# Soekris net6051 Notes http://soekris.com/products/net6501.html Intel 82574L gigabit ethernet controller Firmware updates: http://soekris.com/downloads.html Boot drives: 0x80 = primary drive 0x81 = secondary drive 0x82 = tertiary drive 0x83 = quaternary drive 0x84 = quinary drive (etc.) 0xF0 = PXE boot (netboot) 0xFF = stop and go to comBIOS prompt 1. SATA Port 0 (J1) 2. SATA Port 1 (J2) 3. PCI Express connector (J3) 4. PCI Express riser (J4) 5. mSATA 0 socket (J5) 6. mSATA 1 socket (J6) 7. external USB connector (JP3) 8. internal USB connector (JP5) Ethernet chipset is Intel 82574L, using e1000e driver on linux (not e1000). miniPCIe WiFi card I have is the Intel 4965AGN. Kernel needs ext2 and SATA ACPHI (?) support at boot time to load root filesystem. ### OpenWRT installation http://wiki.openwrt.org/doku.php?id=oldwiki:soekrisport is out of date. Use http://wiki.openwrt.org/toh/pcengines/alix Eg, dd if=openwrt-x86-generic-combined-ext2.img of=/dev/sdc Then, use gparted to create another ext2 partition using unused space, and copy over openwrt and pfSense images there. Change /boot/menu.lst to include: title OpenWrt - Stick root (hd1,0) kernel /boot/vmlinuz root=/dev/sdb2 rootfstype=ext2 rootwait console=tty0 console=ttyS0,38400n8 noinitrd reboot=bios boot [doesn't actually work...] scx200: NatSemi SCx200 Driver microcode: CPU0 sig=0x20661, pf=0x2, revision=0x104 Microcode Update Driver: v2.00 , Peter Oruba ------------[ cut here ]------------ WARNING: at arch/x86/mm/ioremap.c:148 0xc10199d8() Modules linked in: Pid: 1, comm: swapper Not tainted 2.6.32.27 #1 Call Trace: [] ? 0xc10199d8 [] ? 0xc102271f [] ? 0xc10199d8 [] ? 0xc1022763 Need to recompile a full image custom image a la: http://superuser.com/questions/357401/how-to-install-openwrt-on-an-x86-computer-with-sata-hard-drive http://www.syslinux.org/wiki/index.php/SYSLINUX#SERIAL_port_.5B.5Bbaudrate.5D_flowcontrol.5D ##### Recompiling openwrt kernel for LXC support To enable gcc et al in OpenWRT backfire: http://www.pacificsimplicity.ca/comment/24#comment-24 Kernel flags (also network setup): http://lxc.teegra.net/#_configuration_options http://en.gentoo-wiki.com/wiki/LXC#Kernel_with_the_appropriate_LXC_options_enabled LXC userspace tools: http://lxc.sourceforge.net/download/lxc/ So... in menuconfig, disable binary stripping (under global build settings). save and do: $ ./scripts/feeds install -d m build-essential back in menuconfig, select devel/build-essentials as built-in (so don't need to do package install). ### Debian http://wiki.soekris.info/Installing_Debian_Linux_5.0 on syslinux device, edit txt.cfg: default install label install menu label ^Install menu default kernel linux append vga=normal initrd=initrd.gz -- quiet console=ttyS0,38400 earlyprint=serial,ttyS0,38400 to enable pfsense as a boot option: menuentry 'pfsense' { set root='(hd0,0)' chainloader +1 } menuentry 'openwrt' { set root='(hd0,3)' kernel /boot/vmlinuz root=/dev/sda4 rootfstype=ext2 init=/etc/preinit rootwait console=tty0 console=ttyS0,38400n8 noinitrd reboot=bios } ### pfSense [DID NOT WORK] Install to flash stick with: dd if=pfSense-memstick-2.0.1-RELEASE-i386.img of=/dev/sdc Plug in stick, boot up through comBIOS, then change console to 9600 8N1. Try to boot from default. You should get through most of the kernel load, then get to a mount error and console. DON'T press return or it will try to configure; enter "?" then return to list devices. I saw only one device (ad4?) and mounted that with ufs, then had a second mount error come up and did ufs:ufs/pfsense0 (or was it pfsense1?). This finally worked and I went through some business with LAN/WAN port configuration and finally was good to go. When booting from disk: Setting up embedded specific environment... done. ad4: TIMEOUT - READ_MUL retrying (1 retry left) LBA=788719 ad4: TIMEOUT - READ_MUL retrying (0 retries left) LBA=788719 ad4: FAILURE - READ_MUL timed out LBA=788719 g_vfs_done():ufs/pfsense0[READ(offset=403783680, length=18944)]error = 5 vnode_pager_getpages: I/O read error /etc/rc: /usr/sbin/pwd_mkdb: Input/output error ### pfSense forum thread on getting linux stuff working: http://www.digipedia.pl/usenet/thread/13078/936/ use random memstick-serial image found on the internet; dd it to USB stick and boot. don't go to installer mode, continue to livecd then SSH in to get a much better interface. go through the install, partition with at least one extra linux partition (to run the VM in), use the "embeded" kernel when that option comes up. in base install, get packages like: env PACKAGESITE=ftp://ftp6.jp.freebsd.org/pub/FreeBSD/ports/i386/packages-8.1-release/Latest/ pkg_add -r screen or, eg: pkg_add -r http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/8.1-RELEASE/packages/Latest/ezjail.tbz but we need to use developer edition (FreeBSD 8.3 when written), so do an upgrade through the web UI to the developer snapshot. install some random packages (PACKAGESITE trick no longer necessary) http://forum.pfsense.org/index.php/topic,25331.5/wap2.html [DON'T DO THIS PART] copy over lin*.ko from a FreeBSD .iso to /boot/kernel/ add to /boot/loader.conf.local: verbose_loading="YES" linux_load="YES" linprocfs_load="YES" linux_enable="YES" [/DON'T DO THIS PART] copy over all the libraries required for sysinstall from FreeBSD 8.3 .iso (try ldd /usr/sbin/sysinstall to get a list): scp libdialog* libncurses* libutil* libftpio* libdevinfo* root@192.168.1.1:/usr/lib/ scp sysinstall root@192.168.1.1:sysinstall8 run sysinstall. do options and set "Release Name 8.3-RELEASE" (not -p3). install system source (/src/sys) and ports collection. then install base, though this could break everything (?) go to /usr/src/sys/modules. for each of the following, enter and make && make install: linux linprocfs fdescfs linsysfs tmpfs ext2fs Things didn't work after a reboot. As a recovery, I grabbed the pfsense trunk repository and copied over all the files in /etc/ and /boot/ which were DIFFERENT between that and the FreeBSD-base install. Unfortunately, I seem to have acquired the READ_MUL problem again, blech. This did get me to boot. I had to override the DNS info (add 8.8.8.8 to /etc/resolv.conf), but was then able to invoke an auto-update through the web interface. note: on this hardware, booting from soekris, takes about a minute to boot. could shave 10-15 seconds optimizing comBIOS and selection menu, but can freebsd boot be enhanced? ### Debian/kFreeBSD Inside http://blog.vx.sk/archives/22-Tutorial-Debian-GNUkFreeBSD-in-a-FreeBSD-jail.html http://phaq.phunsites.net/2007/01/06/debian-gnukfreebsd-inside-native-freebsd-jail/ ### Install pfSense on Soekris Grab a "memstick-serial" image, flash it to a USB stick: http://snapshots.pfsense.org/FreeBSD_RELENG_8_3/i386/pfSense_HEAD/livecd_installer/?C=M;O=D $ dd if=pfSense-memstick-serial-2.1-DEVELOPMENT-i386-20120720-0129.img of=/dev/sdb Boot with serial console set to 38400 baud, select USB stick device. Eg, > boot 81 Switch to 9600 baud. Terminal output will be clunky/garbled, wait for it to try to draw, maybe press enter a couple times. When kernel actually loads output will be clearer. After kernel loads, system will ask if you want to do install or boot. Recommend that you boot, with basic configuration, then enable SSH and do install over a network shell as ncurses will be much cleaner. Hopefully install is self-explanitory. I created a 4GB "low-level"/slice partition for pfSense (which got split into a 3GB partition and a 1GB swap partition), a 16GB Linux/ext2 kFreeBSD partition (didn't create filesystem yet), and the rest of the space as another Linux/ext2 partition. I selected embedded kernel. ### Install kFreeBSD in pfSense First, we'll upgrade the pfSense install to include the full FreeBSD userspace. Use a 2.1 development image (based on FreeBSD 8.3), but not the most recent one. Login to the web console and enable SSH access. scp over sysinstall and required libraries from a FreeBSD 8.3 LiveCD. From this point on DO NOT reboot until the end. Copy over all the libraries required for sysinstall from FreeBSD 8.3 .iso (try ldd /usr/sbin/sysinstall to get a list): scp libdialog* libncurses* libutil* libftpio* libdevinfo* root@192.168.1.1:/usr/lib/ scp sysinstall root@192.168.1.1:sysinstall8 Run sysinstall. do options and set "Release Name 8.3-RELEASE" (not -p3). Install base, ports collection, and system kernel source (/src/sys). Use the pfSense webconsole to upgrade to the most recent development image. Now, reboot and hope everything comes back up with no disk errors. Go to /usr/src/sys/modules. for each of the following, enter and make && make install: linux linprocfs fdescfs linsysfs tmpfs ext2fs Use sysintall to install the full "base" system and kernel sources. Compile and install necessary kernel modules. pkg_add -r any desired packages. Maybe also a linux_base? pkg_add -r linux_base-f10 Inspect /boot/loader.conf and make sure it's sane? Reboot again and hope everything comes back up with no disk errors. If it does, ready for jail steps. create a linux ext2 filesystem: pkg_add -r e2fsprogs mke2fs /dev/ad6s2 mount -t ext2fs /dev/ad6s2 /jail/debian/ FINALLY, following directions, do: http://blog.vx.sk/archives/22-Tutorial-Debian-GNUkFreeBSD-in-a-FreeBSD-jail.html mkdir -p /jail/debian debootstrap wheezy /jail/debian http://cdn.debian.net/debian [2.1-BETA0][root@rooter0.rooter.is]/usr/src/sys/modules/tmpfs(42): jexec 1 /bin/bash root@debian0:/# uname -a GNU/kFreeBSD debian0.rooter.is 8.3-RELEASE-p3 FreeBSD 8.3-RELEASE-p3 #1: Wed Jul 18 19:29:09 EDT 2012 root@FreeBSD_8.3_pfSense_2.1.snaps.pfsense.org:/usr/obj./usr/pfSensesrc/src/sys/pfSense_wrap.8.i386 i386 i386 Genuine Intel(R) CPU @ 1.00GHz GNU/kFreeBSD Alright, after all that, some more config... Add the iperf and pfJailCtl packages. Add rc.conf.debian to /root/: jail_enable="YES" jail_list="debian" jail_debian_rootdir="/jail/debian" jail_debian_hostname="guest0.rooter.is" jail_debian_ip="127.0.0.1" jail_debian_devfs_enable="YES" jail_debian_exec_start="/etc/init.d/rc 3" jail_debian_flags="-l -u root" Add start_debian.sh to /root/: #/bin/sh kldload linux fdescfs linprocfs linsysfs tmpfs mount -t ext2fs /dev/ad6s2 /jail/debian/ mount -t linprocfs linprocfs /jail/debian/proc mount -t linsysfs linsysfs /jail/debian/sys mount -t tmpfs tmpfs /jail/debian/lib/init/rw ifconfig em1 alias 192.168.1.201/32 cp /root/rc.conf.debian /etc/rc.conf /etc/rc.d/jail start debian jls ### More config To allow ping inside kFreeBSD, add "security.jail.allow_raw_sockets=1" to /etc/sysctl.conf. ### PROBLEMS/EXTRA? http://wiki.freebsd.org/Jails Jul 22 18:00:02 syslogd: /var/log/ppp.log: Operation not suppe If you want to use shared memory in Linux applications, you need to set up a link from /dev/shm to a suitable place, e.g. by adding the following line to /etc/devfs.conf (takes effect on each boot): link /tmp shm To make use of NIS you have to adjust yp.conf and nsswitch.conf in /compat/linux/etc/ accordingly. For example: Set your yp-server and yp-domainname in yp.conf: domainname my.yp.domainname ypserver my.yp.server Let your lists for hosts, passwd and group be resolved via nsswitch.conf: passwd: files nis shadow: files nis group: files nis hosts: files dns nis WARNING: doing work which needs to chroot into the linux base may not work. In such cases (e.g. cross-development) you are better suited with a linux_dist port. # Links http://www.macfreek.nl/memory/FreeBSD_9_on_Soekris_net6501 http://blog.vx.sk/archives/22-Tutorial-Debian-GNUkFreeBSD-in-a-FreeBSD-jail.html ### Random links "m0n0deb" and how monowall got small: http://www.docunext.com/blog/2007/07/m0n0deb.html