Pfsense for other platforms



  • Hi Guys,

    Quite new to pfsense and have been looking at it with interest. You make mention of the hardware requirements as being anything supported by FreeBSD 7. Well currently there seems to be tacit support for the MIPS range of processors (http://wiki.freebsd.org/FreeBSD/mips) as used on some of the RouterBoard devices (http://www.roc-noc.com/product.php?productid=83) but see there is no mention of it in pfsense documentation.

    So the question is, how does one go about getting access to pfsense source in order to attempt to build it for other platforms? The only developer discussion about that said there is no read only access to the CVS repository and thus you have to ask for special permission?

    I read also there are moves to change the rcs to GIT. It would certainly make it a lot easier to have wider developer access I am quite sure. So when will that be completed?

    Perhaps all this should be in a Developer FAQ somewhere ;) Though I see Documentation is one of the areas that needs some constructive contributions to.

    Thanks for your time



  • The developers iso would be what you are looking for.

    http://mirror.qubenet.net/mirror/pfsense/downloads/pfSense-Developers-1.2.2.iso.gz



  • Ahh cheers Sai.. I was wondering if that held all the source enough to build. I thought for a moment is was just another build with which to install it advanced.

    :)

    Thanks.



  • Source is all in git now, you can find it at https://rcs.pfsense.org

    MIPS would be a very time consuming platform to port to because of the very limited flash (usually 16 MB) and more limited RAM (64 MB) those platforms contain. You would have to pull numerous features to fit in those constraints.



  • I was looking but didn't see this asked elsewhere and this seems the thread for it: did you see the "new $100 Linux wall-wart server" articles that showed up all over the place?  The thing has a 1/2 gig each of flash and RAM, a USB 2.0 port and a gig ethernet port, and I IMMEDIATELY thought, "Wow, this would be PERFECT for a firewall!"  The thing isn't Linux-specific, and if FreeBSD 7 supports the processor, I don't see any reason (other than hardcoded-endianess madness and such) that pfS can't support it. (Perhaps using a USB -> 100Base-T dongle for the WAN?)

    Mike



  • Start by saying that no pfSense developer has that hardware you are mentioning.



  • @storkus:

    I was looking but didn't see this asked elsewhere and this seems the thread for it: did you see the "new $100 Linux wall-wart server" articles that showed up all over the place?  The thing has a 1/2 gig each of flash and RAM, a USB 2.0 port and a gig ethernet port, and I IMMEDIATELY thought, "Wow, this would be PERFECT for a firewall!"  The thing isn't Linux-specific, and if FreeBSD 7 supports the processor, I don't see any reason (other than hardcoded-endianess madness and such) that pfS can't support it. (Perhaps using a USB -> 100Base-T dongle for the WAN?)

    The SheevaPlug actually has two gig E MACs on die, just needs additional PHY, magnetics and RJ45 to have two ports. There may be a two port version of those supported at some point (a vendor we're working with may have them made).

    The RouterStation can be made available with more flash and RAM too, so it also may be a feasible platform.

    Both of those will only work with FreeBSD 8-CURRENT though, not 7.x. Both will require kernel development to be supported (the processor architecture working and a specific piece of hardware working are two very different things).

    But, these both may actually be supported in the not too distant future. We're in the early stages of investigating possibilities.



  • Tonight I found a thread dedicated to this device in the hardware sub-forum, but seeing your replies here I don't feel so stupid posting here!  The last postings in there talked about an atom-based board that otherwise specs roughly the same as this one and same TDP–but for around double the money. :(

    In any case, as I mentioned there, I think having a firewall running on a non-Intel instruction-set processor could possibly increase security WRT some processor-specific hacks that go around the OS that have been mentioned on Slashdot, among other places.  Any comments on that?

    Thanks for the reply, and I'm glad to hear that you guys are at least considering it! :)

    Mike


Log in to reply