A bit of tutorial running linux stuff on pfsense



  • I have pfsense on very powerfull machine(p core2duo, 2gbmem 800mhz, 250hd, under low load, only pfsense), wished to use some free resources of it.
    Ok here is the way to run linux(for example cod4 game server as i did on it) stuff on it.

    *not work on clean pfsense probably!!!!
    *1. do "kldload linux"(this will try to load linux kernel module to install linux binary kernel support)
    *2. if your program says "kernel too old" do "sysctl compat.linux.osrelease=2.6.16"

    1.1 Install sysinstall utility(comes with jailctl package, that is how i got it)

    1.2. Install linux binary compat kernel module from source.
        The best way to do that is to run sysinstall
        1.2.1. Do ->custom->options. Switch to "release name" and set it to "7.0-RELEASE" istead of "7.0-RELEASE-p8"(in my case)
        1.2.2. Then go back->custom->distributions->custom->src->set sys [X].
        1.2.3. Now go back and hit commit, choose mirror, download from it(note:it can be CD/DVD of certain freebsd version or ftp or http or netdrives of varios types)
        1.2.4. when done go to /usr/src/sys/modules/linux, do "make", "make install"
        1.2.5.If all goes fine(without errors) try "kldload linux" and set version of kern in "sysctl compat.linux.osrelease=2.6.16"

    2.1.run your linux stuff(if cant for some reason, install "linux compat binaries"),do:
    2.1.1 Download ports via sysinstall or ftp://ftp.freebsd.org/pub/FreeBSD/releases/i386/7.0-RELEASE/ports/ports.tgz
    2.1.2 do "mkdir /install; cd /install; fetch ftp://ftp.freebsd.org/pub/FreeBSD/releases/i386/7.0-RELEASE/ports/ports.tgz"
    2.1.3 when finished downloading do "tar -xzf ports.tgz"
    2.1.4 go under "cd <wherever you="" unpacked="" it="">/ports/emulators/linux_base-f7"(newer linux libs, relatively(in some cases you will need older stuff) better) directory
    2.1.5 do "make;make install" Should go without errors of course
    2.1.6 goto 1.2.4("kldload linux" or "kldstat | grep linux"), if you see linux.ko in loaded modules and "sysctl  compat.linux.osrelease=2.6.16", defenitely your stuff should run.

    Anton,
    Hope this helps

    ps All above was performed on 1.2.2 release of pfsense. You can actually install a lot of stuff yourself…
    If you are using powerfull server as router on not-really-crazy-netbandwidth, you can use pfsense as full freebsd, but with power of lovely pfsense webface for router...</wherever>



  • Hello,

    I was really glad when I found this tutorial because I'm in need of reinstalling OpenVPN with special arguments.
    To do so I need to install a C compiler which has been left out from original pfSense because of security hardening to my understanding.

    When following your guide I actually get stuck at the first thing…

    I've used:

    setenv PACKAGEROOT ftp://ftp-archive.freebsd.org/
    setenv PACKAGESITE ftp://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/7.0-RELEASE/packages/Latest/
    
    # pkg_add -r jailctl
    Fetching ftp://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/7.0  -RELEASE/packages/Latest/jailctl.tbz... Done.
    

    But I'm stuck at…

    # pkg_info jailctl
    pkg_info: can't find package 'jailctl' installed or in a file!
    
    

    I'm really new at linux, I've messed around with it quite alot like 5 years ago or so, so please be gentle!
    :)

    Regards,
    Lockzi



  • Repeat after me: FreeBSD is not Linux!  and that's what pfSense is based upon.

    What grab3 is doing in his post is to install a jail in FreeBSD to run another kernel in. And that is the first thing you are struggeling with:  pkg_add -r jailctl
    Except for being a really bad idea doing this on a firewall this surely isn't something an "ordinary user" should do…

    And you surely don't need to install a C compiler on your firewall to change some OpenVPN settings. It is fully installed already. If you are in need of features not accessible from the GUI (...) you can still reach them from console.



  • Excellent post grab3. I would love to see a tutorial for this. If you want I could host a tutorial on my website. This is something that really interest me and I am sure many people!


Log in to reply