PfSense

From Koala
Revision as of 09:04, 5 May 2010 by MarcoCavallini (talk)

Jump to: navigation, search

Koala mini PC con pfSense

About the pfSense Project

pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. pfSense is a popular project with more than 1 million downloads since its inception, and proven in countless installations ranging from small home networks protecting a PC and an Xbox to large corporations, universities and other organizations protecting thousands of network devices.

This project started in 2004 as a fork of the m0n0wall project, but focused towards full PC installations rather than the embedded hardware focus of m0n0wall. pfSense also offers an embedded image for Compact Flash based installations, however it is not our primary focus.

Boot di sistema

Log del boot di sistema pfSense-1.2.3 e riconoscimento di tutte le periferiche senza problemi. <
> http://pfsense.mirror.range-id.it/downloads/pfSense-1.2.3-RELEASE-LiveCD-Installer.iso.gz <
> N.B. durante il test è stato usato un Live CD e non era montato un HD.



Copyright (c) 1992-2009 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
	The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 7.2-RELEASE-p5 #0: Sun Dec  6 23:20:31 EST 2009
    sullrich@FreeBSD_7.2_pfSense_1.2.3_snaps.pfsense.org:/usr/obj.pfSense/usr/pfSensesrc/src/sys/pfSense_SMP.7
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Intel(R) Atom(TM) CPU  230   @ 1.60GHz (1599.99-MHz 686-class CPU)
  Origin = "GenuineIntel"  Id = 0x106c2  Stepping = 2
  Features=0xbfe9fbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE>
  Features2=0x40e31d<SSE3,DTES64,MON,DS_CPL,TM2,SSSE3,CX16,xTPR,PDCM,<b22>>
  AMD Features=0x20000000<LM>
  AMD Features2=0x1<LAHF>
  Logical CPUs per core: 2
real memory  = 2137587712 (2038 MB)
avail memory = 2081914880 (1985 MB)
ACPI APIC Table: <IntelR AWRDACPI>
FreeBSD/SMP: Multiprocessor System Detected: 2 CPUs
 cpu0 (BSP): APIC ID:  0
 cpu1 (AP/HT): APIC ID:  1
ioapic0: Changing APIC ID to 4
ioapic0 <Version 2.0> irqs 0-23 on motherboard
wlan: mac acl policy registered
kbd1 at kbdmux0
cryptosoft0: <software crypto> on motherboard
padlock0: No ACE support.
acpi0: <IntelR AWRDACPI> on motherboard
acpi0: [ITHREAD]
acpi0: Power Button (fixed)
acpi0: reservation of 0, a0000 (3) failed
acpi0: reservation of 100000, 7f5e0000 (3) failed
Timecounter "ACPI-fast" frequency 3579545 Hz quality 1000
acpi_timer0: <24-bit timer at 3.579545MHz> port 0x408-0x40b on acpi0
acpi_button0: <Power Button> on acpi0
pcib0: <ACPI Host-PCI bridge> port 0xcf8-0xcff on acpi0
pci0: <ACPI PCI bus> on pcib0
vgapci0: <VGA-compatible display> port 0xff00-0xff07 mem 0xfdf00000-0xfdf7ffff,0xd0000000-0xdfffffff,0xfdf80000-0xfdfbffff irq 16 at device 2.0 on pci0
agp0: <Intel 82945G (945G GMCH) SVGA controller> on vgapci0
agp0: detected 7932k stolen memory
agp0: aperture size is 256M
pci0: <multimedia, HDA> at device 27.0 (no driver attached)
pcib1: <ACPI PCI-PCI bridge> irq 16 at device 28.0 on pci0
pci1: <ACPI PCI bus> on pcib1
re0: <RealTek 8168/8168B/8168C/8168CP/8168D/8111B/8111C/8111CP PCIe Gigabit Ethernet> port 0xde00-0xdeff mem 0xfddff000-0xfddfffff,0xfdef0000-0xfdefffff irq 16 at device 0.0 on pci1
re0: Using 1 MSI messages
re0: Chip rev. 0x3c000000
re0: MAC rev. 0x00400000
miibus0: <MII bus> on re0
rgephy0: <RTL8169S/8110S/8211B media interface> PHY 1 on miibus0
rgephy0:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 1000baseT-FDX, auto
re0: Ethernet address: 00:30:18:a8:9e:99
re0: [FILTER]
uhci0: <UHCI (generic) USB controller> port 0xfe00-0xfe1f irq 23 at device 29.0 on pci0
uhci0: [GIANT-LOCKED]
uhci0: [ITHREAD]
usb0: <UHCI (generic) USB controller> on uhci0
usb0: USB revision 1.0
uhub0: <Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1> on usb0
uhub0: 2 ports with 2 removable, self powered
uhci1: <UHCI (generic) USB controller> port 0xfd00-0xfd1f irq 19 at device 29.1 on pci0
uhci1: [GIANT-LOCKED]
uhci1: [ITHREAD]
usb1: <UHCI (generic) USB controller> on uhci1
usb1: USB revision 1.0
uhub1: <Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1> on usb1
uhub1: 2 ports with 2 removable, self powered
uhci2: <UHCI (generic) USB controller> port 0xfc00-0xfc1f irq 18 at device 29.2 on pci0
uhci2: [GIANT-LOCKED]
uhci2: [ITHREAD]
usb2: <UHCI (generic) USB controller> on uhci2
usb2: USB revision 1.0
uhub2: <Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1> on usb2
uhub2: 2 ports with 2 removable, self powered
uhci3: <UHCI (generic) USB controller> port 0xfb00-0xfb1f irq 16 at device 29.3 on pci0
uhci3: [GIANT-LOCKED]
uhci3: [ITHREAD]
usb3: <UHCI (generic) USB controller> on uhci3
usb3: USB revision 1.0
uhub3: <Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1> on usb3
uhub3: 2 ports with 2 removable, self powered
ehci0: <Intel 82801GB/R (ICH7) USB 2.0 controller> mem 0xfdfff000-0xfdfff3ff irq 23 at device 29.7 on pci0
ehci0: [GIANT-LOCKED]
ehci0: [ITHREAD]
usb4: EHCI version 1.0
usb4: companion controllers, 2 ports each: usb0 usb1 usb2 usb3
usb4: <Intel 82801GB/R (ICH7) USB 2.0 controller> on ehci0
usb4: USB revision 2.0
uhub4: <Intel EHCI root hub, class 9/0, rev 2.00/1.00, addr 1> on usb4
uhub4: 8 ports with 8 removable, self powered
pcib2: <ACPI PCI-PCI bridge> at device 30.0 on pci0
pci2: <ACPI PCI bus> on pcib2
re1: <RealTek 8169SC/8110SC Single-chip Gigabit Ethernet> port 0xee00-0xeeff mem 0xfdcff000-0xfdcff0ff irq 18 at device 4.0 on pci2
re1: Chip rev. 0x18000000
re1: MAC rev. 0x00000000
miibus1: <MII bus> on re1
rgephy1: <RTL8169S/8110S/8211B media interface> PHY 1 on miibus1
rgephy1:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 1000baseT-FDX, auto
re1: Ethernet address: 00:30:18:a8:8c:81
re1: [FILTER]
re2: <RealTek 8169SC/8110SC Single-chip Gigabit Ethernet> port 0xec00-0xecff mem 0xfdcfe000-0xfdcfe0ff irq 19 at device 6.0 on pci2
re2: Chip rev. 0x18000000
re2: MAC rev. 0x00000000
miibus2: <MII bus> on re2
rgephy2: <RTL8169S/8110S/8211B media interface> PHY 1 on miibus2
rgephy2:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 1000baseT-FDX, auto
re2: Ethernet address: 00:30:18:a8:8c:82
re2: [FILTER]
re3: <RealTek 8169SC/8110SC Single-chip Gigabit Ethernet> port 0xea00-0xeaff mem 0xfdcfd000-0xfdcfd0ff irq 16 at device 7.0 on pci2
re3: Chip rev. 0x18000000
re3: MAC rev. 0x00000000
miibus3: <MII bus> on re3
rgephy3: <RTL8169S/8110S/8211B media interface> PHY 1 on miibus3
rgephy3:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 1000baseT-FDX, auto
re3: Ethernet address: 00:30:18:a8:8c:83
re3: [FILTER]
isab0: <PCI-ISA bridge> at device 31.0 on pci0
isa0: <ISA bus> on isab0
atapci0: <Intel ICH7 SATA300 controller> port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xfa00-0xfa0f at device 31.2 on pci0
ata0: <ATA channel 0> on atapci0
ata0: [ITHREAD]
ata1: <ATA channel 1> on atapci0
ata1: [ITHREAD]
pci0: <serial bus, SMBus> at device 31.3 (no driver attached)
acpi_tz0: <Thermal Zone> on acpi0
speaker0: <PC speaker> port 0x61 on acpi0
fdc0: <floppy drive controller> port 0x3f0-0x3f5,0x3f7 irq 6 drq 2 on acpi0
fdc0: [FILTER]
sio0: configured irq 4 not in bitmap of probed irqs 0
sio0: port may not be enabled
sio0: <16550A-compatible COM port> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0
sio0: type 16550A
sio0: [FILTER]
sio1: configured irq 3 not in bitmap of probed irqs 0
sio1: port may not be enabled
sio1: <16550A-compatible COM port> port 0x2f8-0x2ff irq 3 on acpi0
sio1: type 16550A
sio1: [FILTER]
atkbdc0: <Keyboard controller (i8042)> port 0x60,0x64 irq 1 on acpi0
atkbd0: <AT Keyboard> irq 1 on atkbdc0
kbd0 at atkbd0
atkbd0: [GIANT-LOCKED]
atkbd0: [ITHREAD]
cpu0: <ACPI CPU> on acpi0
p4tcc0: <CPU Frequency Thermal Control> on cpu0
cpu1: <ACPI CPU> on acpi0
p4tcc1: <CPU Frequency Thermal Control> on cpu1
pmtimer0 on isa0
sc0: <System console> at flags 0x100 on isa0
sc0: VGA <16 virtual consoles, flags=0x300>
vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
ums0: <vendor 0x1241 product 0x1166, class 0/0, rev 1.10/2.70, addr 2> on uhub1
ums0: 5 buttons and Z dir.
Timecounters tick every 1.000 msec
IPsec: Initialized Security Association Processing.
acd0: DVDR <TSSTcorp CDDVDW SN-S083C/SB01> at ata0-master SATA150
SMP: AP CPU #1 Launched!
acd0: FAILURE - READ_BIG HARDWARE ERROR asc=0x3e ascq=0x02 
acd0: FAILURE - READ_BIG HARDWARE ERROR asc=0x3e ascq=0x02 
acd0: FAILURE - READ_BIG HARDWARE ERROR asc=0x3e ascq=0x02 
acd0: FAILURE - READ_BIG HARDWARE ERROR asc=0x3e ascq=0x02 
acd0: FAILURE - READ_BIG HARDWARE ERROR asc=0x3e ascq=0x02 
Trying to mount root from cd9660:/dev/iso9660/pfSense
md0.uzip: 1690 x 65536 blocks
pflog0: promiscuous mode enabled
umass0: <vendor 0x13fe USB DISK 2.0, class 0/0, rev 2.00/1.10, addr 2> on uhub4
(probe0:umass-sim0:0:0:0): TEST UNIT READY. CDB: 0 0 0 0 0 0 
(probe0:umass-sim0:0:0:0): CAM Status: SCSI Status Error
(probe0:umass-sim0:0:0:0): SCSI Status: Check Condition
(probe0:umass-sim0:0:0:0): UNIT ATTENTION asc:28,0
(probe0:umass-sim0:0:0:0): Not ready to ready change, medium may have changed
(probe0:umass-sim0:0:0:0): Retrying Command (per Sense Data)
da0 at umass-sim0 bus 0 target 0 lun 0
da0: < USB DISK 2.0 PMAP> Removable Direct Access SCSI-0 device 
da0: 40.000MB/s transfers
da0: 1911MB (3913728 512 byte sectors: 255H 63S/T 243C)
GEOM: da0: partition 1 does not end on a track boundary.



uname -a

FreeBSD pfSense.local 7.2-RELEASE-p5 FreeBSD 7.2-RELEASE-p5 #0: Sun Dec  6 23:20:31 EST 2009     sullrich@FreeBSD_7.2_pfSense_1.2.3_snaps.pfsense.org:/usr/obj.pfSense/usr/pfSensesrc/src/sys/pfSense_SMP.7  i386



ifconfig

re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=389b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_UCAST,WOL_MCAST,WOL_MAGIC>
	ether 00:30:18:a8:9e:99
	inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
	inet6 fe80::230:18ff:fea8:9e99%re0 prefixlen 64 scopeid 0x1 
	media: Ethernet autoselect (none)
	status: no carrier
re1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=389b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_UCAST,WOL_MCAST,WOL_MAGIC>
	ether 00:30:18:a8:8c:81
	inet6 fe80::230:18ff:fea8:8c81%re1 prefixlen 64 scopeid 0x2 
	media: Ethernet autoselect (none)
	status: no carrier
re2: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=389b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_UCAST,WOL_MCAST,WOL_MAGIC>
	ether 00:30:18:a8:8c:82
	media: Ethernet autoselect (10baseT/UTP <half-duplex>)
	status: no carrier
re3: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=389b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_UCAST,WOL_MCAST,WOL_MAGIC>
	ether 00:30:18:a8:8c:83
	media: Ethernet autoselect (10baseT/UTP <half-duplex>)
	status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
	inet 127.0.0.1 netmask 0xff000000 
	inet6 ::1 prefixlen 128 
	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5 
enc0: flags=0<> metric 0 mtu 1536
pfsync0: flags=41<UP,RUNNING> metric 0 mtu 1460
	pfsync: syncdev: lo0 syncpeer: 224.0.0.240 maxupd: 128
pflog0: flags=100<PROMISC> metric 0 mtu 33204



kdlstat

Id Refs Address    Size     Name
 1    5 0xc0400000 ac3240   kernel
 2    1 0xc0ec4000 6a45c    acpi.ko
 3    1 0xc5d9f000 5000     glxsb.ko



pciconf -lv

hostb0@pci0:0:0:0:	class=0x060000 card=0x27708086 chip=0x27708086 rev=0x02 hdr=0x00
    class      = bridge
    subclass   = HOST-PCI
vgapci0@pci0:0:2:0:	class=0x030000 card=0x27728086 chip=0x27728086 rev=0x02 hdr=0x00
    class      = display
    subclass   = VGA
none0@pci0:0:27:0:	class=0x040300 card=0xa62516f3 chip=0x27d88086 rev=0x01 hdr=0x00
    class      = multimedia
    subclass   = HDA
pcib1@pci0:0:28:0:	class=0x060400 card=0x27d08086 chip=0x27d08086 rev=0x01 hdr=0x01
    class      = bridge
    subclass   = PCI-PCI
uhci0@pci0:0:29:0:	class=0x0c0300 card=0x27c88086 chip=0x27c88086 rev=0x01 hdr=0x00
    class      = serial bus
    subclass   = USB
uhci1@pci0:0:29:1:	class=0x0c0300 card=0x27c98086 chip=0x27c98086 rev=0x01 hdr=0x00
    class      = serial bus
    subclass   = USB
uhci2@pci0:0:29:2:	class=0x0c0300 card=0x27ca8086 chip=0x27ca8086 rev=0x01 hdr=0x00
    class      = serial bus
    subclass   = USB
uhci3@pci0:0:29:3:	class=0x0c0300 card=0x27cb8086 chip=0x27cb8086 rev=0x01 hdr=0x00
    class      = serial bus
    subclass   = USB
ehci0@pci0:0:29:7:	class=0x0c0320 card=0x27cc8086 chip=0x27cc8086 rev=0x01 hdr=0x00
    class      = serial bus
    subclass   = USB
pcib2@pci0:0:30:0:	class=0x060401 card=0x244e8086 chip=0x244e8086 rev=0xe1 hdr=0x01
    class      = bridge
    subclass   = PCI-PCI
isab0@pci0:0:31:0:	class=0x060100 card=0x27b88086 chip=0x27b88086 rev=0x01 hdr=0x00
    class      = bridge
    subclass   = PCI-ISA
atapci0@pci0:0:31:2:	class=0x010180 card=0x27c08086 chip=0x27c08086 rev=0x01 hdr=0x00
    class      = mass storage
    subclass   = ATA
none1@pci0:0:31:3:	class=0x0c0500 card=0x27da8086 chip=0x27da8086 rev=0x01 hdr=0x00
    class      = serial bus
    subclass   = SMBus
re0@pci0:1:0:0:	class=0x020000 card=0x816810ec chip=0x816810ec rev=0x02 hdr=0x00
    class      = network
    subclass   = ethernet
re1@pci0:2:4:0:	class=0x020000 card=0x10ec16f3 chip=0x816710ec rev=0x10 hdr=0x00
    class      = network
    subclass   = ethernet
re2@pci0:2:6:0:	class=0x020000 card=0x10ec16f3 chip=0x816710ec rev=0x10 hdr=0x00
    class      = network
    subclass   = ethernet
re3@pci0:2:7:0:	class=0x020000 card=0x10ec16f3 chip=0x816710ec rev=0x10 hdr=0x00
    class      = network
    subclass   = ethernet