1
Web Proxy Filtering and Caching / Re: haproxy using openvpn and https
« on: October 21, 2019, 04:54:10 am »
this is a very interesting config - if you figure out how to set it up please share...
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
19.7 Legacy Series / Re: 19.7.5 HAProxy config broken
« on: October 21, 2019, 04:30:49 am »
so normal operations on 19.7.4 (OPNsense 19.7.4_1-amd64) the log looks like a list of connections:
*** update ***
ok, werid. i reapplied the 19.7.5 update to capture the logs and now everything seems to be working. i hate mysteries. anyway if the service does start failing I'll post the logs here...
Code: [Select]
Oct 20 22:14:18 haproxy[13596]: Connect from 192.168.xxx.xxx:52758 to yyy.yyy.yyy.yyy:443 (nextcloudWebFacingService/HTTP)
Oct 20 22:13:22 haproxy[13596]: Connect from 192.168.xxx.xxx:59890 to yyy.yyy.yyy.yyy:443 (nextcloudWebFacingService/HTTP)
Oct 20 22:02:58 haproxy[13596]: Connect from xxx.xxx.xxx.xxx:24450 to yyy.yyy.yyy.yyy:443 (nextcloudWebFacingService/HTTP)
Oct 20 22:02:57 haproxy[13596]: Connect from xxx.xxx.xxx.xxx:10349 to yyy.yyy.yyy.yyy:443 (nextcloudWebFacingService/HTTP)
Oct 20 22:02:57 haproxy[13596]: Connect from xxx.xxx.xxx.xxx:8150 to yyy.yyy.yyy.yyy:443 (nextcloudWebFacingService/HTTP)
*** update ***
ok, werid. i reapplied the 19.7.5 update to capture the logs and now everything seems to be working. i hate mysteries. anyway if the service does start failing I'll post the logs here...
3
19.7 Legacy Series / 19.7.5 HAProxy config broken
« on: October 16, 2019, 06:30:42 am »
Hi fraenki
you say over on the development page: https://github.com/opnsense/plugins/pull/1498 that
i found out the hard way that my config breaks (luckily i always snapshot before i upgrade and so was able to revert to 19.7.4). do you have any guidance on common breakage points?
you say over on the development page: https://github.com/opnsense/plugins/pull/1498 that
Quote
WARNING
This release introduces the HAProxy 2.0 release series. This is a major change and may break existing configurations. Please test thoroughly before using this version in production.
i found out the hard way that my config breaks (luckily i always snapshot before i upgrade and so was able to revert to 19.7.4). do you have any guidance on common breakage points?
4
18.7 Legacy Series / Re: kvm+opnsense+Vlan problem - must manually reload firewall rules after reboot.
« on: December 03, 2018, 03:49:03 am »
i've reproduced the problem a half dozen more times. i've also tired running:
pfctl -F all -f /etc/pf.conf
to flush the firewall rules and reload but it errors out:
i was going to add :
@reboot echo /sbin/pfctl -F all -f /etc/pf.conf | at now + 5 minutes
but i don't think that will work. However as soon as i reset using option "11" everything starts to work ( but ssh session breaks - oh well).
I imagine option "11" is a script? can i call it from cron and do my hacky workaround? if so where does it live? is this a system bug?
pfctl -F all -f /etc/pf.conf
to flush the firewall rules and reload but it errors out:
Code: [Select]
root@OPNsense:~ # pfctl -F all -f /etc/pf.conf
rules cleared
nat cleared
5 tables deleted.
140 states cleared
source tracking entries cleared
pf: statistics cleared
pf: interface flags reset
pfctl: /etc/pf.conf: No such file or directory
pfctl: cannot open the main config file!: No such file or directory
pfctl: Syntax error in config file: pf rules not loaded
i was going to add :
@reboot echo /sbin/pfctl -F all -f /etc/pf.conf | at now + 5 minutes
but i don't think that will work. However as soon as i reset using option "11" everything starts to work ( but ssh session breaks - oh well).
Code: [Select]
*** OPNsense.ad.grassyshallows.com: OPNsense 18.7.8 (amd64/OpenSSL) ***
LAN (em1) -> v4: 192.168.1.1/24 ... bridged from a physical interface
WAN (em0) -> v4/DHCP4: 107.190.35.80/26 ... bridged from a physical interface
cameras (em5) -> xxxx ... currently unused but a vlan bridge from the bridged physical interface LAN is on
carp (em3) -> xxxx ... currently unused but a vlan bridge from the bridged physical interface LAN is on
management (em2) -> xxxx .. currently unused but a vlan bridge from the bridged physical interface LAN is on
webServices (em6) -> xxxx .. currently unused but a vlan bridge from the bridged physical interface LAN is on
wifi (em4) -> v4: 192.168.4.1/24 ... active and the interface with problems , a vlan bridge from the bridged physical interface LAN is on...
0) Logout 7) Ping host
1) Assign interfaces 8) Shell
2) Set interface IP address 9) pfTop
3) Reset the root password 10) Firewall log
4) Reset to factory defaults 11) Reload all services
5) Power off system 12) Update from console
6) Reboot system 13) Restore a backup
Enter an option: 11
Writing firmware setting...done.
Configuring login behaviour...done.
Configuring CRON...done.
Setting timezone...done.
Setting hostname: OPNsense.ad.grassyshallows.com
Generating /etc/hosts...done.
Generating /etc/resolv.conf...done.
Configuring loopback interface...done.
Creating wireless clone interfaces...done.
Configuring VLAN interfaces...done.
Configuring WAN interface...done.
Configuring LAN interface...done.
Configuring cameras interface...done.
Configuring carp interface...done.
Configuring management interface...done.
Configuring webServices interface...done.
Configuring wifi interface...done.
Setting up routes...done.
Configuring firewall.......done.
Starting DHCPv4 service...done.
Starting DHCPv6 service...done.
Starting router advertisement service...done.
packet_write_wait: Connection to 192.168.1.1 port 22: Broken pipe
I imagine option "11" is a script? can i call it from cron and do my hacky workaround? if so where does it live? is this a system bug?
5
18.7 Legacy Series / kvm+opnsense+Vlan problem - must manually reload firewall rules after reboot.
« on: November 30, 2018, 04:10:44 am »
Hi, I'm having a bizarre problem with my setup:
I've got several VLANs segregating things. These are setup on my hypervisor (KVM/PROXMOX) as Linux bridges associated to specific VLANs. i like making all the VLANs separate bridges because i can control what other virtual machines on the host can connect to.Obviously OPNSENSE is running as a virtual machine.
I had some weird problems: any thing that was connected to "base lan" worked ok straight after reboot but anything bridged via a configured VLAN wouldn't. through trail and error I discovered that if i touched a firewall rule and caused a rule reload everything would start to work.
Has anyone here tried to setup VLANs and OPNSENSE in visualized environments? Is there a way to at least automate my workaround and cause a rule reload after everything is up and running?
I've got several VLANs segregating things. These are setup on my hypervisor (KVM/PROXMOX) as Linux bridges associated to specific VLANs. i like making all the VLANs separate bridges because i can control what other virtual machines on the host can connect to.Obviously OPNSENSE is running as a virtual machine.
I had some weird problems: any thing that was connected to "base lan" worked ok straight after reboot but anything bridged via a configured VLAN wouldn't. through trail and error I discovered that if i touched a firewall rule and caused a rule reload everything would start to work.
Has anyone here tried to setup VLANs and OPNSENSE in visualized environments? Is there a way to at least automate my workaround and cause a rule reload after everything is up and running?
6
18.1 Legacy Series / Re: Can't get Intrusion Detection working.
« on: April 08, 2018, 02:01:44 am »
1st of: opps i should do a better job of googling next time - sorry & thanks 
I was following your guide: i got to part 4 - ids and ips, and noticed that i only put WAN in my interfaces list.
after including LAN & enabling IPS & applying i lost all connection to the internet AND the admin web interface. the result is instantaneous. I had to drop into the virtual console and restore settings from backup. as you probably know - once you restore settings opnsense recommends that you reboot the router. when i did that i got the screen shown in the included attachment - it looks like suricata is complaining. googling the error i get these hits:
https://forum.pfsense.org/index.php?topic=98787.0
https://redmine.openinfosecfoundation.org/issues/1496
so that's just suricata complaining that syslog wasn't enabled.
i went and turned it on... the internet still breaks the instant i enable IPS...
in your debug area you say to set all rules to alreat - i double checked and found that i had 1 drop rule:
Signature Id 2210057
Classtype protocol-command-decode
Message SURICATA STREAM 3way handshake toclient data injection suspected
I was following your guide: i got to part 4 - ids and ips, and noticed that i only put WAN in my interfaces list.
after including LAN & enabling IPS & applying i lost all connection to the internet AND the admin web interface. the result is instantaneous. I had to drop into the virtual console and restore settings from backup. as you probably know - once you restore settings opnsense recommends that you reboot the router. when i did that i got the screen shown in the included attachment - it looks like suricata is complaining. googling the error i get these hits:
https://forum.pfsense.org/index.php?topic=98787.0
https://redmine.openinfosecfoundation.org/issues/1496
so that's just suricata complaining that syslog wasn't enabled.
i went and turned it on... the internet still breaks the instant i enable IPS...
in your debug area you say to set all rules to alreat - i double checked and found that i had 1 drop rule:
Signature Id 2210057
Classtype protocol-command-decode
Message SURICATA STREAM 3way handshake toclient data injection suspected
7
18.1 Legacy Series / Can't get Intrusion Detection working.
« on: April 05, 2018, 05:50:47 am »
I've been trying, off an on, since 16.x, to get Intrusion Detection working.
alerts don't show much activity but the the moment i turn on IPS i get a completely dead connection. have i been that seriously pwned or have i just messed up something?
I've followed the guides and disabled hardware offloading etc.
I've also disabled all the rulesets:
Description
abuse.ch/Dyre SSL IPBL not installed
abuse.ch/Feodo Tracker not installed
abuse.ch/SSL Fingerprint Blacklist not installed
abuse.ch/SSL IP Blacklist not installed
ET open/botcc not installed
ET open/botcc.portgrouped not installed
ET open/ciarmy not installed
ET open/compromised not installed
ET open/drop not installed
ET open/dshield not installed
ET open/emerging-activex not installed
still nothing...
the latest alerts say:
2018-04-04T23:25:30.465856-0400 allowed WAN ###.###.###.### ###.###.###.### 7801 SURICATA STREAM ESTABLISHED SYNACK resend with different seq
2018-04-04T23:25:27.614650-0400 allowed WAN ###.###.###.### ###.###.###.### 7801 SURICATA STREAM ESTABLISHED SYNACK resend with different seq
2018-04-04T23:25:26.016311-0400 allowed WAN###.###.###.### ###.###.###.### 7801 SURICATA STREAM ESTABLISHED SYNACK resend with different seq
2018-04-04T23:21:20.710647-0400 allowed WAN ###.###.###.### 22589 ###.###.###.### 23 SURICATA TCPv4 invalid checksum
I run opnsense as a virtual machine using to vitual bridges to connected to it. one is a dedicated physical interface for the wan and the other is the a vitual bridge to the lan. The Host is proxmox.
alerts don't show much activity but the the moment i turn on IPS i get a completely dead connection. have i been that seriously pwned or have i just messed up something?
I've followed the guides and disabled hardware offloading etc.
I've also disabled all the rulesets:
Description
abuse.ch/Dyre SSL IPBL not installed
abuse.ch/Feodo Tracker not installed
abuse.ch/SSL Fingerprint Blacklist not installed
abuse.ch/SSL IP Blacklist not installed
ET open/botcc not installed
ET open/botcc.portgrouped not installed
ET open/ciarmy not installed
ET open/compromised not installed
ET open/drop not installed
ET open/dshield not installed
ET open/emerging-activex not installed
still nothing...
the latest alerts say:
2018-04-04T23:25:30.465856-0400 allowed WAN ###.###.###.### ###.###.###.### 7801 SURICATA STREAM ESTABLISHED SYNACK resend with different seq
2018-04-04T23:25:27.614650-0400 allowed WAN ###.###.###.### ###.###.###.### 7801 SURICATA STREAM ESTABLISHED SYNACK resend with different seq
2018-04-04T23:25:26.016311-0400 allowed WAN###.###.###.### ###.###.###.### 7801 SURICATA STREAM ESTABLISHED SYNACK resend with different seq
2018-04-04T23:21:20.710647-0400 allowed WAN ###.###.###.### 22589 ###.###.###.### 23 SURICATA TCPv4 invalid checksum
I run opnsense as a virtual machine using to vitual bridges to connected to it. one is a dedicated physical interface for the wan and the other is the a vitual bridge to the lan. The Host is proxmox.
8
17.1 Legacy Series / Re: Intermittant networking between resets with opnsense vm and pci nic pass-through
« on: March 13, 2017, 12:46:52 am »
Hi Nnyan,
Do you mean check the driver on the host/hypervisor side (proxmox) or the guest side (opnsense)? It didn't occur to me that the host would bother loading drivers if using pci pass-through. I though host side drivers were not involved at all once the card was passed through.
on the host side get:
and
pci device 6 & 7 are the quad port card and are currently passed through...
what the guest side (opnsense) has to say about this ...
but weirdly dmesg entrys seem to be in triplicate....
Do you mean check the driver on the host/hypervisor side (proxmox) or the guest side (opnsense)? It didn't occur to me that the host would bother loading drivers if using pci pass-through. I though host side drivers were not involved at all once the card was passed through.
on the host side get:
Code: [Select]
root@proxmox1:/rpool/data# lspci | grep Network
06:00.0 Ethernet controller: Intel Corporation 82575GB Gigabit Network Connection (rev 02)
06:00.1 Ethernet controller: Intel Corporation 82575GB Gigabit Network Connection (rev 02)
07:00.0 Ethernet controller: Intel Corporation 82575GB Gigabit Network Connection (rev 02)
07:00.1 Ethernet controller: Intel Corporation 82575GB Gigabit Network Connection (rev 02)
09:00.0 Ethernet controller: Intel Corporation 82576 Gigabit Network Connection (rev 01)
09:00.1 Ethernet controller: Intel Corporation 82576 Gigabit Network Connection (rev 01)
and
Code: [Select]
root@proxmox1:/rpool/data# dmesg | grep Ethernet
[ 3.400241] Intel(R) Gigabit Ethernet Network Driver - version 5.3.5.3
[ 3.615780] igb 0000:06:00.0: Intel(R) Gigabit Ethernet Network Connection
[ 3.827716] igb 0000:06:00.1: Intel(R) Gigabit Ethernet Network Connection
[ 4.047801] igb 0000:07:00.0: Intel(R) Gigabit Ethernet Network Connection
[ 4.263806] igb 0000:07:00.1: Intel(R) Gigabit Ethernet Network Connection
[ 4.458458] igb 0000:09:00.0: Intel(R) Gigabit Ethernet Network Connection
[ 4.648021] igb 0000:09:00.1: Intel(R) Gigabit Ethernet Network Connection
pci device 6 & 7 are the quad port card and are currently passed through...
what the guest side (opnsense) has to say about this ...
Code: [Select]
root@OPNsense:~ # pciconf -lv
...
igb0@pci0:0:16:0: class=0x020000 card=0x145a8086 chip=0x10d68086 rev=0x02 hdr=0x00
vendor = 'Intel Corporation'
device = '82575GB Gigabit Network Connection'
class = network
subclass = ethernet
igb1@pci0:0:16:1: class=0x020000 card=0x145a8086 chip=0x10d68086 rev=0x02 hdr=0x00
vendor = 'Intel Corporation'
device = '82575GB Gigabit Network Connection'
class = network
subclass = ethernet
igb2@pci0:0:17:0: class=0x020000 card=0x145a8086 chip=0x10d68086 rev=0x02 hdr=0x00
vendor = 'Intel Corporation'
device = '82575GB Gigabit Network Connection'
class = network
subclass = ethernet
igb3@pci0:0:17:1: class=0x020000 card=0x145a8086 chip=0x10d68086 rev=0x02 hdr=0x00
vendor = 'Intel Corporation'
device = '82575GB Gigabit Network Connection'
class = network
subclass = ethernet
...
but weirdly dmesg entrys seem to be in triplicate....
Code: [Select]
root@OPNsense:~ # dmesg | grep Ethernet
igb0: Ethernet address: 00:1b:21:2a:4f:e8
igb1: Ethernet address: 00:1b:21:2a:4f:e9
igb2: Ethernet address: 00:1b:21:2a:4f:ec
igb3: Ethernet address: 00:1b:21:2a:4f:ed
em0: Ethernet address: c6:48:af:7a:41:68
igb0: Ethernet address: 00:1b:21:2a:4f:e8
igb1: Ethernet address: 00:1b:21:2a:4f:e9
igb2: Ethernet address: 00:1b:21:2a:4f:ec
igb3: Ethernet address: 00:1b:21:2a:4f:ed
em0: Ethernet address: c6:48:af:7a:41:68
igb0: Ethernet address: 00:1b:21:2a:4f:e8
igb1: Ethernet address: 00:1b:21:2a:4f:e9
igb2: Ethernet address: 00:1b:21:2a:4f:ec
igb3: Ethernet address: 00:1b:21:2a:4f:ed
em0: Ethernet address: c6:48:af:7a:41:68
root@OPNsense:~ # dmesg | grep Network
igb0: <Intel(R) PRO/1000 Network Connection, Version - 2.5.3-k> port 0xe080-0xe09f mem 0xfea40000-0xfea5ffff,0xfde00000-0xfdffffff,0xfeaf0000-0xfeaf3fff irq 11 at device 16.0 on pci0
igb1: <Intel(R) PRO/1000 Network Connection, Version - 2.5.3-k> port 0xe0a0-0xe0bf mem 0xfea60000-0xfea7ffff,0xfe000000-0xfe1fffff,0xfeaf4000-0xfeaf7fff irq 10 at device 16.1 on pci0
igb2: <Intel(R) PRO/1000 Network Connection, Version - 2.5.3-k> port 0xe0c0-0xe0df mem 0xfea80000-0xfea9ffff,0xfe200000-0xfe3fffff,0xfeaf8000-0xfeafbfff irq 10 at device 17.0 on pci0
igb3: <Intel(R) PRO/1000 Network Connection, Version - 2.5.3-k> port 0xe0e0-0xe0ff mem 0xfeaa0000-0xfeabffff,0xfe400000-0xfe5fffff,0xfeafc000-0xfeafffff irq 10 at device 17.1 on pci0
em0: <Intel(R) PRO/1000 Legacy Network Connection 1.1.0> port 0xe000-0xe03f mem 0xfeac0000-0xfeadffff irq 10 at device 18.0 on pci0
igb0: <Intel(R) PRO/1000 Network Connection, Version - 2.5.3-k> port 0xe080-0xe09f mem 0xfea40000-0xfea5ffff,0xfde00000-0xfdffffff,0xfeaf0000-0xfeaf3fff irq 11 at device 16.0 on pci0
igb1: <Intel(R) PRO/1000 Network Connection, Version - 2.5.3-k> port 0xe0a0-0xe0bf mem 0xfea60000-0xfea7ffff,0xfe000000-0xfe1fffff,0xfeaf4000-0xfeaf7fff irq 10 at device 16.1 on pci0
igb2: <Intel(R) PRO/1000 Network Connection, Version - 2.5.3-k> port 0xe0c0-0xe0df mem 0xfea80000-0xfea9ffff,0xfe200000-0xfe3fffff,0xfeaf8000-0xfeafbfff irq 10 at device 17.0 on pci0
igb3: <Intel(R) PRO/1000 Network Connection, Version - 2.5.3-k> port 0xe0e0-0xe0ff mem 0xfeaa0000-0xfeabffff,0xfe400000-0xfe5fffff,0xfeafc000-0xfeafffff irq 10 at device 17.1 on pci0
em0: <Intel(R) PRO/1000 Legacy Network Connection 1.1.0> port 0xe000-0xe03f mem 0xfeac0000-0xfeadffff irq 10 at device 18.0 on pci0
igb0: <Intel(R) PRO/1000 Network Connection, Version - 2.5.3-k> port 0xe080-0xe09f mem 0xfea40000-0xfea5ffff,0xfde00000-0xfdffffff,0xfeaf0000-0xfeaf3fff irq 11 at device 16.0 on pci0
igb1: <Intel(R) PRO/1000 Network Connection, Version - 2.5.3-k> port 0xe0a0-0xe0bf mem 0xfea60000-0xfea7ffff,0xfe000000-0xfe1fffff,0xfeaf4000-0xfeaf7fff irq 10 at device 16.1 on pci0
igb2: <Intel(R) PRO/1000 Network Connection, Version - 2.5.3-k> port 0xe0c0-0xe0df mem 0xfea80000-0xfea9ffff,0xfe200000-0xfe3fffff,0xfeaf8000-0xfeafbfff irq 10 at device 17.0 on pci0
igb3: <Intel(R) PRO/1000 Network Connection, Version - 2.5.3-k> port 0xe0e0-0xe0ff mem 0xfeaa0000-0xfeabffff,0xfe400000-0xfe5fffff,0xfeafc000-0xfeafffff irq 10 at device 17.1 on pci0
em0: <Intel(R) PRO/1000 Legacy Network Connection 1.1.0> port 0xe000-0xe03f mem 0xfeac0000-0xfeadffff irq 10 at device 18.0 on pci0
root@OPNsense:~ #
9
17.1 Legacy Series / Intermittant networking between resets with opnsense vm and pci nic pass-through
« on: March 12, 2017, 12:20:10 am »
Hi all,
I've read that nic pass-though is the most secure way to virtualize a router/firewall. I'm using proxmox as my host with allows me to do a bunch of things since i can reuse the underlying hardware for serveral other VMs. I followed this guide on the great proxmox wiki and was able to pass-thought a 4 port intel nic to a vm running opnsense (dell v pro 1000). It all works - in fact I'm typing up this post "through" the firewall right now! Currently the vm is 17.1.2 but i had the same problem with 17.1.
As an aside i was able to solve the opnsense on zfs problem https://forum.opnsense.org/index.php?topic=3602.msg12620#msg12620 that i posted about previously in a round-about sort of way since proxmox supports booting using the zfs on linux stack.
The problem is this: When i reboot the opnsense vm networking randomly doesn't work. The boot sequence shows the machine finding the NICs and setting there state to "up" but sometimes the lan interface is un-pingable and the wan interface doesn't receive an ip though dhcp from my isp.
Could this be a host problem or a guest problem? I'm not even sure where to start googleing on this problem... i've cross post this to the proxmox forum in-case it is a host problem. Does anybody out their have any guest side ideas about what could be causing this?
I've read that nic pass-though is the most secure way to virtualize a router/firewall. I'm using proxmox as my host with allows me to do a bunch of things since i can reuse the underlying hardware for serveral other VMs. I followed this guide on the great proxmox wiki and was able to pass-thought a 4 port intel nic to a vm running opnsense (dell v pro 1000). It all works - in fact I'm typing up this post "through" the firewall right now! Currently the vm is 17.1.2 but i had the same problem with 17.1.
As an aside i was able to solve the opnsense on zfs problem https://forum.opnsense.org/index.php?topic=3602.msg12620#msg12620 that i posted about previously in a round-about sort of way since proxmox supports booting using the zfs on linux stack.
The problem is this: When i reboot the opnsense vm networking randomly doesn't work. The boot sequence shows the machine finding the NICs and setting there state to "up" but sometimes the lan interface is un-pingable and the wan interface doesn't receive an ip though dhcp from my isp.
Could this be a host problem or a guest problem? I'm not even sure where to start googleing on this problem... i've cross post this to the proxmox forum in-case it is a host problem. Does anybody out their have any guest side ideas about what could be causing this?
10
17.1 Legacy Series / Re: install on zfs
« on: September 06, 2016, 12:36:06 am »
I thought of some more stuff to try like: duh why don't i try to apply the info from the guide on modifying pfsense to work with zfs that i had first found here:
https://forum.pfsense.org/index.php?topic=94656.0
so i cloned the virtual machine i've been playing with and booted into the live cd mode of freebsd (i found that idea at http://serverfault.com/questions/616991/freebsd-10-wont-boot-to-zfs-root-after-power-failure)
and then took a look at mounting the zfs file system since the why it was done on the server fault page wouldn't work for me :-( . I had a look logical stuff like https://www.freebsd.org/doc/handbook/zfs.html ,http://docs.oracle.com/cd/E19253-01/819-5461/, and http://solarisinternals.com/wiki/index.php/ZFS_Troubleshooting_Guide before i poked around, generated an error and found : https://forums.freebsd.org/threads/43983/
i modified the suggested command a bit:
after that i tried to start applying the steps from the pfsense article excluding the step where you mount the file-system since i had oviously just done that:
uh oh.
eventually i tracked down that opnsense has moved them. For ex: https://github.com/opnsense/core/commit/55db8dab0f19c5a9e882957087571f650608cfec shows that
so applying those changes i got something like:
... which still doesn't work. I assume cf stands for compact flash and cdrom stands for a read only file system. beyond that i don't have as much insight into what is going on as i would like to have... Feels kind close though... *sigh*.
https://forum.pfsense.org/index.php?topic=94656.0
so i cloned the virtual machine i've been playing with and booted into the live cd mode of freebsd (i found that idea at http://serverfault.com/questions/616991/freebsd-10-wont-boot-to-zfs-root-after-power-failure)
and then took a look at mounting the zfs file system since the why it was done on the server fault page wouldn't work for me :-( . I had a look logical stuff like https://www.freebsd.org/doc/handbook/zfs.html ,http://docs.oracle.com/cd/E19253-01/819-5461/, and http://solarisinternals.com/wiki/index.php/ZFS_Troubleshooting_Guide before i poked around, generated an error and found : https://forums.freebsd.org/threads/43983/
i modified the suggested command a bit:
Code: [Select]
zpool import -f -o altroot=/mnt zroot since i just wanted the main pool (my volume was also called zroot but if you don't know it you can do just Code: [Select]
zpool import and zfs will list all the pools it can see...)after that i tried to start applying the steps from the pfsense article excluding the step where you mount the file-system since i had oviously just done that:
Code: [Select]
sed -i -e "s:cdrom:pfSense:" /mnt/etc/platform
mkdir -p /mnt/cf/conf
cp /mnt/conf.default/config.xml /mnt/cf/conf/config.xml
cd /mnt
rm -rf conf/
ln -s cf/conf ./conf
mkdir /mnt/tmp
chmod 1777 /mnt/tmpuh oh.
Code: [Select]
/mnt/etc/platform dosn't exist. nor does: Code: [Select]
/mnt/conf.default/config.xmleventually i tracked down that opnsense has moved them. For ex: https://github.com/opnsense/core/commit/55db8dab0f19c5a9e882957087571f650608cfec shows that
Code: [Select]
/conf.default/config.xml is now probably Code: [Select]
/usr/local/etc/config.xml and similarly https://github.com/opnsense/tools/commit/132641c826914fccf87b1ac433b39d3ec09c9a46 shows that Code: [Select]
/etc/platform is now (maybe) Code: [Select]
/usr/local/etc/platformso applying those changes i got something like:
Code: [Select]
sed -i -e "s:cdrom:OPNsense:" /mnt/usr/local/etc/platform
mkdir -p /mnt/cf/conf
cp /mnt/usr/local/etc/config.xml /mnt/cf/conf/config.xml
cd /mnt
rm -rf conf/
ln -s cf/conf ./conf
mkdir /mnt/tmp
chmod 1777 /mnt/tmp... which still doesn't work. I assume cf stands for compact flash and cdrom stands for a read only file system. beyond that i don't have as much insight into what is going on as i would like to have... Feels kind close though... *sigh*.
11
16.7 Legacy Series / Re: install onto zfs
« on: August 31, 2016, 03:15:07 am »
i created a new post over on the 17.1 alpha category since this is clearly not stuff for 16.7: https://forum.opnsense.org/index.php?topic=3602.msg12137#msg12137
12
17.1 Legacy Series / install on zfs
« on: August 31, 2016, 02:57:45 am »
Hi all,
I thought i move my posting on zfs over here (see previous posts in the 16.7 section https://forum.opnsense.orgindex.php?topic=3543.0) sinse, clearly zfs on 16.7 is impossible (and maybe 17.1 too). I thought I'd at least have a try at capturing the boot messages of a newly converted opnsense box booting up - i did it with a "host pipe" in virtualbox and picked up the "socket" in minicom on the cli of my host machine - it this is useful to someone with madder skillz than i i'll be glad :-)
I thought i move my posting on zfs over here (see previous posts in the 16.7 section https://forum.opnsense.orgindex.php?topic=3543.0) sinse, clearly zfs on 16.7 is impossible (and maybe 17.1 too). I thought I'd at least have a try at capturing the boot messages of a newly converted opnsense box booting up - i did it with a "host pipe" in virtualbox and picked up the "socket" in minicom on the cli of my host machine - it this is useful to someone with madder skillz than i i'll be glad :-)
Code: [Select]
______ _____ _____
/ __ |/ ___ |/ __ |
| | | | |__/ | | | |___ ___ _ __ ___ ___
| | | | ___/| | | / __|/ _ \ '_ \/ __|/ _ \
| |__| | | | | | \__ \ __/ | | \__ \ __/
|_____/|_| |_| /__|___/\___|_| |_|___/\___|
+=========================================+ @@@@@@@@@@@@@@@@@@@@@@@@@@@@
| | @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
| 1. Boot Multi User [Enter] | @@@@@ @@@@@
| 2. Boot [S]ingle User | @@@@@ @@@@@
| 3. [Esc]ape to loader prompt | @@@@@@@@@@@ @@@@@@@@@@@
| 4. Reboot | \\\\\ /////
| | )))))))))))) (((((((((((
| Options: | ///// \\\\\
| 5. [K]ernel: kernel (1 of 2) | @@@@@@@@@@@ @@@@@@@@@@@
| 6. Configure Boot [O]ptions... | @@@@@ @@@@@
| 7. Select Boot [E]nvironment... | @@@@@ @@@@@
| | @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
| | @@@@@@@@@@@@@@@@@@@@@@@@@@@@
+=========================================+
16.7 ``Dancing Dolphin''
/boot/kernel/kernel text=0x11ca488 data=0x7f3c28+0x23dd20 syms=[0x8+0x170580+0x8+0x188e92]
/boot/kernel/zfs.ko size 0x2e9350 at 0x22f6000
loading required module 'opensolaris'
/boot/kernel/opensolaris.ko size 0x55b0 at 0x25e0000
Booting...
KDB: debugger backends: ddb
KDB: current backend: ddb
Copyright (c) 1992-2016 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 10.3-RELEASE-p7 #0 a0a18f4(stable/16.7): Mon Aug 15 06:35:28 CEST 2016
root@sensey64:/usr/obj/usr/src/sys/SMP amd64
FreeBSD clang version 3.4.1 (tags/RELEASE_34/dot1-final 208032) 20140512
[HBSD ASLR] status: opt-out
[HBSD ASLR] mmap: 30 bit
[HBSD ASLR] exec base: 30 bit
[HBSD ASLR] stack: 42 bit
[HBSD ASLR] vdso: 28 bit
[HBSD ASLR] map32bit: 18 bit
[HBSD ASLR] disallow MAP_32BIT mode mmap: opt-in
[HBSD ASLR (compat)] status: opt-out
[HBSD ASLR (compat)] mmap: 14 bit
[HBSD ASLR (compat)] exec base: 14 bit
[HBSD ASLR (compat)] stack: 14 bit
[HBSD ASLR (compat)] vdso: 8 bit
[HBSD LOG] logging to system: enabled
[HBSD LOG] logging to user: disabled
CPU: Intel(R) Core(TM)2 Duo CPU E6850 @ 3.00GHz (3007.15-MHz K8-class CPU)
Origin="GenuineIntel" Id=0x6fb Family=0x6 Model=0xf Stepping=11
Features=0x783fbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE,SSE2>
Features2=0x209<SSE3,MON,SSSE3>
AMD Features=0x20100800<SYSCALL,NX,LM>
AMD Features2=0x1<LAHF>
real memory = 2097086464 (1999 MB)
avail memory = 1988341760 (1896 MB)
Event timer "LAPIC" quality 400
ACPI APIC Table: <VBOX VBOXAPIC>
random: <Software, Yarrow> initialized
ioapic0 <Version 1.1> irqs 0-23 on motherboard
ipw_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
ipw_bss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
module_register_init: MOD_LOAD (ipw_bss_fw, 0xffffffff805fd2a0, 0) error 1
ipw_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
ipw_ibss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
module_register_init: MOD_LOAD (ipw_ibss_fw, 0xffffffff805fd350, 0) error 1
ipw_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
ipw_monitor: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
module_register_init: MOD_LOAD (ipw_monitor_fw, 0xffffffff805fd400, 0) error 1
wlan: mac acl policy registered
kbd1 at kbdmux0
netmap: loaded module
cryptosoft0: <software crypto> on motherboard
acpi0: <VBOX VBOXXSDT> on motherboard
acpi0: Power Button (fixed)
acpi0: Sleep Button (fixed)
cpu0: <ACPI CPU> on acpi0
attimer0: <AT timer> port 0x40-0x43,0x50-0x53 on acpi0
Timecounter "i8254" frequency 1193182 Hz quality 0
Event timer "i8254" frequency 1193182 Hz quality 100
Timecounter "ACPI-fast" frequency 3579545 Hz quality 900
acpi_timer0: <32-bit timer at 3.579545MHz> port 0x4008-0x400b on acpi0
pcib0: <ACPI Host-PCI bridge> port 0xcf8-0xcff on acpi0
pci0: <ACPI PCI bus> on pcib0
isab0: <PCI-ISA bridge> at device 1.0 on pci0
isa0: <ISA bus> on isab0
atapci0: <Intel PIIX4 UDMA33 controller> port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xd000-0xd00f at device 1.1 on pci0
ata0: <ATA channel> at channel 0 on atapci0
ata1: <ATA channel> at channel 1 on atapci0
vgapci0: <VGA-compatible display> mem 0xe0000000-0xe0ffffff irq 18 at device 2.0 on pci0
vgapci0: Boot video device
em0: <Intel(R) PRO/1000 Legacy Network Connection 1.1.0> port 0xd010-0xd017 mem 0xf0000000-0xf001ffff irq 19 at device 3.0 on pci0
em0: Ethernet address: 08:00:27:a4:59:de
em0: netmap queues/slots: TX 1/256, RX 1/256
pci0: <bridge> at device 7.0 (no driver attached)
em1: <Intel(R) PRO/1000 Legacy Network Connection 1.1.0> port 0xd040-0xd047 mem 0xf0820000-0xf083ffff irq 16 at device 8.0 on pci0
em1: Ethernet address: 08:00:27:14:45:26
em1: netmap queues/slots: TX 1/256, RX 1/256
ahci0: <Intel ICH8M AHCI SATA controller> port 0xd048-0xd04f,0xd058-0xd05f,0xd070-0xd07f mem 0xf0840000-0xf0841fff irq 21 at device 13.0 0
ahci0: AHCI v1.10 with 3 3Gbps ports, Port Multiplier not supported
ahcich0: <AHCI channel> at channel 0 on ahci0
ahcich1: <AHCI channel> at channel 1 on ahci0
ahcich2: <AHCI channel> at channel 2 on ahci0
uart0: <16550 or compatible> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0
uart0: console (9600,n,8,1)
acpi_acad0: <AC Adapter> on acpi0
atkbdc0: <Keyboard controller (i8042)> port 0x60,0x64 irq 1 on acpi0
atkbd0: <AT Keyboard> irq 1 on atkbdc0
kbd0 at atkbd0
atkbd0: [GIANT-LOCKED]
psm0: <PS/2 Mouse> irq 12 on atkbdc0
psm0: [GIANT-LOCKED]
psm0: model IntelliMouse Explorer, device ID 4
orm0: <ISA Option ROM> at iomem 0xc0000-0xc7fff on isa0
sc0: <System console> at flags 0x100 on isa0
sc0: VGA <16 virtual consoles, flags=0x300>
vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
atrtc0: <AT realtime clock> at port 0x70 irq 8 on isa0
Event timer "RTC" frequency 32768 Hz quality 0
ppc0: cannot reserve I/O port range
ZFS NOTICE: Prefetch is disabled by default if less than 4GB of RAM is present;
to enable, add "vfs.zfs.prefetch_disable=0" to /boot/loader.conf.
ZFS filesystem version: 5
ZFS storage pool version: features support (5000)
Timecounters tick every 1.000 msec
IPsec: Initialized Security Association Processing.
em1: link state changed to UP
ada0 at ahcich0 bus 0 scbus2 target 0 lun 0
cd0 at ata0 bus 0 scbus0 target 0 lun 0
cd0: <VBOX CD-ROM 1.0> Removable CD-ROM SCSI device
cd0: Serial Number VB0-01f003f6
cd0: 33.300MB/s transfers (UDMA2, ATAPI 12bytes, PIO 65534bytes)
cd0: Attempt to query device size failed: NOT READY, Medium not present
ada0: <VBOX HARDDISK 1.0> ATA-6 SATA 2.x device
ada0: Serial Number VB794a53a7-50b7892e
ada0: 300.000MB/s transfers (SATA 2.x, UDMA6, PIO 8192bytes)
ada0: Command Queueing enabled
ada0: 8192MB (16777216 512 byte sectors)
ada0: Previously was known as ad4
random: unblocking device.
Timecounter "TSC-low" frequency 1503572867 Hz quality 800
Trying to mount root from zfs:zroot/ROOT/default []...
Mounting filesystems...
mount: /: unknown special file or file system
fsck: cannot open `/dev/zroot/ROOT/default': No such file or directory
fsck: cannot open `/dev/zroot/ROOT/default': No such file or directory
mkdir: /tmp/.cdrom: Read-only file system
mount_unionfs: /tmp/.cdrom: No such file or directory
mkdir: /tmp/.cdrom: Read-only file system
mount_unionfs: /tmp/.cdrom: No such file or directory
mkdir: /tmp/.cdrom: Read-only file system
mount_unionfs: /tmp/.cdrom: No such file or directory
mkdir: /tmp/.cdrom: Read-only file system
mount_unionfs: /tmp/.cdrom: No such file or directory
mkdir: /tmp/.cdrom: Read-only file system
mount_unionfs: /tmp/.cdrom: No such file or directory
mkdir: /tmp/.cdrom: Read-only file system
mount_unionfs: /tmp/.cdrom: No such file or directory
PHP Warning: file_put_contents(/etc/group): failed to open stream: Read-only file system in /usr/local/etc/rc.recover on line 210
PHP Warning: file_put_contents(/etc/master.passwd): failed to open stream: Read-only file system in /usr/local/etc/rc.recover on line 213
PHP Warning: file_put_contents(/etc/shells): failed to open stream: Read-only file system in /usr/local/etc/rc.recover on line 216
PHP Warning: file_put_contents(/etc/ttys): failed to open stream: Read-only file system in /usr/local/etc/rc.recover on line 219
pwd_mkdb: /etc/pwd.db.tmp: Read-only file system
pwd_mkdb: /etc/pwd.db.tmp: Read-only file system
Updating motd: /etc/motd is not writable, update failed.
Configuring syscons: blanktime.
mkdir: /conf: Read-only file system
mkdir: /conf: Read-only file system
Bootstrapping config.xml...cp: /conf/config.xml: No such file or directory
done.
Bootstrapping openssl.cnf...cp: /usr/local/openssl/openssl.cnf: Read-only file system
done.
grep: /conf/config.xml: No such file or directory
grep: /conf/config.xml: No such file or directory
[: -ne: unexpected operator
[: -ne: unexpected operator
mkdir: /var/etc: Read-only file system
rm: /var/run/nologin: Read-only file system
Configuring crash dump device: /dev/ada0p2
swapon: adding /dev/ada0p2 as swap device
rm: /var/run/dmesg.boot: Read-only file system
eval: cannot create /var/run/dmesg.boot: Read-only file system
chmod: /tmp: Read-only file system
.ldconfig: mkstemp(/var/run/ld-elf.so.hints.6bZCj1): Read-only file system
ELF ldconfig path: /lib /usr/lib /usr/lib/compat /usr/local/lib /usr/local/lib/ipsec /usr/local/lib/perl5/5.20/mach/CORE
32-bit compatibility ldconfig path: /usr/lib32
done.
PHP Warning: fopen(): Filename cannot be empty in /usr/local/etc/rc.recover on line 179
PHP Warning: ftruncate() expects parameter 1 to be resource, boolean given in /usr/local/etc/rc.recover on line 189
PHP Warning: rewind() expects parameter 1 to be resource, boolean given in /usr/local/etc/rc.recover on line 190
PHP Warning: fwrite() expects parameter 1 to be resource, boolean given in /usr/local/etc/rc.recover on line 191
^Ccap_mkdb: /etc/login.conf.db: Read-only file system
touch: /usr/local/etc/php/extensions.ini: Read-only file system
usage: cp [-R [-H | -L | -P]] [-f | -i | -n] [-alpsvx] source_file target_file
cp [-R [-H | -L | -P]] [-f | -i | -n] [-alpsvx] source_file ... target_directory
usage: chmod [-fhv] [-R [-H | -L | -P]] mode file ...
rm: /usr/local/etc/php.ini: Read-only file system
rm: /usr/local/lib/php.ini: Read-only file system
/usr/local/etc/rc.php_ini_setup: cannot create /usr/local/lib/php.ini: Read-only file system
sed: -I or -i may not be used with stdin
/usr/local/etc/rc.php_ini_setup: cannot create : No such file or directory
sed: -I or -i may not be used with stdin
/usr/local/etc/rc.php_ini_setup: cannot create : No such file or directory
sed: -I or -i may not be used with stdin
/usr/local/etc/rc.php_ini_setup: cannot create : No such file or directory
sed: -I or -i may not be used with stdin
/usr/local/etc/rc.php_ini_setup: cannot create : No such file or directory
sed: -I or -i may not be used with stdin
/usr/local/etc/rc.php_ini_setup: cannot create : No such file or directory
sed: -I or -i may not be used with stdin
/usr/local/etc/rc.php_ini_setup: cannot create : No such file or directory
sed: -I or -i may not be used with stdin
/usr/local/etc/rc.php_ini_setup: cannot create : No such file or directory
sed: -I or -i may not be used with stdin
/usr/local/etc/rc.php_ini_setup: cannot create : No such file or directory
sed: -I or -i may not be used with stdin
/usr/local/etc/rc.php_ini_setup: cannot create : No such file or directory
sed: -I or -i may not be used with stdin
/usr/local/etc/rc.php_ini_setup: cannot create : No such file or directory
sed: -I or -i may not be used with stdin
/usr/local/etc/rc.php_ini_setup: cannot create : No such file or directory
sed: -I or -i may not be used with stdin
/usr/local/etc/rc.php_ini_setup: cannot create : No such file or directory
sed: -I or -i may not be used with stdin
/usr/local/etc/rc.php_ini_setup: cannot create : No such file or directory
sed: -I or -i may not be used with stdin
/usr/local/etc/rc.php_ini_setup: cannot create : No such file or directory
sed: -I or -i may not be used with stdin
/usr/local/etc/rc.php_ini_setup: cannot create : No such file or directory
sed: -I or -i may not be used with stdin
/usr/local/etc/rc.php_ini_setup: cannot create : No such file or directory
sed: -I or -i may not be used with stdin
/usr/local/etc/rc.php_ini_setup: cannot create : No such file or directory
sed: -I or -i may not be used with stdin
/usr/local/etc/rc.php_ini_setup: cannot create : No such file or directory
sed: -I or -i may not be used with stdin
/usr/local/etc/rc.php_ini_setup: cannot create : No such file or directory
sed: -I or -i may not be used with stdin
/usr/local/etc/rc.php_ini_setup: cannot create : No such file or directory
/usr/local/etc/rc.php_ini_setup: cannot create /usr/local/lib/php.ini: Read-only file system
cp: /usr/local/etc/php.ini: Read-only file system
chmod: /usr/local/opnsense/service/configd.py: Read-only file system
/usr/local/etc/rc.d/configd: WARNING: failed precmd routine for configd
Launching the init system...touch: /var/run/booting: Read-only file system
done.
Initializing...PHP Warning: copy(/conf/config.xml): failed to open stream: No such file or directory in /usr/local/opnsense/mvc/app/libr5
Warning: copy(/conf/config.xml): failed to open stream: No such file or directory in /usr/local/opnsense/mvc/app/library/OPNsense/Core/Co5
PHP Fatal error: Uncaught exception 'OPNsense\Core\ConfigException' with message 'file not found' in /usr/local/opnsense/mvc/app/library2
Stack trace:
#0 /usr/local/opnsense/mvc/app/library/OPNsense/Core/Config.php(486): OPNsense\Core\Config->load()
#1 /usr/local/opnsense/mvc/app/library/OPNsense/Core/Config.php(281): OPNsense\Core\Config->restoreBackup('/usr/local/etc/...')
#2 /usr/local/opnsense/mvc/app/library/OPNsense/Core/Singleton.php(49): OPNsense\Core\Config->init()
#3 /usr/local/opnsense/mvc/app/library/OPNsense/Core/Singleton.php(70): OPNsense\Core\Singleton->__construct()
#4 /usr/local/etc/inc/config.lib.inc(82): OPNsense\Core\Singleton::getInstance()
#5 /usr/local/etc/inc/config.inc(33): parse_config()
#6 /usr/local/etc/rc.bootup(116): require_once('/usr/local/etc/...')
#7 {main}
thrown in /usr/local/opnsense/mvc/app/library/OPNsense/Core/Config.php on line 302
Fatal error: Uncaught exception 'OPNsense\Core\ConfigException' with message 'file not found' in /usr/local/opnsense/mvc/app/library/OPNs2
Stack trace:
#0 /usr/local/opnsense/mvc/app/library/OPNsense/Core/Config.php(486): OPNsense\Core\Config->load()
#1 /usr/local/opnsense/mvc/app/library/OPNsense/Core/Config.php(281): OPNsense\Core\Config->restoreBackup('/usr/local/etc/...')
#2 /usr/local/opnsense/mvc/app/library/OPNsense/Core/Singleton.php(49): OPNsense\Core\Config->init()
#3 /usr/local/opnsense/mvc/app/library/OPNsense/Core/Singleton.php(70): OPNsense\Core\Singleton->__construct()
#4 /usr/local/etc/inc/config.lib.inc(82): OPNsense\Core\Singleton::getInstance()
#5 /usr/local/etc/inc/config.inc(33): parse_config()
#6 /usr/local/etc/rc.bootup(116): require_once('/usr/local/etc/...')
#7 {main}
thrown in /usr/local/opnsense/mvc/app/library/OPNsense/Core/Config.php on line 302
rm: /var/run/booting: No such file or directory
Starting CRON... done.
grep: /conf/config.xml: No such file or directory
[: -gt: unexpected operator
Warning: copy(/conf/config.xml): failed to open stream: No such file or directory in /usr/local/opnsense/mvc/app/library/OPNsense/Core/Co5
Fatal error: Uncaught exception 'OPNsense\Core\ConfigException' with message 'file not found' in /usr/local/opnsense/mvc/app/library/OPNs2
Stack trace:
#0 /usr/local/opnsense/mvc/app/library/OPNsense/Core/Config.php(486): OPNsense\Core\Config->load()
#1 /usr/local/opnsense/mvc/app/library/OPNsense/Core/Config.php(281): OPNsense\Core\Config->restoreBackup('/usr/local/etc/...')
#2 /usr/local/opnsense/mvc/app/library/OPNsense/Core/Singleton.php(49): OPNsense\Core\Config->init()
#3 /usr/local/opnsense/mvc/app/library/OPNsense/Core/Singleton.php(70): OPNsense\Core\Singleton->__construct()
#4 /usr/local/etc/inc/config.lib.inc(82): OPNsense\Core\Singleton::getInstance()
#5 /usr/local/etc/inc/config.inc(33): parse_config()
#6 /usr/local/etc/rc.initial.banner(31): require_once('/usr/local/etc/...')
#7 {main}
thrown in /usr/local/opnsense/mvc/app/library/OPNsense/Core/Config.php on line 302
Aug 30 17:18:04 getty[1514]: open /dev/ttyu3: No such file or directory
Aug 30 17:18:04 getty[1512]: open /dev/ttyu1: No such file or directory
Aug 30 17:18:04 getty[1513]: open /dev/ttyu2: No such file or directory
FreeBSD/amd64 (Amnesiac) (ttyu0)
login: Aug 30 17:18:04 getty[1516]: open /dev/ttyd0: No such file or directory
Aug 30 17:18:04 getty[1515]: open /dev/dcons: No such file or directory
root
Last login: Tue Aug 30 20:54:31 on ttyu0
FreeBSD ?.?.? (UNKNOWN)
Welcome to FreeBSD!
Release Notes, Errata: https://www.FreeBSD.org/releases/
Security Advisories: https://www.FreeBSD.org/security/
FreeBSD Handbook: https://www.FreeBSD.org/handbook/
FreeBSD FAQ: https://www.FreeBSD.org/faq/
Questions List: https://lists.FreeBSD.org/mailman/listinfo/freebsd-questions/
FreeBSD Forums: https://forums.FreeBSD.org/
Documents installed with the system are in the /usr/local/share/doc/freebsd/
directory, or can be installed later with: pkg install en-freebsd-doc
For other languages, replace "en" with a language code like de or fr.
Show the version of FreeBSD installed: freebsd-version ; uname -a
Please include that output and any error messages when posting questions.
Introduction to manual pages: man man
FreeBSD directory layout: man hier
Edit /etc/motd to change this login announcement.
root@:~ #
13
16.7 Legacy Series / Re: install onto zfs
« on: August 22, 2016, 04:35:45 am »
So i tried:
am i playing with fire: yes. Do i know what I'm doing: no. still any thoughts would be quite appreciated...
- Installing FreeBSD 10.3 onto my virtual machine... and used Root-on-ZFS Automatic Partitioning to setup a 3 way mirror...
- then after the installer finished i put wget on the system
Code: [Select]
pkg install wget- then i used wget to download the .sh that franco created to convert a freeBSD install into opnsense
Code: [Select]
wget --no-check-certificate https://raw.githubusercontent.com/opnsense/update/master/bootstrap/opnsense-bootstrap.sh- then i chmod'ed the file to 1700 and ran it
- it looked like it all worked but then towards the end of the boot of the system i got a message like "php warning : fwrite expects parameter 1 to be a resource..." see attached screen shot. The fact that there are 3 messages make me think it is likely to do with my zfs tom foolery...
am i playing with fire: yes. Do i know what I'm doing: no. still any thoughts would be quite appreciated...
14
16.7 Legacy Series / Re: install onto zfs
« on: August 22, 2016, 12:12:44 am »
so i had a poke around with virtual box. With pfsense 2.2.2 i was able to get a booting zfs mirror up and running as per the previously posted instructions. It appears that the "graphical install method" is missing from opnsense (maybe the fork was after 2.2.2?)
reading https://forum.opnsense.org/index.php?topic=505.msg1709#msg1709 from 2015 i noticed franco's response:
so i guess this stuff is still on the drawing boards... I was intrigued about his use of
it appears from the digital ocean guide that franco mentioned and his comment that package installations have been fixed that is it as "simple" as installing freebsd on zfs and using the package they mention to convert freebsd into opnsense...
I guess what i'm asking is: is converting a freebsd with zfs on root installation to opnsense a viable way to get a working opnsense on zfs installation working these days?
reading https://forum.opnsense.org/index.php?topic=505.msg1709#msg1709 from 2015 i noticed franco's response:
Quote
QuoteQuote from: SilverJS on May 26, 2015, 09:17:05 PM
2. ZFS support. I know someone else had already mentioned this in a separate thread, and Franco (as I recall) had mentioned he'd consider it. I'd just like to add my voice to the chorus requesting this. I can tell you that, in the short while I've used boot environments in FreeNAS 9.3 (been using FreeNAS since the very early 8.x versions), that they have already proven their worth and utility to me. Anybody who's had trouble with an upgrade of any kind can relate to this, I'm sure. I understand this is much more long-term, and that the team has higher-priority items for now - but, all I'm asking is, that you not let this drop from your crosscheck. =)
This is still a huge task ahead of us. I've recently fixed package installations on ZFS systems, but for now two major issues are stopping us from deploying ZFS in a release:
(a) the rc system won't boot off a zfs system as it is not aware of its idiosyncrasies
(b) the installer needs a zfs install option
After those steps are tackled, we can start to phase in boot environments and the like. If anybody is willing to help I'd be happy to guide and review changes to make this happen rather sooner than later. Hope that helps.
so i guess this stuff is still on the drawing boards... I was intrigued about his use of
Quote
I've recently fixed package installationsand i found this post which seemed to indicate you can convert a vanilla installation of freebsd into opnsense: https://forum.opnsense.org/index.php?topic=1480.msg4481#msg4481. but that same thread also has Johan2 having trouble converting his freebsd with zfs on root to opnsense.
it appears from the digital ocean guide that franco mentioned and his comment that package installations have been fixed that is it as "simple" as installing freebsd on zfs and using the package they mention to convert freebsd into opnsense...
I guess what i'm asking is: is converting a freebsd with zfs on root installation to opnsense a viable way to get a working opnsense on zfs installation working these days?
15
16.7 Legacy Series / install onto zfs
« on: August 16, 2016, 11:41:47 pm »
hi all,
poking around the forum i found:
https://forum.opnsense.org/index.php?topic=19.msg444#msg444
which talks about being able to install OPNsense onto bootable zfs. Any update? Does this work now?
if not any chance this technique from pfsense would work?:
https://forum.pfsense.org/index.php?topic=94656.0
poking around the forum i found:
https://forum.opnsense.org/index.php?topic=19.msg444#msg444
which talks about being able to install OPNsense onto bootable zfs. Any update? Does this work now?
if not any chance this technique from pfsense would work?:
https://forum.pfsense.org/index.php?topic=94656.0
Pages: [1]