PFsense on Imprivata Onesign OS200

rbflurry

Very Similar to http://forum.pfsense.org/index.php?topic=47105.0

Has this inside

http://www.supermicro.com/products/motherboard/xeon3000/3210/x7sbi.cfm

2gb of ram
Intel Core 2 Duo E8400
and raid on two 260gb drives

2x Gigabit Intel Ethernet onboard.

one of these mounted to the front
http://www.crystalfontz.com/product/CFA633TMIKS

and I will be buying the riser card to give me some more interfaces.

Looks like it will make a decent firewall. Ill get pictures up soon of the hardware.

First issue I ran into is with the LCD screen CFA633

Tried using the LCD-DEV package on 2.1 but i cant tell what isn't working.

Hopefully someone has some clues and I hope to include some more information.

stephenw10

What did you try to get the LCD working?
If it's like the Sendio unit you'll have to select com2 for the serial connection then select the Crystalfontz driver. Then select some screens to display on the second tab. Save that. Now go to Status: Services: and click the arrow next to lcdproc.

Steve

rbflurry

thanks Steve,

I traced the LCD screen to com2 on the mother board so I tried both of those settings on the settings page. serial 2 and alternative 2.

I also selected the CrystalFontz 633 Driver

I wasn't sure what to select in the Connection Type.

I did select multiple screens to try and clicked save. Then started the LCDproc service on the Services page. But Lcdprox never shows as running. It always says stopped.

stephenw10

Anything in the logs to show why it's not starting?

Did you check 'run at startup'? You might need to hit save on each tab in the lcdproc setup.

Look at what devices you have in /dev to see which com port you need to select.

Steve

rbflurry

here is the output from dmesg

[2.1-RELEASE][admin@pfSense.localdomain]/root(1): dmesg
Copyright (c) 1992-2012 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
        The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 8.3-RELEASE-p11 #0: Wed Sep 11 18:39:44 EDT 2013
    root@snapshots-8_3-i386.builders.pfsense.org:/usr/obj.pfSense/usr/pfSensesrc/src/sys/pfSense_SMP.8 i386
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Intel(R) Core(TM)2 Duo CPU     E8400  @ 3.00GHz (3000.23-MHz 686-class CPU)
  Origin = "GenuineIntel"  Id = 0x10676  Family = 6  Model = 17  Stepping = 6
  Features=0xbfebfbff <fpu,vme,de,pse,tsc,msr,pae,mce,cx8,apic,sep,mtrr,pge,mca,cmov,pat,pse36,clflush,dts,acpi,mmx,fxsr,sse,sse2,ss,htt,tm,pbe>Features2=0x8e3fd <sse3,dtes64,mon,ds_cpl,vmx,smx,est,tm2,ssse3,cx16,xtpr,pdcm,sse4.1>AMD Features=0x20100000 <nx,lm>AMD Features2=0x1 <lahf>TSC: P-state invariant
real memory  = 2147483648 (2048 MB)
avail memory = 2080731136 (1984 MB)
ACPI APIC Table: <ptltd   ="" apic ="">FreeBSD/SMP: Multiprocessor System Detected: 2 CPUs
FreeBSD/SMP: 1 package(s) x 2 core(s)
 cpu0 (BSP): APIC ID:  0
 cpu1 (AP): APIC ID:  1
ioapic0 <version 2.0="">irqs 0-23 on motherboard
ioapic1 <version 2.0="">irqs 24-47 on motherboard
wlan: mac acl policy registered
ipw_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
ipw_bss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
module_register_init: MOD_LOAD (ipw_bss_fw, 0xc07bb6f0, 0) error 1
ipw_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
ipw_ibss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
module_register_init: MOD_LOAD (ipw_ibss_fw, 0xc07bb790, 0) error 1
ipw_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
ipw_monitor: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
module_register_init: MOD_LOAD (ipw_monitor_fw, 0xc07bb830, 0) error 1
kbd1 at kbdmux0
cryptosoft0: <software crypto="">on motherboard
padlock0: No ACE support.
acpi0: <ptltd   ="" xsdt="">on motherboard
acpi0: [ITHREAD]
acpi0: Power Button (fixed)
Timecounter "ACPI-fast" frequency 3579545 Hz quality 1000
acpi_timer0: <24-bit timer at 3.579545MHz> port 0x1008-0x100b on acpi0
cpu0: <acpi cpu="">on acpi0
cpu1: <acpi cpu="">on acpi0
pcib0: <acpi host-pci="" bridge="">port 0xcf8-0xcff on acpi0
pci0: <acpi pci="" bus="">on pcib0
pcib1: <acpi pci-pci="" bridge="">irq 16 at device 1.0 on pci0
pci1: <acpi pci="" bus="">on pcib1
pcib2: <acpi pci-pci="" bridge="">at device 0.0 on pci1
pci2: <acpi pci="" bus="">on pcib2
uhci0: <intel 82801i="" (ich9)="" usb="" controller="">port 0x1820-0x183f irq 16 at device 26.0 on pci0
uhci0: [ITHREAD]
usbus0: <intel 82801i="" (ich9)="" usb="" controller="">on uhci0
uhci1: <intel 82801i="" (ich9)="" usb="" controller="">port 0x1840-0x185f irq 17 at device 26.1 on pci0
uhci1: [ITHREAD]
usbus1: <intel 82801i="" (ich9)="" usb="" controller="">on uhci1
uhci2: <intel 82801i="" (ich9)="" usb="" controller="">port 0x1860-0x187f irq 18 at device 26.2 on pci0
uhci2: [ITHREAD]
usbus2: <intel 82801i="" (ich9)="" usb="" controller="">on uhci2
ehci0: <intel 82801i="" (ich9)="" usb="" 2.0="" controller="">mem 0xd0000000-0xd00003ff irq 18 at device 26.7 on pci0
ehci0: [ITHREAD]
usbus3: EHCI version 1.0
usbus3: <intel 82801i="" (ich9)="" usb="" 2.0="" controller="">on ehci0
pcib3: <acpi pci-pci="" bridge="">irq 16 at device 28.0 on pci0
pci5: <acpi pci="" bus="">on pcib3
pcib4: <acpi pci-pci="" bridge="">irq 16 at device 28.4 on pci0
pci13: <acpi pci="" bus="">on pcib4
em0: <intel(r) 1000="" pro="" network="" connection="" 7.3.2="">port 0x2000-0x201f mem 0xd0200000-0xd021ffff irq 16 at device 0.0 on pci13
em0: Using an MSI interrupt
em0: [FILTER]
pcib5: <acpi pci-pci="" bridge="">irq 17 at device 28.5 on pci0
pci15: <acpi pci="" bus="">on pcib5
em1: <intel(r) 1000="" pro="" network="" connection="" 7.3.2="">port 0x3000-0x301f mem 0xd0300000-0xd031ffff irq 17 at device 0.0 on pci15
em1: Using an MSI interrupt
em1: [FILTER]
uhci3: <intel 82801i="" (ich9)="" usb="" controller="">port 0x1880-0x189f irq 23 at device 29.0 on pci0
uhci3: [ITHREAD]
usbus4: <intel 82801i="" (ich9)="" usb="" controller="">on uhci3
uhci4: <intel 82801i="" (ich9)="" usb="" controller="">port 0x18a0-0x18bf irq 22 at device 29.1 on pci0
uhci4: [ITHREAD]
usbus5: <intel 82801i="" (ich9)="" usb="" controller="">on uhci4
uhci5: <intel 82801i="" (ich9)="" usb="" controller="">port 0x18c0-0x18df irq 18 at device 29.2 on pci0
uhci5: [ITHREAD]
usbus6: <intel 82801i="" (ich9)="" usb="" controller="">on uhci5
ehci1: <intel 82801i="" (ich9)="" usb="" 2.0="" controller="">mem 0xd0001000-0xd00013ff irq 23 at device 29.7 on pci0
ehci1: [ITHREAD]
usbus7: EHCI version 1.0
usbus7: <intel 82801i="" (ich9)="" usb="" 2.0="" controller="">on ehci1
pcib6: <acpi pci-pci="" bridge="">at device 30.0 on pci0
pci17: <acpi pci="" bus="">on pcib6
vgapci0: <vga-compatible display="">port 0x4000-0x40ff mem 0xd8000000-0xdfffffff,0xd0400000-0xd040ffff irq 22 at device 3.0 on pci17
atapci0: <ite it8213f="" udma133="" controller="">port 0x4420-0x4427,0x4414-0x4417,0x4418-0x441f,0x4410-0x4413,0x4400-0x440f irq 23 at device 4.0 on pci17
atapci0: [ITHREAD]
ata2: <ata channel="">at channel 0 on atapci0
ata2: [ITHREAD]
isab0: <pci-isa bridge="">at device 31.0 on pci0
isa0: <isa bus="">on isab0
atapci1: <intel ich8="" sata300="" controller="">port 0x1c50-0x1c57,0x1c44-0x1c47,0x1c48-0x1c4f,0x1c40-0x1c43,0x18e0-0x18ff mem 0xd0002000-0xd00027ff irq 17 at device 31.2 on pci0
atapci1: [ITHREAD]
atapci1: AHCI called from vendor specific driver
atapci1: AHCI v1.20 controller with 6 3Gbps ports, PM supported
ata3: <ata channel="">at channel 0 on atapci1
ata3: [ITHREAD]
ata4: <ata channel="">at channel 1 on atapci1
ata4: [ITHREAD]
ata5: <ata channel="">at channel 2 on atapci1
ata5: [ITHREAD]
ata6: <ata channel="">at channel 3 on atapci1
ata6: [ITHREAD]
ata7: <ata channel="">at channel 4 on atapci1
ata7: [ITHREAD]
ata8: <ata channel="">at channel 5 on atapci1
ata8: [ITHREAD]
pci0: <serial bus,="" smbus="">at device 31.3 (no driver attached)
pci0: <dasp>at device 31.6 (no driver attached)
acpi_button0: <power button="">on acpi0
atrtc0: <at realtime="" clock="">port 0x70-0x71 irq 8 on acpi0
atkbdc0: <keyboard controller="" (i8042)="">port 0x60,0x64 irq 1 on acpi0
atkbd0: <at keyboard="">irq 1 on atkbdc0
kbd0 at atkbd0
atkbd0: [GIANT-LOCKED]
atkbd0: [ITHREAD]
uart0: <16550 or compatible> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0
uart0: [FILTER]
uart1: <16550 or compatible> port 0x2f8-0x2ff irq 3 on acpi0
uart1: [FILTER]
pmtimer0 on isa0
orm0: <isa option="" rom="">at iomem 0xc0000-0xc8fff pnpid ORM0000 on isa0
sc0: <system console="">at flags 0x100 on isa0
sc0: VGA <16 virtual consoles, flags=0x300>
vga0: <generic isa="" vga="">at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
ata0: <ata channel="">at port 0x1f0-0x1f7,0x3f6 irq 14 on isa0
ata0: [ITHREAD]
ata1: <ata channel="">at port 0x170-0x177,0x376 irq 15 on isa0
ata1: [ITHREAD]
ppc0: parallel port not found.
est0: <enhanced speedstep="" frequency="" control="">on cpu0
p4tcc0: <cpu frequency="" thermal="" control="">on cpu0
est1: <enhanced speedstep="" frequency="" control="">on cpu1
p4tcc1: <cpu frequency="" thermal="" control="">on cpu1
Timecounters tick every 1.000 msec
IPsec: Initialized Security Association Processing.
usbus0: 12Mbps Full Speed USB v1.0
usbus1: 12Mbps Full Speed USB v1.0
usbus2: 12Mbps Full Speed USB v1.0
usbus3: 480Mbps High Speed USB v2.0
usbus4: 12Mbps Full Speed USB v1.0
usbus5: 12Mbps Full Speed USB v1.0
usbus6: 12Mbps Full Speed USB v1.0
usbus7: 480Mbps High Speed USB v2.0
ad6: 239372MB <wdc wd2500ys-01shb1="" 20.06c06="">at ata3-master UDMA100 SATA 3Gb/s
ugen0.1: <intel>at usbus0
uhub0: <intel 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr="">on usbus0
ugen1.1: <intel>at usbus1
uhub1: <intel 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr="">on usbus1
ugen2.1: <intel>at usbus2
uhub2: <intel 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr="">on usbus2
ugen3.1: <intel>at usbus3
uhub3: <intel 1="" 9="" ehci="" root="" hub,="" class="" 0,="" rev="" 2.00="" 1.00,="" addr="">on usbus3
ugen4.1: <intel>at usbus4
uhub4: <intel 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr="">on usbus4
ugen5.1: <intel>at usbus5
uhub5: <intel 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr="">on usbus5
ugen6.1: <intel>at usbus6
uhub6: <intel 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr="">on usbus6
ugen7.1: <intel>at usbus7
uhub7: <intel 1="" 9="" ehci="" root="" hub,="" class="" 0,="" rev="" 2.00="" 1.00,="" addr="">on usbus7
ad8: 239372MB <wdc wd2500ys-01shb1="" 20.06c06="">at ata4-master UDMA100 SATA 3Gb/s
uhub0: 2 ports with 2 removable, self powered
uhub1: 2 ports with 2 removable, self powered
uhub2: 2 ports with 2 removable, self powered
uhub4: 2 ports with 2 removable, self powered
uhub5: 2 ports with 2 removable, self powered
uhub6: 2 ports with 2 removable, self powered
uhub3: 6 ports with 6 removable, self powered
uhub7: 6 ports with 6 removable, self powered
SMP: AP CPU #1 Launched!
Trying to mount root from ufs:/dev/ad6s1a
ZFS NOTICE: Prefetch is disabled by default on i386 -- to enable,
            add "vfs.zfs.prefetch_disable=0" to /boot/loader.conf.
ZFS WARNING: Recommended minimum kmem_size is 512MB; expect unstable behavior.
             Consider tuning vm.kmem_size and vm.kmem_size_max
             in /boot/loader.conf.
ZFS filesystem version 5
ZFS storage pool version 28
em0: link state changed to UP
pflog0: promiscuous mode enabled
em1: link state changed to UP</wdc></intel></intel></intel></intel></intel></intel></intel></intel></intel></intel></intel></intel></intel></intel></intel></intel></wdc></cpu></enhanced></cpu></enhanced></ata></ata></generic></system></isa></at></keyboard></at></power></dasp></serial></ata></ata></ata></ata></ata></ata></intel></isa></pci-isa></ata></ite></vga-compatible></acpi></acpi></intel></intel></intel></intel></intel></intel></intel></intel></intel(r)></acpi></acpi></intel(r)></acpi></acpi></acpi></acpi></intel></intel></intel></intel></intel></intel></intel></intel></acpi></acpi></acpi></acpi></acpi></acpi></acpi></acpi></ptltd ></software></version></version></ptltd ></lahf></nx,lm></sse3,dtes64,mon,ds_cpl,vmx,smx,est,tm2,ssse3,cx16,xtpr,pdcm,sse4.1></fpu,vme,de,pse,tsc,msr,pae,mce,cx8,apic,sep,mtrr,pge,mca,cmov,pat,pse36,clflush,dts,acpi,mmx,fxsr,sse,sse2,ss,htt,tm,pbe> 

and output of ls on /dev

[2.1-RELEASE][admin@pfSense.localdomain]/dev(194): ls
acpi       crypto     fd         nfslock    ttyu0.init ttyv8      ugen4.1
ad6        ctty       fido       null       ttyu0.lock ttyv9      ugen5.1
ad6s1      cuau0      geom.ctl   pci        ttyu1      ttyva      ugen6.1
ad6s1a     cuau0.init io         pf         ttyu1.init ttyvb      ugen7.1
ad6s1b     cuau0.lock kbd0       ptmx       ttyu1.lock ttyvc      urandom
ad8        cuau1      kbd1       pts        ttyv0      ttyvd      usb
ata        cuau1.init kbdmux0    random     ttyv1      ttyve      usbctl
atkbd0     cuau1.lock klog       speaker    ttyv2      ttyvf      xpt0
audit      dcons      kmem       stderr     ttyv3      ufsid      zero
bpf        devctl     led        stdin      ttyv4      ugen0.1    zfs
bpf0       devstat    md0        stdout     ttyv5      ugen1.1
console    dgdb       mdctl      sysmouse   ttyv6      ugen2.1
consolectl dumpdev    mem        ttyu0      ttyv7      ugen3.1

rbflurry

Here is what i see when starting the service from the system log tab

Oct 15 14:10:45	check_reload_status: Syncing firewall
Oct 15 14:10:45	php: lcdproc: Sync: End package sync
Oct 15 14:10:52	php: lcdproc: Sync: Begin package sync
Oct 15 14:10:52	php: lcdproc: Sync: End package sync
Oct 15 14:11:00	LCDd: LCDd version 0.5.6 starting
Oct 15 14:11:00	LCDd: Using Configuration File: /usr/local/etc/LCDd.conf
Oct 15 14:11:00	LCDd: Listening for queries on 127.0.0.1:13666
Oct 15 14:11:00	LCDd: Could not open driver module /usr/local/lib/lcdproc/CFontz633.so: Cannot open "/usr/local/lib/lcdproc/CFontz633.so"
Oct 15 14:11:00	LCDd: Driver [CFontz633] binding failed
Oct 15 14:11:00	LCDd: Could not load driver CFontz633
Oct 15 14:11:00	LCDd: There is no output driver
Oct 15 14:11:00	LCDd: Critical error while initializing, abort.
Oct 15 14:11:00	php: lcdproc: Start client procedure. Error counter: (0)
Oct 15 14:11:11	php: lcdproc: Failed to connect to LCDd process Operation timed out (60)
Oct 15 14:11:11	php: lcdproc: Start client procedure. Error counter: (1)

Seems it cant load the driver… but looking in the folder the driver isnt there....

[2.1-RELEASE][admin@pfSense.localdomain]/(212): cd usr/local/lib/lcdproc/
CFontz.so@       bayrad.so@       lcterm.so@       serialPOS.so@
CFontzPacket.so@ curses.so@       ms6931.so@       serialVFD.so@
CwLnx.so@        ea65.so@         mtc_s16209x.so@  shuttleVFD.so@
EyeboxOne.so@    glcd.so@         nexcom.so*       sli.so@
IOWarrior.so@    glk.so@          picolcd.so@      stv5730.so@
MD8800.so@       hd44780.so@      pyramid.so@      t6963.so@
MtxOrb.so@       icp_a106.so@     sdeclcd.so@      text.so@
NoritakeVFD.so@  lb216.so@        sed1330.so@      tyan.so@
SureElec.so@     lcdm001.so@      sed1520.so@      vlsys_m428.so@

stephenw10

Ok so your com2 port appears as cuau1, use the alternate setting.

Hmm, no driver. That'll stop it working!  ::)

This might be a known problem though I thought it only applied to the lcdproc standard package. If you look at the 2.1 packages spreadsheet:
https://docs.google.com/spreadsheet/ccc?key=0AojFUXcbH0ROdEFZcC1GbEV6ekpqcXFEZTE5TGpzaXc#gid=0

Missing some added drivers that existed on 2.x

I have no idea how up to date that is. In 2.0.X some drivers were included as binary only so wouldn't have been compiled for 2.1. Hmm weird it doesn't look to be in either the lcdproc or lcdproc dev package.  :-\

Perhaps it's been merged with one of the other CFontz drivers?

Edit: The lcdproc site lists the 633 as supported by the packet driver, maybe try that.

Steve

rbflurry

Good news..

I installed 2.0.3 in a vm and grabbed the driver CFontz633.so from the lcdproc (not dev) package and copied it over to the 2.1.

(for a future reference is there an easier way to do this then to install on a vm)

And it WORKS!

Service now shows as running and the screen and buttons Work!  Now to figure out how to write to the EPPROM so it doesn't say "Impriata Onesign" on start up anymore.

How can we get the driver ported over?

Thanks a bunch!

stephenw10

Nice! I was just looking for a source to download it directly.

When you install the lcdproc (not dev package) from 2.0.X you get this file: http://files.pfsense.org/packages/8/All/lcdproc-0.5.5.tbz which contains the 633 driver. If you install the dev package from 2.0.X you get this: http://files.pfsense.org/packages/8/All/lcdproc-0.5.6.tbz which does not.

2.1 uses PBIs instead of tar balls but both dev and not dev are using 0.5.6. No driver.

It looks like the 633 driver was due to be merged with the packet driver though so that might explain why 0.5.6 doesn't have it.

@http://lcdproc.cvs.sourceforge.net/viewvc/lcdproc/lcdproc/server/drivers/CFontzPacket.c?view=log:

Move the key events from CFontzPacket.c into CFontz633io.h replacing the
unused ones there. Note that CFontz633 driver uses its own key event definitions,
too. Don't update this driver as it is scheduled for removal anyway.

Steve

rbflurry

ended up using this script to set the boot message
http://noisybox.net/computers/crystalfontz/

It now says

"Loading PFsense!"
"Please Wait"

When booting.

stephenw10

Nice.  :)
That also implies the packet driver might work with the 633.

Steve