

Quote
Makefile:43: *** missing separator.  Stop.
Makefile:61: *** recipe commences before first target.  Stop.

Is FreeBSD mandatory to compile or Debian can be used too?

Many thanks!

Edit: disregard previous message, I have installed a Freebsd VM and compiling seems to work better now :)
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: rcat on May 28, 2022, 05:37:40 am
Here is a RockPro64 image for anyone interested. It includes a few additions in the image - vim, wireguard, ddclient, and mdns-repeater.
https://opnsense.one8three.xyz/opnsense/FreeBSD%3A13%3Aaarch64/22.1/images/

Also, a repo for pkg updates is hosted at https://opnsense.one8three.xyz/opnsense/
Not sure how often it'll get updated...maybe once a month or so.

More info here: https://one8three.xyz/2022/05/25/OPNsense-on-RockPro64.html
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: S199p.Wa1k9r on June 01, 2022, 06:49:54 pm
it is feasible to port OPNsense to an ARM Cortex-A72 (Marvell® ARMADA® 7040)?
There is a OpenWrt SNAPSHOT (https://firmware-selector.openwrt.org/?version=SNAPSHOT&target=mvebu%2Fcortexa72&id=globalscale_mochabin) available for the Globalscale MOCHAbin (I do have dev board).
Moreover I have Debian and Ubuntu image.
What would be the way to go to port it?
thank you
stefan

Little progress on MOCHAbin.
FreeBSD started but Ethernet does not work.
What ideas?

https://dmesgd.nycbug.org/index.cgi?do=view&id=6609

SleepWaker


Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: S199p.Wa1k9r on June 03, 2022, 06:47:40 pm
Here’s what a custom build of OPNsense for MOCHAbin looks like.
It remains to add support for native Ethernet.

https://personalbsd.org/?p=1177 (https://personalbsd.org/?p=1177)
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: jbutlerdev on July 27, 2022, 08:00:30 pm
Can anyone help with booting 22.1.X on the nanopi R4S? I've downloaded an image from https://personalbsd.org/?page_id=2 and also from https://ftp.yrzr.tk/opnsense/FreeBSD%3A13%3Aaarch64/22.1/images/

Both have been extracted using xz and flashed using dd. The device boots and gives the following error on any image I try

Consoles: EFI console  
    Reading loader env vars from /efi/freebsd/loader.env
Setting currdev to disk0p1:
FreeBSD/arm64 EFI loader, Revision 1.1

   Command line arguments: loader.efi
   Image base: 0xf0def000
   EFI version: 2.80
   EFI Firmware: Das U-Boot (rev 8225.1792)
   Console: comconsole (0)
   Load Path: /efi\boot\bootaa64.efi
   Load Device: /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(1)/SD(0)/HD(1,0x01,0,0x8000,0x10000)
Trying ESP: /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(1)/SD(0)/HD(1,0x01,0,0x8000,0x10000)
Setting currdev to disk0p1:
Trying: /VenHw(e61d73b9-a384-4acc-aeab-82e828f3628b)/SD(1)/SD(0)/HD(2,0x01,0,0x18000,0x5e8000)
Setting currdev to disk0p2:
ERROR: cannot open /boot/lua/loader.lua: no such file or directory.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: S199p.Wa1k9r on August 12, 2022, 05:59:11 pm
This can't be done on good hardware and the right SD card.
My images are tested and work for many guys.
What SD card are you using?
Try OPNsense-22.1.9.
Coming soon 22.7.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: S199p.Wa1k9r on August 12, 2022, 06:25:46 pm
I was able to run VMware ESXi on MOCHAbin 5G.
And OPNsense is on it.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: S199p.Wa1k9r on August 12, 2022, 06:26:45 pm
OPNsense 22.7
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: SFC on August 16, 2022, 09:17:52 pm
OPNsense 22.7


22.7 is currently broken - it was built with phalcon-5.0.0r3, it needs 5.0.0r2.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: fabianorbatista on August 22, 2022, 02:41:04 pm
Hi,

Has anyone tested or know if it works on Nanopi r5s?

Thanks
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: goos on August 27, 2022, 08:15:39 pm
Hi all, excited to join in on the fun here!

I currently have 22.7 running from yrzr.tx on an R4S. I now see from a few posts above that this version is broken  so I'll try 22.1.10 shortly. My hope is to replace my hp t730 for home use.

After enabling powerd and setting it to maximum cpu frequency scaling I am able to push around 400mbit in each direction through the unit in cursory iperf3 testing.
I have a Cisco T-Rex benchmarking setup and I plan to do more in depth testing - different packet sizes, number of flows, open states, etc.

When initially testing on openwrt I was able to pin irqs and receive queues for the two nics to the faster A72 cores which was a notable improvement.
Is this possible in opnsense/freebsd? I did a bit of googling and didn't find any definitive answers.

I also have two R4SE's (I dream of HA firewall at home) with 32gb of emmc onboard.
I have tried flashing a few different opnsense images using rkdevtool with no success yet (I didn't really expect it to justwork).
Anyone have any ideas on that? It seems the tool wants the image split into various partitions, but it does allow me to just flash the whole image starting at 0x0.
I haven't dived into the image build process but I'm sure I'll dig into that soon.
I have a 3v3 rs232 adapter on the way so I'll be able to get a console on these things soon.

Anyway, happy to test/help/etc!
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: goos on September 18, 2022, 06:17:59 am
Can someone share their (working) dts for the R4S and/or R4SE?

I've tried both mainline u-boot and the friendlyarm vendor versions.
Both cause a kernel panic when devmatch fires.

Code: [Select]
Starting device manager...Fatal data abort:
  x0:                0
  x1: ffffa0000758a000
  x2:                3
  x3: ffff0000da33f650 ($d.10 + d8f61078)
  x4: ffff0000da33f5d8 ($d.10 + d8f61000)
<snip>

EDIT - nevermind, I got it working on both the r4s and r4se!

The tl;dr to the last 10 hours of my life is that in the version of rk3399.dtsi that is in u-boot repos, someone fatfingered the first chunk of the pcie address range (I think that's what this field is for). see below

The "ranges" field under "pcie0: pcie@f8000000" needs to start with 0x83000000, not 0x82000000, such that it reads like this:
Code: [Select]
pcie0: pcie@f8000000 {
<snip>
ranges = <0x83000000 0x0 0xfa000000 0x0 0xfa000000 0x0 0x1e00000
  0x81000000 0x0 0xfbe00000 0x0 0xfbe00000 0x0 0x100000>;
<snip>

Made that switch and mostly good now. I'm seeing the same issue I saw in openwrt 21.x where the re0 interface disappears sometimes on soft reboots. The openwrt folks have this patch, I glanced through the freebsd kernel sources and it might be possible to duplicate the effects? I'm not sure how setting the mmc voltage effects the pcie nic though  ???
https://github.com/immortalwrt/immortalwrt/blob/master/target/linux/rockchip/patches-5.15/107-mmc-core-set-initial-signal-voltage-on-power-off.patch (https://github.com/immortalwrt/immortalwrt/blob/master/target/linux/rockchip/patches-5.15/107-mmc-core-set-initial-signal-voltage-on-power-off.patch)

EDIT EDIT - A-HA: (why wasn't this mainlined?)
https://github.com/friendlyarm/kernel-rockchip/commit/8efe01b4386ab38a36b99cfdc1dc02c38a8898c3 (https://github.com/friendlyarm/kernel-rockchip/commit/8efe01b4386ab38a36b99cfdc1dc02c38a8898c3)
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: peram on September 21, 2022, 02:10:42 pm
[snip]
EDIT: After another run, I managed to build the world and kernel successfully. Currently compiling packages – stay tuned for further updates.
Packages also compiled (and took quite a long time) and required a lot of space.
With some little changes, I managed to make an image. Booting worked on my CM4. I won't provide an image here as this was just to see whether compilation works or not

Hi.
I#m looking at this myself as I have some spare CM4 collecting dust.  Do you still have any notes on how you got this done ? Not well versed in compiling FreeeBSD at all, so any help is much appreciated :)

regs,

peram
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: vernetzen on September 28, 2022, 11:15:50 pm
Hi All. I have a few NanoPI R4SE (the enterprise ones w/ eMMC and consistent MAC). As such, the usual instructions for getting OPNsense running on this is not entirely the same as the R4S (without eMMC). Since the R5S does have the eMMC I've ported some of the u-boot commands from there to try on the R4SE.

Does anyone have a command sequence for writing to the TF card that will successfully boot the 22.1.x OPNsense image?

Here's my current command sequence:
Code: [Select]
   1 │ # Boot from SD/TF Card                                                                                                                                                                                                                                                                                                                                                                                                             
   2 │ sudo dd if=u-boot/idbloader.img of=/dev/sda conv=sync seek=64 status=progress
   3 │ sudo dd if=u-boot/u-boot.itb of=/dev/sda conv=sync seek=16384 status=progress
   4 │ sudo dd if=OPNsense-22.1.9-OpenSSL-aarch64-NanoPi-R4S-20220626.img of=/dev/sda conv=sync seek=32768 status=progress

Result, it tries to boot and u-boot does its typical process but then errors with:
Code: [Select]
Failed to initialize SPI flash at 0:0 (error
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: sparticle on October 21, 2022, 05:19:27 pm
I have a decommissioned RPI4 that I am wanting to run OPNSense on. I have tried this build for the RPI4 but it does not boot.Blink code suggests it can't find the kernel.img.

 https://www.yrzr.tk/opnsense-22-for-aarch64/

Can anyone suggest how I get a build up and running on the RPI4? At this location, I only have a 40/10 VDSL service so the USB3 J5 Create nic should be fine.

Really would like to play with a working build. I saw earlier in the thread someone said they had a 22.7 build running.

I have tested my hardware with the standard FBSD aarch64 image and it boots first time so I know the hardware is good.

Any help is appreciated.

Cheers
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: sparticle on October 23, 2022, 10:11:08 am
Talking to myself probably.

I managed to get the 22.1.10 image to boot on my RPI4 after connecting a ttl adaptor and seeing what was going on. Weirdly I think it was a corrupt write operation to the card.

I decompressed the image first then wrote it to the sd card rather than let Ubuntu disks app do it on the fly.

That worked and I had a booting image.

It is very snappy compared to my vmware OPNSense with much more resources.

Is it possible to get a build of the latest 22.7 as it has a few inclusions we need one being APCUPSD service.

But this has been a great surprise and I am a little shocked at all the negative comments regarding running OPNSense on the RPI4 I am using the native GbE adaptor as the lan adaptor and a J5Create USB3 Adaptor as the wan adaptor.

It uses the axe driver and is recognised and configed perfectly and seems to work without any issues.

As this seems to be a 'standard' aarch64 build it would be great to see this as a standard build from OPNSense ARM devices are proliferate and incredibly performant for the power footprint.

Thank you to yrzr for all the work producing these builds and the corresponding installation and configuration notes.

This is the link I followed https://www.yrzr.tk/opnsense-22-for-aarch64/ to get a working build.

Cheers
Spart
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: gwurb on November 03, 2022, 08:25:25 am
I followed what I understood on https://yrzr.tk/opnsense-22-for-aarch64/
but can't get RPI4B system to boot. I don't have a serial adapter so unfortunately can't troubleshoot a lot.

Here is what I did:

Downloaded:
OPNsense-22.1.10-OpenSSL-arm-aarch64-RPI.img.xz
and
OPNsense-22.7.5-OpenSSL-arm-aarch64-RPI.img.xz

Used Raspberry Pi Imager to write the img to file. Renamed config_rpi4.txt to config.txt and deleted config_rpi3.txt . Put the newly flashed card into RPI4 and powered it up. It gets to the rainbow/multicolour splash screen and then nothing. This was the case for both img files, written with either Raspberry Pi Imager or Balena Etcher, unarchived first or provided as .xz to the imager. I tried this on two RPI4.

I tried booting the same card on RPI3B+ with config_rpi3.txt renamed to config.txt and it booted, showing the boot process. I set a static IP and then used config_rpi4.txt renamed to config.txt to boot rpi4. Got the rainbow screen but could still access the system. So there is something wrong with the video.

Is there something wrong with the default config_rpi4.txt? What could I try to get the console to show on hdmi output?

Thanks
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: HappyOpnSense on November 12, 2022, 12:14:07 pm
Hi all, excited to join in on the fun here!

I currently have 22.7 running from yrzr.tx on an R4S. I now see from a few posts above that this version is broken  so I'll try 22.1.10 shortly. My hope is to replace my hp t730 for home use.

After enabling powerd and setting it to maximum cpu frequency scaling I am able to push around 400mbit in each direction through the unit in cursory iperf3 testing.
I have a Cisco T-Rex benchmarking setup and I plan to do more in depth testing - different packet sizes, number of flows, open states, etc.

When initially testing on openwrt I was able to pin irqs and receive queues for the two nics to the faster A72 cores which was a notable improvement.
Is this possible in opnsense/freebsd? I did a bit of googling and didn't find any definitive answers.

I also have two R4SE's (I dream of HA firewall at home) with 32gb of emmc onboard.
I have tried flashing a few different opnsense images using rkdevtool with no success yet (I didn't really expect it to justwork).
Anyone have any ideas on that? It seems the tool wants the image split into various partitions, but it does allow me to just flash the whole image starting at 0x0.
I haven't dived into the image build process but I'm sure I'll dig into that soon.
I have a 3v3 rs232 adapter on the way so I'll be able to get a console on these things soon.

Anyway, happy to test/help/etc!

Can only confirm that I always build the R4S images myself (R4S is one of the standard targets) and never had an issue with these. Recently upgraded from 22.1 to 22.7 without an hitch. Building on a Rock PI4 - which has an SSD - as that is native build which takes 1+ day.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: sparticle on December 01, 2022, 11:59:04 am
I followed what I understood on https://yrzr.tk/opnsense-22-for-aarch64/
but can't get RPI4B system to boot. I don't have a serial adapter so unfortunately can't troubleshoot a lot.

Here is what I did:

Downloaded:
OPNsense-22.1.10-OpenSSL-arm-aarch64-RPI.img.xz
and
OPNsense-22.7.5-OpenSSL-arm-aarch64-RPI.img.xz

Used Raspberry Pi Imager to write the img to file. Renamed config_rpi4.txt to config.txt and deleted config_rpi3.txt . Put the newly flashed card into RPI4 and powered it up. It gets to the rainbow/multicolour splash screen and then nothing. This was the case for both img files, written with either Raspberry Pi Imager or Balena Etcher, unarchived first or provided as .xz to the imager. I tried this on two RPI4.

I tried booting the same card on RPI3B+ with config_rpi3.txt renamed to config.txt and it booted, showing the boot process. I set a static IP and then used config_rpi4.txt renamed to config.txt to boot rpi4. Got the rainbow screen but could still access the system. So there is something wrong with the video.

Is there something wrong with the default config_rpi4.txt? What could I try to get the console to show on hdmi output?

Thanks

A great investment <10$ is a USB to TTL serial adaptor. Try DSD TECH

This allows you to congfig the serial out when booting to follow the boot process and interact.

Cheers
Spart
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: gmiranda on January 16, 2023, 09:56:43 pm
I followed what I understood on https://yrzr.tk/opnsense-22-for-aarch64/
but can't get RPI4B system to boot. I don't have a serial adapter so unfortunately can't troubleshoot a lot.

Here is what I did:

Downloaded:
OPNsense-22.1.10-OpenSSL-arm-aarch64-RPI.img.xz
and
OPNsense-22.7.5-OpenSSL-arm-aarch64-RPI.img.xz

Used Raspberry Pi Imager to write the img to file. Renamed config_rpi4.txt to config.txt and deleted config_rpi3.txt . Put the newly flashed card into RPI4 and powered it up. It gets to the rainbow/multicolour splash screen and then nothing. This was the case for both img files, written with either Raspberry Pi Imager or Balena Etcher, unarchived first or provided as .xz to the imager. I tried this on two RPI4.

I tried booting the same card on RPI3B+ with config_rpi3.txt renamed to config.txt and it booted, showing the boot process. I set a static IP and then used config_rpi4.txt renamed to config.txt to boot rpi4. Got the rainbow screen but could still access the system. So there is something wrong with the video.

Is there something wrong with the default config_rpi4.txt? What could I try to get the console to show on hdmi output?

Thanks

Same here (raspberry pi 4 8GB). Tried extracting the xz file before running dd, according to the instructions in https://yrzr.tk/opnsense-22-for-aarch64/#41-writing-the-image, but to no avail.

I can't either get the image to work under qemu, it boots and after I configure the ethernet adapters it hangs completely.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: antonio66 on January 20, 2023, 08:29:28 am
Hi,

I know, older thread... Does somebody has a working port of newer opnsense for orange pi r1 plus? Or has a download link for it? Thx

antonio
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: jeremy.mcmillan on January 25, 2023, 05:05:14 am
It's not clear if you got a corrupted download, or whether you were able to decompress the image, or what the flash drive layout looks like after you wrote the raw blocks to it or what.

Do you have enough troubleshooting skills to understand what can go wrong with those steps and how to verify whether it did or not?

I followed what I understood on https://yrzr.tk/opnsense-22-for-aarch64/
but can't get RPI4B system to boot. I don't have a serial adapter so unfortunately can't troubleshoot a lot.

Here is what I did:

Downloaded:
OPNsense-22.1.10-OpenSSL-arm-aarch64-RPI.img.xz
and
OPNsense-22.7.5-OpenSSL-arm-aarch64-RPI.img.xz

Used Raspberry Pi Imager to write the img to file. Renamed config_rpi4.txt to config.txt and deleted config_rpi3.txt . Put the newly flashed card into RPI4 and powered it up. It gets to the rainbow/multicolour splash screen and then nothing. This was the case for both img files, written with either Raspberry Pi Imager or Balena Etcher, unarchived first or provided as .xz to the imager. I tried this on two RPI4.

I tried booting the same card on RPI3B+ with config_rpi3.txt renamed to config.txt and it booted, showing the boot process. I set a static IP and then used config_rpi4.txt renamed to config.txt to boot rpi4. Got the rainbow screen but could still access the system. So there is something wrong with the video.

Is there something wrong with the default config_rpi4.txt? What could I try to get the console to show on hdmi output?

Thanks

Same here (raspberry pi 4 8GB). Tried extracting the xz file before running dd, according to the instructions in https://yrzr.tk/opnsense-22-for-aarch64/#41-writing-the-image, but to no avail.

I can't either get the image to work under qemu, it boots and after I configure the ethernet adapters it hangs completely.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: maxiecool2 on February 08, 2023, 09:20:35 am
hi guys, i just received my banana pi BPI-R2P, i fave found a config file from buildroot. (https://github.com/frank-w)
im a noob at bsd, how do i test the config file? is it "make test"?
thanks guys
mat
ok scratch that!!! i was assuming that the config file was a kernel build file
so ill change it to how do i insert kernel modules from https://github.com/ARM-software/arm-trusted-firmware
the cpu module i need is cortex a55
or can i build a bsd kernel and then install opnsense (this seems an easier option for everyone, build the kernel first)
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: spikerguy on February 20, 2023, 07:35:23 pm
Sadly there is no image for this board, I doubt anyone is working on this device support.

You can ask for help in BPI forum, or ask then to send samples to the team who can help bring up this device support on BSD, freebsd and opnsense.

Regards,
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: SFC on March 09, 2023, 03:10:43 pm
The latest images work just fine.  If you're having trouble getting them onto an sdcard I would suggest using 7-zip to unpack them and balena etcher to write them.

Keep in mind, first boot takes almost 2 minutes on an rpi4, older models will be slower.  If you don't have a USB adapter attached, the built-in port will default to LAN and have a 192.168.1.1 address.  For HDMI use the port that's closest to the USB-C power port.

https://www.yrzr.tk/opnsense-22-for-aarch64/
https://ftp.yrzr.tk/opnsense/FreeBSD%3A13%3Aaarch64/22.7/images/
https://www.7-zip.org/
https://github.com/balena-io/etcher

Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: maxiecool2 on March 13, 2023, 10:30:57 am
Sadly there is no image for this board, I doubt anyone is working on this device support.

You can ask for help in BPI forum, or ask then to send samples to the team who can help bring up this device support on BSD, freebsd and opnsense.

Regards,

i have the source code and trusted arm firmware what files do i need to send in
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: Abbott on March 19, 2023, 10:18:15 am
I am new to opnsense and need to buy new hardware for it.

Which ARM device has best support? What do you recommend me?

x86 uses too much power, and power is expensive where I live
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: sparticle on March 19, 2023, 02:09:42 pm
Just testing the 22.7.11 build from here. https://www.yrzr.tk/opnsense-22-for-aarch64/

Installs fine remember to copy one of the config_rpi3 or 4 to config.txt before inserting the sd card.

Loaded the config from my current opnsense box with a couple of mods to the IP addresses and interface names.

However, on update it gets stuck at [3/5] Extracting ruby-2.7.6_2,1: .....

Not sure what the fix is.

On reboot hangs on the serial interface after showing the interface assignments and keys.

No further response on the serial port.

Cheers

Title: Modify config.txt (RPI only)
Post by: alhaddar on April 01, 2023, 01:47:29 pm
Hi

4.2 Modify config.txt (RPI only)
The config.txt in the first partition needs to be modified depending on the RPI model you get. There are also config_rpi*.txt files for your reference.

Additionally, you can add the following lines in config.txt to enable serial console:

1
2
3
# Fix mini UART input frequency, and setup/enable up the UART.
uart_2ndstage=1
enable_uart=1

Can you explain to me how to use these files, should I modify them, rename them, or what? Please help

Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: abal on May 19, 2023, 04:55:27 pm
Hi guys,

I'm using opnsense on nanopi-r2s for a year, which is working just fine. The version I have is 22.7 from personalbsd.org. What I'm trying to do is to connect my UPS to the routes (USB cable), so the router would work as a NUT server. The issue is, that I cannot see the NUT plugin. I've tried the original package repo from personalbsd, now I tried yrzr.tk-s repo, but none of them contains this plugin.
I can remember, that in the earlier version (maybe in 19 or 20) it was present, as I played with it on other hardware (rockpi-e). There the connection was for some reason not working, so I stopped the work. Now I would like to try it on the this hardware.

Isn't this package supported? Or is there a way to grab it from somewhere for aarch64?

Thanks!
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: S199p.Wa1k9r on May 20, 2023, 04:46:17 am
Hi Abal

The fact is that in the standard system for building the OPNsense image
and the repository of packages and plugins, the sysutils/nut package
and the nut plugin are marked as not to be built for the arm and aarch64 architectures.

And that's why the guys who make custom builds of OPNsense for ARM architecture
don't build them and you don't see them.

It is not yet clear to me why this is done in OPNsense,
because the sysutils/nut package can be built and installed on the AARCH64 architecture.

You better ask the authors of the builds for AARCH64 and if it is personalbsd.org
then you should ask your question in the telegram channel https://t.me/PersonalBSD
Good luck.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: NetGobbler on October 12, 2023, 12:21:25 pm
Surely this thread will awaken again, with the release of the Pi5?
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: dbell37 on October 14, 2023, 09:24:40 pm
Hopefully it will. I’ve been using the Pi 4 compute module with OPNsense and it has been great, since the compute module exposes the PCIe bus for use with a NIC so there is no need for USB attached NICs. With the Pi5 now exposing the PCIe bus as well, I hope a lot more people adopt this as viable solution for a router.
I posted how I built my image in another thread:
https://forum.opnsense.org/index.php?topic=31345.msg167902;topicseen#msg167902
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: tryingtotech on December 22, 2023, 02:26:51 pm
Great work on this post and thank you to everyone who has been putting the effort into this.

I'm very new to OPNSense and was thinking of running on an Oracle.cloud server, the A1.flex server is arm, 2 ocpus and 12gb of RAM.

I want to use it for a couple of things, routing into my network (currently on Starlink with no public IP) and as a captive portal for my friend to authenticate his guest traffic through his coffee shop.

Does anyone here know how I can install opnsense on an arm cloud server, with FreeBSD 13.1 preinstalled
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: MariuClaudiu on December 29, 2023, 01:29:04 pm
hi
i have a raspberry pi 4 B 8 gb , i did get image from
https://www.yrzr.tk/opnsense-23-for-aarch64/
https://github.com/yrzr/opnsense-tools/releases/tag/23.7.9
i did write image on sd card 64 gb , i did make a config.txt in the root of the sd card and insert everithing on it from config_rpi4.txt
when try too boot show me some errors
config file not found
serverip not set
cannot autoload with tftpget
and stuck on u-boot
can somebody help me to make it work please ?
thank's a lot
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: molive on December 29, 2023, 03:39:47 pm
Has anyone actually got this to work on a Pi5 yet? I've got one here with a fan, and annoyingly just moving a working pi4b sd card over doesn't work.

I'll keep looking into it, I suspect it's something in the config.txt but I'm not an expert.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: Maurice on December 30, 2023, 02:49:17 pm
@tryingtotech See these threads for OPNsense on OCI A1 instances. You can download a suitable VM image from my GitHub (see signature).
https://forum.opnsense.org/index.php?topic=34795
https://forum.opnsense.org/index.php?topic=35828
https://forum.opnsense.org/index.php?topic=32546
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: tryingtotech on January 03, 2024, 10:56:34 am
@tryingtotech See these threads for OPNsense on OCI A1 instances. You can download a suitable VM image from my GitHub (see signature).
https://forum.opnsense.org/index.php?topic=34795
https://forum.opnsense.org/index.php?topic=35828
https://forum.opnsense.org/index.php?topic=32546

Amazing @Maurice thank you, i will have a look at this today
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: tryingtotech on January 03, 2024, 02:32:20 pm
@tryingtotech See these threads for OPNsense on OCI A1 instances. You can download a suitable VM image from my GitHub (see signature).
https://forum.opnsense.org/index.php?topic=34795
https://forum.opnsense.org/index.php?topic=35828
https://forum.opnsense.org/index.php?topic=32546

Afternoon @maurice. I am not sure what I'm doing wrong here but the AMP image is not available (see attached screenshot), any advice would be much appreciated
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: Maurice on January 03, 2024, 03:09:04 pm
Did you enable the Standard.A1.Flex shape for the custom image after importing it?
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: tryingtotech on January 03, 2024, 03:49:05 pm
Did you enable the Standard.A1.Flex shape for the custom image after importing it?

I have now, thank you, just going to the setup now, working out how to open the ports on the VPC, am new to OCI and OPNSense, will let you know if I get stuck, and thank you again for you amazing work
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: tryingtotech on January 03, 2024, 04:45:47 pm
im struggling with Oracle Cloud at the min, I have gone, to VPC, security list and added ingress rules, but still can't get to it, via public IP am I missing a step?
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: Maurice on January 03, 2024, 05:47:56 pm
New to OPNsense and OCI can be a bit challenging. You might want to familiarise yourself with OPNsense on a local system first.
Initially, you can't easily connect to the OPNsense Web UI using IPv4. That's because of Oracle's use of SNAT and OPNsense's HTTP_REFERER enforcement. Your best option is to access the Web UI via IPv6.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: tryingtotech on January 03, 2024, 06:02:11 pm
maybe a silly question, but I can't see an ipv6 address anywhere on my instance, so not sure it's set up to have one, I can try rebuilding the server as only in play mode, and try and add it
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: Maurice on January 03, 2024, 06:11:15 pm
You first have to add an IPv6 prefix to the VCN subnet, then you can add an IPv6 address to the VNIC of your instance.

Oracle has pretty decent documentation btw. ;)
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: tryingtotech on January 04, 2024, 12:22:46 pm
You first have to add an IPv6 prefix to the VCN subnet, then you can add an IPv6 address to the VNIC of your instance.

Oracle has pretty decent documentation btw. ;)

Thanks, @Maurice, slow progress on this one step forward two steps back - managed to sort out the rules and can now access the OPNSense login page (as it's cloud though, I am going in via the WAN address) now when trying to log in I get the following error after login

"The HTTP_REFERER "https://130.162.xxx.xxx/index.php" does not match the predefined settings. You can disable this check if needed under System: Settings: Administration."

But I can't get passed this to change under "System: Settings: Administration" - Is there anything I can do to disable this check from SHELL

I have tried to add an FQDN and point to the public IP but get "A potential DNS Rebind attack has been detected."

Any help will be much appreciated, many thanks
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: Maurice on January 04, 2024, 06:10:49 pm
That's exactly what I was talking about:

Initially, you can't easily connect to the OPNsense Web UI using IPv4. That's because of Oracle's use of SNAT and OPNsense's HTTP_REFERER enforcement. Your best option is to access the Web UI via IPv6.

Just use IPv6 for initial configuration, then you won't have this issue.
Title: Re: [Work In Progress] OPNsense Ported into ARM Devices
Post by: johndo100 on February 15, 2024, 05:01:46 am
Hi guys,

I'm using opnsense on nanopi-r2s for a year, which is working just fine. The version I have is 22.7 from personalbsd.org. What I'm trying to do is to connect my UPS to the routes (USB cable), so the router would work as a NUT server. The issue is, that I cannot see the NUT plugin. I've tried the original package repo from personalbsd, now I tried yrzr.tk-s repo, but none of them contains this plugin.
I can remember, that in the earlier version (maybe in 19 or 20) it was present, as I played with it on other hardware (rockpi-e). There the connection was for some reason not working, so I stopped the work. Now I would like to try it on the this hardware.

Isn't this package supported? Or is there a way to grab it from somewhere for aarch64?

Thanks!

I can not download the version for r2s anymore.
Please share it. I'm learning to make the image myself but it will take time.
Since FreeBSD support arm64, OPNsense should work if we have properly FreeBSD driver and u-boot for each board.
I made some Linux images before but my knowledge is not enough.