Bypass At&t fiber BGW210-700
-
ok thanks...will try the shellcmd to edit the xml
-
installed pkg shellcmd
<earlyshellcmd>/root/bin/pfatt.sh</earlyshellcmd> earlyshellcmd ATT bridge
getting an error stating sh: syntax error: end of file unexpected (expecting word)
directly after loading configuration completes. -
Do you get that same error if you just run the script at the command line?
It seems like the script may not be complete if it's showing that error. How did you copy it onto your firewall?
Steve
-
this is how your file should be - just replace with your modems mac address
#!/bin/sh set -e ONT_IF='igb0' RG_IF='igb1' RG_ETHER_ADDR='********LEAVE Apostrophes****************' OPNSENSE='no' LOG=/var/log/pfatt.log getTimestamp(){ echo `date "+%Y-%m-%d %H:%M:%S :: [pfatt.sh] ::"` } { echo "$(getTimestamp) pfSense + AT&T U-verse Residential Gateway for true bridge mode" echo "$(getTimestamp) Configuration: " echo "$(getTimestamp) ONT_IF: $ONT_IF" echo "$(getTimestamp) RG_IF: $RG_IF" echo "$(getTimestamp) RG_ETHER_ADDR: $RG_ETHER_ADDR" echo "$(getTimestamp) OPNSENSE: $OPNSENSE" echo -n "$(getTimestamp) loading netgraph kernel modules... " /sbin/kldload -nq ng_etf echo "OK!" if [ ${OPNSENSE} != 'yes' ]; then echo -n "$(getTimestamp) attaching interfaces to ng_ether... " /usr/local/bin/php -r "pfSense_ngctl_attach('.', '$ONT_IF');" /usr/local/bin/php -r "pfSense_ngctl_attach('.', '$RG_IF');" echo "OK!" fi echo "$(getTimestamp) building netgraph nodes..." echo -n "$(getTimestamp) creating ng_one2many... " /usr/sbin/ngctl mkpeer $ONT_IF: one2many lower one /usr/sbin/ngctl name $ONT_IF:lower o2m echo "OK!" echo -n "$(getTimestamp) creating vlan node and interface... " /usr/sbin/ngctl mkpeer o2m: vlan many0 downstream /usr/sbin/ngctl name o2m:many0 vlan0 /usr/sbin/ngctl mkpeer vlan0: eiface vlan0 ether /usr/sbin/ngctl msg vlan0: 'addfilter { vlan=0 hook="vlan0" }' /usr/sbin/ngctl msg ngeth0: set $RG_ETHER_ADDR echo "OK!" echo -n "$(getTimestamp) defining etf for $ONT_IF (ONT)... " /usr/sbin/ngctl mkpeer o2m: etf many1 downstream /usr/sbin/ngctl name o2m:many1 waneapfilter /usr/sbin/ngctl connect waneapfilter: $ONT_IF: nomatch upper echo "OK!" echo -n "$(getTimestamp) defining etf for $RG_IF (RG)... " /usr/sbin/ngctl mkpeer $RG_IF: etf lower downstream /usr/sbin/ngctl name $RG_IF:lower laneapfilter /usr/sbin/ngctl connect laneapfilter: $RG_IF: nomatch upper echo "OK!" echo -n "$(getTimestamp) bridging etf for $ONT_IF <-> $RG_IF... " /usr/sbin/ngctl connect waneapfilter: laneapfilter: eapout eapout echo "OK!" echo -n "$(getTimestamp) defining filters for EAP traffic... " /usr/sbin/ngctl msg waneapfilter: 'setfilter { matchhook="eapout" ethertype=0x888e }' /usr/sbin/ngctl msg laneapfilter: 'setfilter { matchhook="eapout" ethertype=0x888e }' echo "OK!" echo -n "$(getTimestamp) enabling one2many links... " /usr/sbin/ngctl msg o2m: setconfig "{ xmitAlg=2 failAlg=1 enabledLinks=[ 1 1 ] }" echo "OK!" echo -n "$(getTimestamp) removing waneapfilter:nomatch hook... " /usr/sbin/ngctl rmhook waneapfilter: nomatch echo "OK!" echo -n "$(getTimestamp) enabling $RG_IF interface... " /sbin/ifconfig $RG_IF up echo "OK!" echo -n "$(getTimestamp) enabling $ONT_IF interface... " /sbin/ifconfig $ONT_IF up echo "OK!" echo -n "$(getTimestamp) enabling promiscuous mode on $RG_IF... " /sbin/ifconfig $RG_IF promisc echo "OK!" echo -n "$(getTimestamp) enabling promiscuous mode on $ONT_IF... " /sbin/ifconfig $ONT_IF promisc echo "OK!" echo "$(getTimestamp) ngeth0 should now be available to configure as your pfSense WAN" echo "$(getTimestamp) done!" } >> $LOG
-
(1) I copied PFatt.sh as raw file to notepad.
(2) Made the changes as noted saving changes using semi colon " at beginning and at end of name to ensure it save as correct file type .sh
(3) used command prompt in pfsense webgui to upload to tmp directory.
(4) SSH into pfsense using putty to create directory root/bin.
(5) used file editor in pfsense to copy file to root/bin. -
Notepad can break stuff completely. I recommend Notepad++ in Windows, though it's been a few years since I last used it.
If you open the file in Diag > Edit file does it looks correct?
Steve
-
It looks correct from what I can tell...what if I copied it directly to the pfsense file edit made the changes there then save it as file type .sh? Does that eliminate the possibility of coruption?
-
Yes. Or just pull it directly into pfSense and then edit it in the webgui:
Steve
-
@stephenw10 said in Bypass At&t fiber BGW210-700:
/root/bin/pfatt.sh
Did it got the same syntax error.
-
Sorry wrong file path there. Try this:
[2.5.0-DEVELOPMENT][admin@fw321.stevew.lan]/root: fetch -o /root/bin https://raw.githubusercontent.com/aus/pfatt/master/bin/pfatt.sh /root/bin/pfatt.sh 3309 B 11 MBps 00s
-
now I am getting the following error...kldload: an error occurred while loading the module. Please check dmesg(8) for more details. It appears I might be out of luck.
-
Can you load the module manually?:
kldload ng_etf.ko
-
nope same error...can I download ng_etf.ko to /boot/kernel directly.
-
Hmm, and you got that module from the repo using pkg install?
-
@stephenw10 it says the pkg is installed gonna delete it and reinstall now.
-
That sort of error can often be because the module is wrong, from the wrong FreeBSD version or wrong architecture, but that cannot be the case if you installed it from the repo.
-
ok ran the pkg installer again it says installed but when I look in /boot/kernel I don't see the ng_etf-kmod file.
the original file was from https://github.com/aus/pfatt/blob/master/bin/ng_etf.ko -
It installs it to /boot/modules. It installs and load fine or me here.
What hardware are you running this on?
-
It's a Qotom I5 mini pc...gonna try my original pfsense computer build now just copied over the current xml config.
-
Can you show the exact command you're using and the error you're seeing?
-
pkg install ng_etf-kmod-0.1 I don't get an error on the install it says it completed...maybe my expectation is wrong. I am assuming (which I know I should not) that the pkg installs all the variables and I simply have to connect the att gateway to the wan port on the pfsense box and the att ont to the lan side of the pfsense box and reboot.
-
Right and I assume you see the install happen after that rather than an error? The more info you give us the better we can help you here.
Please give the full console output of you trying to load that module and the error it returns.
Steve
-
using the shellcmd configuration Shellcmd Type earlyshellcmd...do I need to put
the full <earlyshellcmd>/root/bin/pfatt.sh</earlyshellcmd>
or simply /root/bin/pfatt.sh
also where do I find those logs you mentioned?
-
You don't need the tags just the full path to the command:
/root/bin/pfatt.sh
Just copy and paste the console showing you running the command and whatever the output is.
Steve
-
ok also do I still need to run those chmod commands?
noted: chmod +x /root/bin/pfatt.sh
chmod 555 /boot/kernel/ng_etf.ko
-
I did not after installing from the pkg. You might well have to if you uploaded the module manually.
It would show a permissions error if that were the case though.
Steve
-
I ran dmesg -a and got the out put below.
Initializing.................. done.
Starting device manager (devd)...kldload: can't load ums: No such file or directory
done.
Loading configuration......done.
linker_load_file: Unsupported file type
kldload: an error occurred while loading the module. Please check dmesg(8) for more details.
Updating configuration...done.
Checking config backups consistency.................................done.
Setting up extended sysctls...done.
Setting timezone...done.
Configuring loopback interface...done.
Starting syslog...done.
Starting Secure Shell Services...done.
Setting up interfaces microcode...done.
Configuring loopback interface...done.
Creating wireless clone interfaces...done.
Configuring LAGG interfaces...done.
Configuring VLAN interfaces...done.
Configuring QinQ interfaces...done.
Configuring IPsec VTI interfaces...done.
Configuring WAN interface...
em0: link state changed to UP
done.
Configuring OPT1 interface...done.
Configuring OPT2 interface...done.
Configuring OPT3 interface...done.
Configuring LAN interface...done.
Configuring CARP settings...done.
Syncing OpenVPN settings...done.
pflog0: promiscuous mode enabled
Configuring firewall......done.
Starting PFLOG...done.
Setting up gateway monitors...done.
Setting up static routes...done.
Setting up DNSs...
Starting DNS Resolver...
em4: link state changed to UP
em2: link state changed to UP
em3: link state changed to UP
em1: link state changed to UP
done.
Synchronizing user settings...done.
Starting webConfigurator...done.
Configuring CRON...done.
Starting NTP time client...done.
Starting DHCP service...done.
Starting DHCPv6 service...done.
Configuring firewall......done.
Generating RRD graphs...done.
Starting syslog...done.
Starting CRON... done.
Starting package Shellcmd...done.
pfSense 2.4.4-RELEASE (Patch 3) amd64 Wed May 15 18:53:44 EDT 2019
Bootup complete -
Ok you are saying the module will not load. We need to see exactly how you're trying to load it and what errors it produces. Here's me doing the same on a local device:
[2.4.4-RELEASE][admin@pfsense.fire.box]/root: kldstat Id Refs Address Size Name 1 21 0xffffffff80200000 2ddcbe8 kernel 2 1 0xffffffff83221000 10a0 cpuctl.ko 3 1 0xffffffff83223000 2ed0 cryptodev.ko 4 1 0xffffffff83226000 10810 dummynet.ko 5 1 0xffffffff83237000 a34 ng_etf.ko [2.4.4-RELEASE][admin@pfsense.fire.box]/root: kldunload ng_etf [2.4.4-RELEASE][admin@pfsense.fire.box]/root: kldload ng_etf [2.4.4-RELEASE][admin@pfsense.fire.box]/root: kldload ng_etf kldload: can't load ng_etf: module already loaded or in kernel
I first check what modules are loaded with kldstat. Then unload ng_etf. The load it. Then try to load it again which produces an error.
Steve
-
This is what came back
[2.4.4-RELEASE[admin@pfSense.localdomain]/root: kldstat
Id Refs Address Size Name
1 3 0xffffffff80200000 2ddcbe8 kernel
2 1 0xffffffff83221000 10a0 cpuctl.ko
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: kldunload ng_etf
kldunload: can't find file ng_etf
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: kldload ng_etf
kldload: an error occurred while loading the module. Please check dmesg(8) for more details.
[2.4.4-RELEASE][admin@pfSense.localdomain]/root:]
1 3 0xffffffff80200000 2ddcbe8 kernel
2 1 0xffffffff83221000 10a0 cpuctl.ko
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: -
Ok, if you run
dmesg
after trying to load the module does it give any further information? -
@stephenw10 said in Bypass At&t fiber BGW210-700:
kldload ng_etf
%(#000000)[%(#000000)[linker_load_file: Unsupported file type
linker_load_file: Unsupported file type
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: kldstat
Id Refs Address Size Name
1 3 0xffffffff80200000 2ddcbe8 kernel
2 1 0xffffffff83221000 10a0 cpuctl.ko
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: kldunload ng_etf
kldunload: can't find file ng_etf
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: kldload ng_etf
kldload: an error occurred while loading the module. Please check dmesg(8) for more details.
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: dmesg
linker_load_file: Unsupported file type
[2.4.4-RELEASE][admin@pfSense.localdomain]/root:]] -
Hmm, OK I suggest you have a bad module file there somewhere. Remove the package:
[2.4.4-RELEASE][admin@pfsense.fire.box]/root: pkg remove ng_etf-kmod Checking integrity... done (0 conflicting) Deinstallation has been requested for the following 1 packages (of 0 packages in the universe): Installed packages to be REMOVED: ng_etf-kmod-0.1 Number of packages to be removed: 1 Proceed with deinstalling packages? [y/N]: y [1/1] Deinstalling ng_etf-kmod-0.1... [1/1] Deleting files for ng_etf-kmod-0.1: 100%
Then search for any remaining rogue module files:
[2.4.4-RELEASE][admin@pfsense.fire.box]/root: find / -name "*ng_etf*" /root/var/cache/pkg/ng_etf-kmod-0.1-10b4f7c3eb.txz /root/var/cache/pkg/ng_etf-kmod-0.1.txz
On my system they are only in the package cache which is fine. If you have others remove them.
Then reboot, check you still don't have any module file present and then re-install the package and retry.
Steve
-
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: find / -name "ng_etf"
/root/bin/ng_etf.ko
/var/cache/pkg/ng_etf-kmod-0.1-10b4f7c3eb.txz
/var/cache/pkg/ng_etf-kmod-0.1.txz
/boot/kernel/ng_etf.ko
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: [2.4.4-RELEASE][admin@pfSense.localdomain]/root: find / -name "ng_etf"
[2.4.4-RELEASE][admin@pfSense.localdomain]/root:: Too many arguments.
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: /root/bin/ng_etf.ko
/root/bin/ng_etf.ko: Permission denied.
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: /var/cache/pkg/ng_etf-kmod-0.1-10b4f7c3eb.txz
/var/cache/pkg/ng_etf-kmod-0.1-10b4f7c3eb.txz: Permission denied.
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: /var/cache/pkg/ng_etf-kmod-0.1.txz
/var/cache/pkg/ng_etf-kmod-0.1.txz: Permission denied.
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: /boot/kernel/ng_etf.ko
/boot/kernel/ng_etf.ko: Exec format error. Binary file not executable.
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: [2.4.4-RELEASE][admin@pfSense.localdomain]/root:
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: -
@stephenw10 said in Bypass At&t fiber BGW210-700:
find / -name "ng_etf"
2.4.4-RELEASE][admin@pfSense.localdomain]/root: rm /root/bin/ng_etf.ko
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: rm /var/cache/pkg/ng_etf-kmod-0.1-10b4f7c3eb.txz
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: rm /var/cache/pkg/ng_etf-kmod-0.1.txz
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: rm /boot/kernel/ng_etf.ko
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: rm /root/bin/ng_etf.ko
rm: /root/bin/ng_etf.ko: No such file or directory
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: rm /var/cache/pkg/ng_etf-kmod-0.1-10b4f7c3eb.txz
rm: /var/cache/pkg/ng_etf-kmod-0.1-10b4f7c3eb.txz: No such file or directory
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: rm /var/cache/pkg/ng_etf-kmod-0.1.txz
rm: /var/cache/pkg/ng_etf-kmod-0.1.txz: No such file or directory
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: rm /boot/kernel/ng_etf.ko
rm: /boot/kernel/ng_etf.ko: No such file or directory
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: find / -name "ng_etf"
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: -
You have to use at least the trainling
*
or it won't anything:find / -name "ng_etf*"
If there are no more instances then reinstall the pkg and try to load the module again.
Steve
-
Ok no more load issue it loads now... one more thing to get straight before I reboot
(1) ONT from outside goes to EM0
(2) ONT from Residential Gateway goes to EM1is this correct?
Could not wait curiosity got the best of me. rebooted with the above config. it booted but had no internet. I ran the network trouble shooter from windows and it came back with DNS issue.
-
No way I can answer that without knowing how you have it connected. However it looks like you donlt have em interfaces at all from your previous posts. If that's have you have it configured in pfSense and the script is still the same then the ONT should be on igb0 and the BGW210-700 on igb1.
Steve
-
Ok I have tried both
ONT on em0 and the BGW210-700 on em1.(1) ONT from outside goes to EM0
(2) ONT from Residential Gateway goes to EM1
dpinger refuses to start1 6 0xffffffff80200000 2ddcbe8 kernel
2 1 0xffffffff83221000 10a0 cpuctl.ko
3 1 0xffffffff83223000 a34 ng_etf.ko
[2.4.4-RELEASE][admin@pfSense.localdomain]/root:em1: permanently promiscuous mode enabled
em0: permanently promiscuous mode enabled
em0: link state changed to UP
em1: link state changed to UP
em1: link state changed to DOWN
pflog0: promiscuous mode enabled
em4: link state changed to UP
em2: link state changed to UP
em3: link state changed to UP
em1: link state changed to UP
[2.4.4-RELEASE][admin@pfSense.localdomain]/root: -
What happened when you got yo step 7 here: https://github.com/aus/pfatt#install
Did you see the ngeth0 interface and assign it as WAN?
Since you are re-assigning the interfaces it shouldn't matter which one you use as long as they are actually connected to the devices you set in the script.
Check the log file the script makes each time it runs: /var/log/pfatt.log
There should be some good troubleshooting info there if it's still not working.Steve
-
- Next, we spoof the MAC address of the residential gateway and request a DHCP lease on ngeth0. The packets get tagged as VLAN0 and exit to the ONT.
are you talking about this step above ...if so I did place my residential gateway mac in PFatt,sf. does it need to go someplace else?
I never got any prompts to configure any thing on boot up..can I configure manually from GUI?