Sign in to follow this  
Followers 0

New pfSense Box

1 post in this topic

So the time has come to replace the firewall/router at my parents' house. It's a first-generation Cobalt RaQ ( ) running Debian Linux, and can't keep up with their recently-upgraded Internet connection. Fortunately, it doesn't take a whole lot to outperform a 150 MHz MIPS-32 processor, so I was able to build a new pfSense box with a minimum of purchased components and a bunch of spare parts.


Bill of Materials:


* 1U half-depth Mini ITX chassis and power supply -- $0.99 + $15 shipping

* VIA C3 "Ezra" Mini ITX board (original USB 1.1 board, 933 MHz) -- free, sitting in the junk box

* 512 MB PC100 SDRAM (2x 256 MB sticks) -- free, scavenged from an old server

* 1 GB Flash IDE module -- free, had one on hand, around $18 iirc

* Intel Gigabit PCI Ethernet card -- free, scavenged

* Right angle PCI riser -- $5 incl. shipping

* New CMOS battery -- free, already had a big pack

* Misc screws, heat shrink, cable ties -- free, parts bin


The Mini ITX chassis was super-cheap because it came with only the case and power supply. Someone had removed all of the 40mm fans (even the one in the power supply!) and replaced them with a single huge 120mm fan cut into the top of the case. For $0.99, I was willing to repair it! Started with adding a fan back into the power supply:


The motherboard fits fine. It doesn't matter if you don't have an I/O shield for the motherboard since most of them won't fit in 1U rack enclosures anyway. Cable routing can be a pain, so I usually cut off the extra sets of Molex/SATA connectors and heat shrink the cut off ends. The power supply that came with the case is a 300W unit with six drive power connectors, which will never be used. I left one chain of three connectors and tucked the wires into the space between the motherboard and the front:


I'm still waiting on the right-angle PCI bracket to arrive, so I found a tall network card where the ports would be accessible above the edge of the 1U case. This one is a 3Com card that uses a fiber optic connection. It's picked up under pfSense/FreeBSD's `xl` driver:


With all of the hardware in place, grab your favorite live distro (mine is Slax: ) and a copy of the pfSense NanoBSD image appropriately sized for your Flash module, and load it. This machine only has USB 1.1, so I booted Slax and piped the pfSense image over the network using netcat. On the server:

pv pfSense-2.1-RELEASE-1g-amd64-nanobsd_vga.img.gz | zcat | nc -l 6000

On the target:

nc server.hostname 6000 | dd of=/dev/sda bs=1M

Replace `/dev/sda` with the device node for your Flash module. `pv` can be substituted with `cat` if you don't have it installed -- it is "Pipe Viewer," basically just `cat` with a progress bar.


Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
Followers 0