WatchGuard Firebox x500 - HDD for Snort
-
Do you mean the plastic part of the connector is too large to fit or it has too many pins or the pin spacing is wrong?
Snort will run but you will have to be careful not to ask too much of it. If it starts using swap space because it ran out of RAM it'll slow down dramatically!
Steve
Edit: Ah, ATA-6. It should still fit physically though. :-\
-
Firebox connector is too small. The number of pins looks similar but spacing between the pins is different.
-
Weird. Googling for images of that drive it looks standard.
There are two groups of pins. 44 pins (in two rows of 22) that the connector should fit onto. Separately there are 4 pins that are used for master/slave/cable selection. The connector on the firebox cable is quite wide, because it doesn't have to connect to a drive normally, and it obstructed by any jumpers on the select pins on my sample drive.Any chance of a photo?
Steve
-
Yeah I will upload them later when I have access to the box. I will attach pictures of the wire and connector next to it. The male on HDD is bigger size than femal connector. Spacing is wider and the connector is longer.
-
So more like a standard desktop IDE connector? I've never seen a 2.5" IDE drive with anything other than the normal 44-pin small pitch connector. I await the photos. :)
Steve
Here's a picture of my drive and cable for comparison. It's a 20GB Toshiba drive.
Erm… photo a bit bigger than expected!
 -
Steve,
I figured it out. I was being stupid…honestly...
Quick question, which pins need a jumper to configure this drive in the slave mode. I need to figure out how I can upload signatures to the IDE but run pfsense of the current CF card.
Thanks for your help...kinda wasted your time...
-
Yeah…so far the box is not detecting the drive when I ssh into the shell and do "mount" and "df"...
-
Oh man. I feel like all odds are against me here…I can't find serial cable to get into BIOS... ::)
-
The jumper setting for master/slave is different for each drive but there is usually some instruction marked on the drive itself.
There is also a jumper on the motherboard I have a feeling could be something useful here, I don't have the box to look at right now.If you get the box detecting the drive much the easiest way to use it is to boot from the HD exclusively, remove the CF card. Using both media types is not really a supported option. It can be done but there is some command line tweaking necessary and it probably wouldn't survive an update.
Accessing the bios on that box is not easy, you cannot do it with just a serial cable. There is no console redirect. You have to use a PCI graphics card and a keboard header connector. :(
Steve
-
Is there a way to copy the content of the CF card to the hard drive? Fresh install is not going to work here for me since I have multiple patches installed on the CF card that fix issues with LED and LCD.
-
Steve,
Let me know if there is a way to port everything that I got on my CF card to the IDE hard drive. Let me know if I should create a separate thread in different category. Thanks for your help.
-
No there's no way to move everything from Nano install to the full install. However you can backup and restore your config file to the new install. The config file is supposed to contain everything but if you have used the old manual LCD install and put WGXepc on there these will need manual reinstatement. Think of it as a good excuse to document all your custom changes. ;)
This is your thread so if the topic has changed slightly I don't think it's a problem.
Steve
-
Steve,
Thanks for all your help. I think I will leave my Firebox alone for now. I am thinking about putting Snort on my Windows Server 2008. Looking at different typologies here. Looks like just need another NIC on it and SPAN a port on a switch. I am not very good with Linux…PfSense is awesome though...
