Hardware

Hello all,
I have bought a GTA GB-1200 firewall running GNATbox. The seller states that on this hardware can run Monowall.
I have done some researches but found nothing.
Could anybody please tell me:
1) Anybody has any experience in installing Mono on GB-1200 or on the 1000 series
2) Is there a guide or something about how to install this.

Sorry for the noob questions!

Paolo

Probably a fairly good chance it will run, since GNATbox, like m0n0wall, is FreeBSD.

Did you ever get m0n0 running on your 1200? I bought a GB 1000 on ebay for $20. I don't have it yet but will let you know what happens when I try to install m0n0.

Alas, this did not work out. I loaded various m0n0 images onto a new CF card for this unit and if it is booting, I can't get to the console to configure it. The GB-1000 v3.4 software on the original CF card that came with the unit works fine. Not a big loss, even if it did work with m0n0, the fans in it are really loud.

Did you try manually assigning interfaces by editing config.xml ?  They are intel, so should be fxp0 etc.  Maybe it is booting, just the console isn't working ?

Thanks you very, very much for this suggestion.

I put the m0n0 CF card into another machine I have here that has a pair of Intel fxp NICS in it and configured m0n0 for LAN and WAN. When I put the CF into the GB-1000, it became pingable on the LAN address! Next, I edited my existing, working, full blown m0n0 configuration file to replace rl* with fxp* and uploaded it to the GB-1000. It's all there. Now if I could silence those fans a bit.

Thanks again for the suggestion. Perhaps I can discover why the console is not working.

thats great !

What is the output of dmesg , it might hint at the console problem.


Maybe you could replace the fans with bigger slower ones ?

Some more on this.

I have some spare 16MB DOM IDE modules lying around, so I wrote the generic PC image to one and configured it like I did for the CF card. That worked too in the GB-1000, so I left it in and have the CF card available for other uses.

Next, I tried to upload the generic-pc-serial-1.33b2.img firmware, but it failed. This unit has only one 64MB DIMM, so I swapped it out for a 128MB DIMM. That allowed me to upload the the firmware. System boots and reports it as type PC-Serial.

I have tried quite a few combinations of comm port settings on both serial ports, but no joy. I have no idea how to get into the BIOS on this unit either.

When running the GB-1000 software it came with, the console works fine from a PC and null modem cable to the port labeled "console", comm settings: 38400, 8, none,1,none.

As for the fans, disconnecting the one near the CPU heatsink makes little difference. The one inside the power supply is the loud one. I don't see anyway to improve that easily. The case for this is a 1U.

Here is the full output of dmesg. I don't see anything weird.

Thanks again for your help.

$ dmesg
Copyright (c) 1992-2008 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
   The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 6.4-RELEASE-p5 #0: Sun Jan  9 23:04:11 CET 2011
    root@mb64.neon1.net:/usr/src/sys/i386/compile/M0N0WALL_GENERIC
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Intel Celeron (634.78-MHz 686-class CPU)
  Origin = "GenuineIntel"  Id = 0x686  Stepping = 6
  Features=0x383f9ff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE>
real memory  = 134152192 (127 MB)
avail memory = 105050112 (100 MB)
wlan: mac acl policy registered
kbd1 at kbdmux0
ath_hal: 0.9.20.3 (AR5210, AR5211, AR5212, RF5111, RF5112, RF2413, RF5413)
acpi0: <VIA692 AWRDACPI> on motherboard
acpi0: Power Button (fixed)
Timecounter "ACPI-safe" frequency 3579545 Hz quality 850
acpi_timer0: <24-bit timer at 3.579545MHz> port 0x4008-0x400b on acpi0
cpu0: <ACPI CPU> on acpi0
acpi_throttle0: <ACPI CPU Throttling> on cpu0
acpi_button0: <Power Button> on acpi0
pcib0: <ACPI Host-PCI bridge> port 0xcf8-0xcff,0x4000-0x407f,0x4080-0x40ff,0x5000-0x500f on acpi0
pci0: <ACPI PCI bus> on pcib0
pcib1: <PCI-PCI bridge> at device 1.0 on pci0
pci1: <PCI bus> on pcib1
isab0: <PCI-ISA bridge> at device 7.0 on pci0
isa0: <ISA bus> on isab0
atapci0: <VIA 82C596B UDMA66 controller> port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xd000-0xd00f at device 7.1 on pci0
ata0: <ATA channel 0> on atapci0
ata1: <ATA channel 1> on atapci0
uhci0: <VIA 83C572 USB controller> port 0xd400-0xd41f irq 12 at device 7.2 on pci0
uhci0: [GIANT-LOCKED]
usb0: <VIA 83C572 USB controller> on uhci0
usb0: USB revision 1.0
uhub0: VIA UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
pci0: <bridge, HOST-PCI> at device 7.3 (no driver attached)
fxp0: <Intel 82559 Pro/100 Ethernet> port 0xd800-0xd83f mem 0xd5403000-0xd5403fff,0xd5000000-0xd50fffff irq 11 at device 9.0 on pci0
miibus0: <MII bus> on fxp0
inphy0: <i82555 10/100 media interface> on miibus0
inphy0:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
fxp0: Ethernet address: 00:d0:68:00:1e:74
fxp1: <Intel 82559 Pro/100 Ethernet> port 0xdc00-0xdc3f mem 0xd5401000-0xd5401fff,0xd5100000-0xd51fffff irq 10 at device 10.0 on pci0
miibus1: <MII bus> on fxp1
inphy1: <i82555 10/100 media interface> on miibus1
inphy1:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
fxp1: Ethernet address: 00:d0:68:00:1e:75
fxp2: <Intel 82559 Pro/100 Ethernet> port 0xe000-0xe03f mem 0xd5400000-0xd5400fff,0xd5200000-0xd52fffff irq 5 at device 11.0 on pci0
miibus2: <MII bus> on fxp2
inphy2: <i82555 10/100 media interface> on miibus2
inphy2:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
fxp2: Ethernet address: 00:d0:68:00:1e:76
fxp3: <Intel 82559 Pro/100 Ethernet> port 0xe400-0xe43f mem 0xd5402000-0xd5402fff,0xd5300000-0xd53fffff irq 12 at device 16.0 on pci0
miibus3: <MII bus> on fxp3
inphy3: <i82555 10/100 media interface> on miibus3
inphy3:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
fxp3: Ethernet address: 00:d0:68:00:1e:77
acpi_tz0: <Thermal Zone> on acpi0
sio0: <16550A-compatible COM port> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0
sio0: type 16550A, console
sio1: <16550A-compatible COM port> port 0x2f8-0x2ff irq 3 on acpi0
sio1: type 16550A
pmtimer0 on isa0
orm0: <ISA Option ROM> at iomem 0xc8000-0xcbfff on isa0
atkbdc0: <Keyboard controller (i8042)> at port 0x60,0x64 on isa0
atkbd0: <AT Keyboard> irq 1 on atkbdc0
kbd0 at atkbd0
atkbd0: [GIANT-LOCKED]
Timecounter "TSC" frequency 634777822 Hz quality 800
Timecounters tick every 1.000 msec
Fast IPsec: Initialized Security Association Processing.
IP Filter: v4.1.33 initialized.  Default = block all, Logging = enabled
md0: Preloaded image </mfsroot> 16777216 bytes at 0xc0ad4c04
ad0: FAILURE - SETFEATURES SET TRANSFER MODE status=51<READY,DSC,ERROR> error=4<ABORTED>
ad0: 15MB <PQI IDE DiskOnModule db01.20a> at ata0-master BIOSPIO
Trying to mount root from ufs:/dev/md0
fxp0: Microcode loaded, int_delay: 1000 usec  bundle_max: 6
fxp0: Microcode loaded, int_delay: 1000 usec  bundle_max: 6
fxp2: Microcode loaded, int_delay: 1000 usec  bundle_max: 6
fxp2: Microcode loaded, int_delay: 1000 usec  bundle_max: 6
fxp1: Microcode loaded, int_delay: 1000 usec  bundle_max: 6
fxp1: Microcode loaded, int_delay: 1000 usec  bundle_max: 6
ipfw2 (+ipv6) initialized, divert loadable, rule-based forwarding enabled, default to accept, logging disabled

m0n0wall says

Code:

sio0: <16550A-compatible COM port> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0
sio0: type 16550A, console

gnatbox says ( from http://www.gnatbox.com/gb-users/msg03080.html)

Code:

sio0 at port 0x3f8-0x3ff irq 4 flags 0x30 on isa0
sio0: type 16550A, console

So console looks ok, I assume the console is working as expected with the original CF and OS (to prove cable and PC are good) ?
Also, I don't know what baud rate  you should set it to, whatever the default on the GB1000 is.  I know their docs say 38400, but that might be configured in their kernel , whereas m0n0wall I believe doesn't set this.

FreeBSD docs state

By default, the serial port settings are: 9600 baud, 8 bits, no parity, and 1 stop bit.

I previously mentioned that the console woks fine with GNATbox software on the CF it came with. Null modem cable, 38400, 8, none, 1, none as documented in the GB-1000 console user's guide I was able to get online.

I tried the above (among many others) 9600, 8, none, 1, none without success on m0n0. One thing I did notice was that with some comm settings the terminal would echo @ to keystrokes, but was silent on other settings.

This is just a spare box I picked up for a song, so it's not like it's life or death. Although if the fans were tolerable, I would use it as my primary.

Thanks again for your help.

From my experience, small 40mm fans (I'm guessing that's what is used since it's a 1U unit) don't last all that long, and the bearings tend to start grinding/making noise.  I'd stock up on a few and replace the existing fans.  You shouldn't need larger/slower fans, just new ones.  I've had tons of these small fans go out on switches and motherboard southbridge's.

I have other things here with those small fans in them so I know how they sound when the bearings begin to go. I have greatly extended the life on those by oiling them, but eventually they are beyond help.

That's not what is happening with these. These run a whole lot faster than the others I have here, they just roar. They are also at least twice as deep at the others I have here.

One last bit of data on this serial console problem.

I have verified that the m0n0wall generic-pc-serial-1.33b2 image's console works when run on an ordinary PC.

I have also verified that an old copy of GNATBox Flash v 3.4.2 with the SIO serial console option included has a working serial console when run on the same PC. The console does not work when it is run on the GB-1000 hardware. In effect, it behaves just like m0n0wall pc-serial does - it fully works but the console is broken.

Must be some custom voodoo within the GB-1000 software that makes its console work on the GB-1000 hardware.

Maybe some day I will try the Soekris and PC Engines board image on the GB-1000 hardware and see if the console works. Does anyone know what ethernet adapters this image is for? I assume their type is hard coded in or can others be forced somehow without rebuilding the image from scratch?

Thanks again for all the help I got on this.

Well, I tried the m0n0wall embedded image and got nowhere.

So, just for grins I burned a copy of pfsense1.2.3 to the CF card and booted it. Surprisingly, the console works, and after an eternity it settled into the on screen menu. Not especially interested in pfsense, since I can get this unit going with m0n0wall without the console.

Makes me wonder though:

Why is pfsense so super slow to boot - like 5 minutes? I even threw a lot more RAM at it but it made no difference.

Why does the console work with pfsense, but not mon0?

Maybe Chris or others that work on both have some thoughts?

Well, this is now finished as far as it can be.

I changed the fans out to a low noise type. It used to roar, now it can't be heard, and so far it hasn't caught on fire or leaked any magic smoke out.

I couldn't get any version of m0n0wall that has serial console support to yield a working serial console on the GB-1000. pfsense 1.2.3 just works; I don't get it. I'm sticking with m0n0wall though.

To work around the lack of console, I swapped out the GB-1000's internal CF card adapter for one that allows CF card access thru the expansion slot on the rear of the case. I have a similar adapter in another machine that allows swapping out CF cards thru a removable 3.5 inch drive bay (where a floppy drive would be). So I installed plain old generic-pc m0n0wall to the CF on that machine, configured the interfaces using the monitor and keyboard, shut it down and moved the CF card to the GB-1000. There I uploaded a copy of my working configuration edited to change only the NIC type to fxp used in the GB-1000.

Maybe I'll try later versions of generic-pc-serial as they come along. Perhaps the console work like it does in pfsense.

Thanks again to brushedmoss for his help and hint that got me as far along as I am.