Watchguard XTM 5 Series

mcdonnjd

@chpalmer I just got this box back out as I had been using a Meraki from work that still had life left on its license. Downloaded the latest OPNsense and pfSense and was able to install one to each of the hard drives in the box. After I get home from the wife's lunch break today I'll blow them both away and reinstall pfSense using the 2nd drive for squid caching.

Only trouble I had was I tried making the freebsd-boot partition larger, but both would not boot if I made them 1024K instead of 512K.

stephenw10

By latest do you mean a 2.7 snapshot or 2.6? Or Plus maybe?

mcdonnjd

@stephenw10 pfSense-CE-memstick-serial-2.6.0-RELEASE-amd64.img.gz was the file I downloaded and put on my USB drive.

mcdonnjd

I know I previously used WGXepc64 on this box in the past, but after installing to this hard drive, I tried downloading WGXepc64 to /root. I did a chmod 755 to make it executable. But when running it, I get a "Syntax error: redirection unexpected (expecting word)" when trying to do any of the commands.

chpalmer

@mcdonnjd said in Watchguard XTM 5 Series:

I know I previously used WGXepc64

Did you grab this version- https://github.com/stephenw10/WGXepc/raw/master/WGXepc64

And on 2.6??

mcdonnjd

@chpalmer I did. But I also screwed up when adding the 2nd drive to the box. Box would fail to boot. Since I hadn't gotten very far in setting up pfSense, I decided to just wipe it and start over, and create the partition during install. After redoing the basic setup, I re-downloaded it and now it is working. I'm not sure why.

Maybe it was a bad download the first time, I didn't get much of a chance to dig into it. But it's nice to have a green armed LED again. Need to eventually get around to remembering how I customized the BIOS image so that I can change the bootup option to say pfSense V2.6 (or maybe get ahead of it and change it to 2.7 despite being on 2.6) instead of 2.2. But that's minor and only seen during boot.

waterwall

@t-rexky said in Watchguard XTM 5 Series:

I made some additional BIOS tweaks and I think I am now done.  One thing I was still unable to get working is the password protection of the BIOS - no matter what I tried the unit always bypasses the password check when entering BIOS setup.  It has been this way ever since I unlocked it.  Here is the list of changes:

ACPI_AML version 0x03:
Introduced independent BIOS minor version codes for ACPI_AML revisions
BIOS branch x.x.An for E3400 CPU, where n is the ACPI_AML revision
BIOS branch x.x.Bn for Q9505S CPU, where n is the ACPI_AML revision
Changed 'Sign On Message' to include 'Unlocked v1.9.A3 / E3400 PT'.
Changed 'Sign On Message' to include 'Unlocked v1.9.B3 / Q9505S PT'.

XTM515-BIOS1.3-UNLOCKED1.9:
Modified BIOS Strings from 'Fan confiruration' to 'Fan configuration'
Modified DVMT BIOS String "This setting is only available for WinXp." to "This setting is only for WindowsXP." & introduced line breaks.
Changed Failsafe and Optimal IDE mode to AHCI (00 -> 02)
Changed Failsafe and Optimal 'Remote Access Term Type' to VT100 (00 -> 01)
Changed Failsafe and Optimal 'Always CF Card Boot' to Disable
Changed 'Sign On Message' to include 'Unlocked v1.9 PT'.

XTM515-BIOS1.3-UNLOCKED1.8b:
Corrected all ACPI_AML iasl Warnings based on "Internet wisdom"
Corrected all applicable ACPI_AML iasl Remarks, 17 benign Remarks remain
Introduced all eight P-states in ACPI_AML for E3400 CPU
Corrected P-sate power consumption values based on XTM5 power measurements
Changed 'Sign On Message' to include 'Unlocked v1.8b PT / E3400'.
Changed 'Sign On Message' to include 'Unlocked v1.8b PT / Q9505S'.

XTM515-BIOS1.3-UNLOCKED1.8a:
Implemented P-state dependencies _PSD in ACPI_AML.
Changed 'Sign On Message' to include 'Unlocked v1.8a PT / E3400'.
Changed 'Sign On Message' to include 'Unlocked v1.8a PT / Q9505S'.

XTM515-BIOS1.3-UNLOCKED1.8:
Changed 'Sign On Message' to include 'Unlocked v1.8 PT / E3400'.
Corrected ACPI version help string line breaks in "Enabled RSDP pointers to 64-bit [...]".

XTM515-BIOS1.3-UNLOCKED1.7:
Changed 'Sign On Message' to include 'Unlocked v1.7 PT / E3400'.
Modified LCD boot string from "WG BIOS 1.3" to "Firewall UTM" in module 1B (Single Link Arch BIOS).

XTM515-BIOS1.3-UNLOCKED1.6:
Changed 'Sign On Message' to include 'Unlocked v1.6 E3400 PT'.
Created two ROM branches, one for E3400 CPU and one for Q9505S CPU.

XTM515-BIOS1.3-UNLOCKED1.5:
Changed 'Sign On Message' to include 'Unlocked v1.5 PT'.
Enabled 'PCIPnP' and 'Chipset' menus.
Enabled 'CPU Configuration' submenu in 'Advanced' menu.
Enabled 'ACPI Configuration' submenu in 'Advanced' menu.

XTM515-BIOS1.3-UNLOCKED1.4:
Updated platform 11 CPUID 1067a microcode to version a0b.

XTM515-BIOS1.3-UNLOCKED1.3:
Disabled 'Lan ByPass Control' submenu in 'Advanced' menu.
Modified BIOS Strings from 'Port0 AHCI Speed limit to' to 'Port0 AHCI Speed limit' for Port0 to Port3.

XTM515-BIOS1.3-UNLOCKED1.2:
Changed 'Aways CF Card Boot' to 'Show' in 'Advanced' menu.

XTM515-BIOS1.3-UNLOCKED1.1:
Unlocked the BIOS by changing 'User Access Level' to 03 in 'Security' menu.

And those who are interested can download it from here:

https://www.dropbox.com/s/icnp3jloiw5rnyb/XTM515-BIOS-v1.9.zip?dl=0

As before, I included the factory and the modified ACPI tables in source format (.dsl) and compiled format (.aml).

DISCLAIMER: These work great for me, but please USE AT YOUR OWN RISK.

@t-rexky said in Watchguard XTM 5 Series:

Back once more with a little bit of the BIOS modifying information that I promised a while ago.  Unfortunately I do not have the time to write elaborate instructions, but in any case there is a minimum amount of knowledge required in order to be successful, so just a few pointers should be enough.

Fundamentally, a few software tools and files are required that one can locate on the "net" with a little bit of effort. As always, be cautious about the source and do the required virus checks, etc., especially for items 1 and 2 below:

• AmiBCP-3.51.zip

• MMTool_322_1B_21Fix.zip

• Intel IASL compiler tools for platform of your choice (I compiled it for my Mac) to modify the ACPI module

• Any hex editor if you would like to change the string displayed on the LCD

• Intel microcode update files for your CPU

The AmiBCP program is used to unlock the BIOS, modify the displayed menus, enable the red LED, change boot version string, change any other BIOS strings, etc.

The MMTool program is used to extract/insert/replace individual modules within the BIOS.  For example, you can use it to replace the microcode for the specific platform and cpuid, or you can replace the ACPI_AML module with one that contains the Speedstep configuration specific to your CPU.

For a little bit more information I would refer you to the realm readme file in my unlocked BIOS archive that I posted a little bit ago.  I tried to be a little bit more descriptive in it and indicate where the changes are being made.  It should be a good starting point.

Peter.

Has anyone tried to implement the above changes, specifically the one related to power consumption?
Peter talks about "readme" file as starting point, but i can't find it under the ZIP archive he posted...

stephenw10

Enabling Speedstep?

I've done that by loading a separate DSDT file rather than adding it to the BIOS.

Steve

waterwall

Hi @stephenw10

Sorry, i dont have experience neither with .rom configurations or DSDT files. I have E3400 cpu on 510 box btw. I do see that Peter has ACPI_AML_E3400_A3.aml file under 1.9 folder, which i believe i can load as separate DSDT file? If so, can you please point me to the instructions how to do so, or any information as starting point will be appreciated.
Would it also be correct to assume that Peter's unlocked BIOS version (xtm515-bios1.3-unlocked1.9.a3-e3400.rom) has SpeedStep enabled? How can i confirm that?
Thank you!

stephenw10

Upload the aml file to, for example, /root.

Create the file /boot/loader.conf.local then add to it:

acpi_dsdt_load="YES"
acpi_dsdt_name="/root/ACPI_AML_E3400_A3.aml"

You need to actually enable speedstep in the BIOS as well as having an aml file the defines the steps. So that requires you flash one of the unlocked versions. If you use the one with the correct dsdt in it you obviously don't need the aml file.

When it's functioning you will see the est device attach at boot and after enabling powerd you will see the reported CPU frequency change on the dashboard or in the sysctl output.

Steve

waterwall

Thank you for the info @stephenw10 !

Do you recommend using flashrom?
And, just theoretically, if i brick my system, how do i restore the previous ROM, assuming i have the backup? I guess the question is how do i connect to the bricked system shell to run flashrom?

stephenw10

You can write the ROM directly to the chip using the SPI header. You need some sort of flashing tool to do that but it can be as simple as 4 resistors and a parallel port:
https://forum.netgate.com/post/336712

Pretty sure I don't have anything with a parallel port any longer!
You can get a USB flash tool relatively easily if you need it.

Steve

tiggymiggy

Hi everyone, maybe this is a silly question but where can I find the correct AML or DSDT file for my processor? Currently I have an e8500.

Also I flashed a modified BIOS but I don't see Speedstep in it anywhere. Is it named something different?

This is the one i used xtm515-bios1.3-unlocked1.9.rom (is it the newest/best version?)

stephenw10

@tiggymiggy said in Watchguard XTM 5 Series:

xtm515-bios1.3-unlocked1.9.rom

That's t-rexky's mod I assume. It's more recent than what I did and probably done with better tools.

I have an aml file I used with the E8400 you could try. Otherwise you'd need to compile one for yourself. Been a while since I did it but it wasn't that hard IIRC.

Steve

tiggymiggy

@stephenw10 said in Watchguard XTM 5 Series:

@tiggymiggy said in Watchguard XTM 5 Series:

xtm515-bios1.3-unlocked1.9.rom

That's t-rexky's mod I assume. It's more recent than what I did and probably done with better tools.

I have an aml file I used with the E8400 you could try. Otherwise you'd need to compile one for yourself. Been a while since I did it but it wasn't that hard IIRC.

Steve

Hi Steve,

I installed your BIOS image and I now see C1E option under the processor section. It is enabled but I don't think it's working since i feel quite a bit of heat coming out the back of the unit at idle.

Is there any post or information you can share regarding compiling the needed AML file? I want to try it with the e8500. I will need to repeat the process once my low powered Xeon comes in.

Bonus question: How can I change the text string on the LCD panel during bootup?

stephenw10

You can see the C state usage at in the sysclts:

dev.cpu.3.cx_method: C1/mwait/hwc C2/mwait/hwc
dev.cpu.3.cx_usage_counters: 0 405
dev.cpu.3.cx_usage: 0.00% 100.00% last 858us
dev.cpu.3.cx_lowest: C2
dev.cpu.3.cx_supported: C1/1/1 C2/2/50
dev.cpu.2.cx_method: C1/mwait/hwc C2/mwait/hwc
dev.cpu.2.cx_usage_counters: 0 926
dev.cpu.2.cx_usage: 0.00% 100.00% last 178us
dev.cpu.2.cx_lowest: C2
dev.cpu.2.cx_supported: C1/1/1 C2/2/50
dev.cpu.1.cx_method: C1/mwait/hwc C2/mwait/hwc
dev.cpu.1.cx_usage_counters: 5 1264
dev.cpu.1.cx_usage: 0.39% 99.60% last 33us
dev.cpu.1.cx_lowest: C2
dev.cpu.1.cx_supported: C1/1/1 C2/2/50
dev.cpu.0.cx_method: C1/mwait/hwc C2/mwait/hwc
dev.cpu.0.cx_usage_counters: 159 64353
dev.cpu.0.cx_usage: 0.24% 99.75% last 623us
dev.cpu.0.cx_lowest: C2
dev.cpu.0.cx_supported: C1/1/1 C2/2/50

You have to set the 'lowest' value if you want to use them. Usually is set by default.

Decompiling/compiling the AML isn't that difficult. Pretty sure I used Intel's standard tools.

The LCD message at boot requires extracting one of the BIOS modules and hexediting it. Or at least that's what I did.

tiggymiggy

@stephenw10

I'm very new to this. How can I see those statistics/lines?

In the boot log I see the following:

est: cpu_vendor GenuineIntel, msr 616492206004922
est: CPU supports Enhanced Speedstep, but is not recognized.
est: cpu_vendor GenuineIntel, msr 616492206004922
est: CPU supports Enhanced Speedstep, but is not recognized.
est0: <Enhanced SpeedStep Frequency Control> on cpu0

In the general log when i turned on PowerD I see this:
/system_advanced_misc.php: The command '/usr/sbin/powerd -b 'min' -a 'adp' -n 'adp'' returned exit code '69', the output was 'powerd: no cpufreq(4) support -- aborting: No such file or directory'

Hmm, I googled and this is what I see when i run the comment:

sysctl dev.cpu |grep cx

dev.cpu.1.cx_method: C1/hlt
dev.cpu.1.cx_usage_counters: 8371860
dev.cpu.1.cx_usage: 100.00% last 4901us
dev.cpu.1.cx_lowest: C1
dev.cpu.1.cx_supported: C1/1/0

dev.cpu.0.cx_method: C1/hlt
dev.cpu.0.cx_usage_counters: 7787019
dev.cpu.0.cx_usage: 100.00% last 18023us
dev.cpu.0.cx_lowest: C1
dev.cpu.0.cx_supported: C1/1/0

Not really sure what it means. C1 lowest I guess is speedstep enabled? But other power states are missing?

Sorry if I'm asking too many questions, I just really like this unit and want to get it squared away

stephenw10

Ah, sorry I thought I'd included the sysctl command. Fail.

I also forgot that you need an aml file loaded to get speedstep to work because the bios doesn't generate the p-state tables by default in the xtm5. That's the main reason for loading one.

It also looks like it only supports C1 and that's enabled anyway.

Also C-states are different to P-states which is what speedstep and turbo control.
See: https://en.wikipedia.org/wiki/ACPI#Power_states

tiggymiggy

@stephenw10

OK, so looks like I need to generate this file. All I can find is Hackintosh community posts. Is it the same process?

stephenw10

Yup. Try my 8400 file. Probably a single edit from that. Or it might just work fine as is.
xtm5_e8400.aml.txt