Re-implementing the entire backend/frontend of pfSense
-
Oh no, Korea lost to Switzerland. Oh well :'(
I had a quick look at MultiSeat LTSP and with Linux VServer it looks overly complicated. I'm either going to look at web infrastructure for an embedded PDC or try moving from Voyage Linux to the FreeNAS configuration. ???
I like the admin page for WordPress however it doesn't appear easily transferable to the amount of information required with a router or PDC package. Has the core pfSense been updated completely to the new XML GUI-Builder, or is it only packages?
-
Only packages for the most part.
-
Well I moved over to FreeNAS core and things are working with a web interface now. This gets me a little closer to actually helping out. I have an image with Samba 4, TFTPD, DHCPD booting LTSP server and clients. Here's the TODO list:
:D
Kernel
-
Remove options / modules not used: need to track down better details of all options.
-
Add embedded specific modules, performance options, etc.
-
Create an embedded (no-HDD) kernel, and a generic (IDE & SCSI HDD) kernel.
O/S
-
Keep tftpboot files over an upgrade, requires different method to gzip|dd for imaging.
-
Replace OpenSSH with DropBear to save some space (worth the effort?).
-
Remove PAM (possible?).
Configuration
-
Private / Public / Runtime configuration split to allow testing new and different options.
-
Management daemon to co-ordinate system tasks.
Application
-
Support VLAN interface configuration.
-
VLAN DHCPD support.
-
Smaller Samba 4 binaries by removing uneeded modules, there are a lot statically compiled.
-
Various Windows stuff as I have no experience using AD.
Frontend
-
i18n/l10n support like pfSenses gettext().
-
AJAX edits and status feedback like pfSense.
-
Larger, clearer interface like WordPress, mainly CSS work I would believe.
-
Administration interface users like pfsense (is there a use with a AD server?).
I'm using Samba 4 to see how stable and big it is, its one process compared to using both OpenLDAP & Samba 3.
-
-
Ok, apart from killing my "worlds worst implementation of NFS" NAS appliance I have a functional test build, unfortunately tftpd-hpa seems a little fruity on FreeBSD and requires restarting when remounting /cf. Here are some screenshots showing how little I have done:
Active Directory configuration, absolute minimum parameters required:
DHCPD configuration, adding gateway & PXE boot filename:
TFTP configuration, slightly spartan, really needs a file manager like captive portal:
User & Groups modified to take posixAccount fields:
And the ISO/IMG files:
http://fnjordy.umcus.org/tmp/test.iso [ 26MB ]
http://fnjordy.umcus.org/tmp/test-generic-pc-img [ 12MB ]Slight mess in order to get TFTPBOOT files up you need to SSH in and run the following then SCP the files over.
mkdir /cf/tftpboot /sbin/umount -f /cf /sbin/mount -w -o noatime /cfI have a kernel an initrd image from Ubuntu Dapper with two configurations. One for a LTSP Ubuntu, basically regular Ubuntu Dapper Desktop install made diskless following the wiki instructions. The other for Ubuntu MueKow which loads the ltsp-client built from the server. The server is configured with NSS_LDAP for users & groups, and PAM_HEIMDAL to allow AD based logins. I couldn't get a crypted password up for shadow, but kerberos is the more secure method, albeit Samba 4 has no security :D
I wonder if I can find anyone who would actually use it ;)
-
Network diagram to make things a bit prettier: :-*
-
Kewl :) 8) ;)
Keep the good work and us posted, thanks for sharing with the community 8)
-
Can't wait to see you actually starting to work on pfSense ;D
-
Well i've just finished porting the directory server from FreeNAS core to a FreeSBIE core and I have to say i'm very impressed with how far the pfSense team have come. Its a minefield myriad of different options and decisions needing to be made and to get something working so well like pfSense is just brilliant. I on the other hand have quite a way to go, I have a system that works from CD but I need to test and get working CD+floppy/CF/HDD and HDD/CF setups, and then test on some WRAP hardware. My first significant change will be to introduce a private config, and then a runtime/public pair. I have setup my notes on Novell Forge:
http://developer.novell.com/wiki/index.php/%E3%81%BF%E3%82%8B_directory_server
Albeit rather fruity services, as Bugzilla still isn't working yet, and its taken a couple of days to get subversion and file hosting up. I'm working on a "build from scratch" how to just like pfsense / freenas / m0n0wall have as the current state is a rather confusing plethora of scripts. My only nitpick is with FreeSBIE 2, running a "make iso" always wants to rebuild everything so I added some code to force the build & install to be skipped.
-
FreeSBIE 2 ignores the build if its already done. Not sure what you mean:
Building world for i386 architecture
NO_BUILDWORLD set, skipping build
Building kernel for i386 architecture
NO_BUILDKERNEL set, skipping build
Installing world for i386 architecture
Making hierarchy
Are you sure you are running FreeSBIE 2 (not 1)?
-
FreeSBIE 2 ignores the build if its already done. Not sure what you mean:
Building world for i386 architecture
NO_BUILDWORLD set, skipping build
Building kernel for i386 architecture
NO_BUILDKERNEL set, skipping build
Installing world for i386 architecture
Making hierarchy
Are you sure you are running FreeSBIE 2 (not 1)?
It is FreeSBIE 2, but I guess i'm working with buildworld/buildkernel in not the best way possible. I'll work on it a bit to see why.