Attached a patch against 1.2.3-rc2 adding support for auto configuring
interfaces.
By enabling sshd in the default config.xml on the Live CD installer,
this eliminates many headaches for installs:
No monitor / keyboard / mouse required.
No console cable required.
Install to headless boxes that don't even have console ports!
No more crackin open your box to screw with CF cards and /etc/fstab
nightmares (for being installed to a /dev/device that no longer exists!).
Just plug-in, turn it on and ssh to the default IP.
This is a link to an ISO built with this patch and my previously
submitted DHCP Server patch.
http://techneck.goldenpath.org/pfsense/pfSense_1.2.3-R2_RELENG_7_2_techneck_patches.iso
The new code will pause to allow interruption for manual assignment. Any
keyboard input will interrupt the procedure.
But if left unattended the code will timeout to begin the automated process.
The code assigns interfaces in the order they were discovered, LAN, WAN,
OPT1, OPT2, etc...
If only one interface exists and is vlan capable, the code with create
vlan0 tagged VLAN1.
But this will invariably be assigned to WAN as LAN is assigned first and
obviously the parent NIC is discovered before the vlan0.
This is appropriate behavior though given the undesirable situation of
having only 1 NIC, and installation priorities.
It is appropriate because it is more likely that the typical user is not
actually prepared to connect to VLANs and his priority is to connect to
the LAN interface to install and configure his box
~Tim
<?xml version="1.0"?>
<pfsense>
<version>2.9</version>
<lastchange/>
<theme>nervecenter</theme>
<system>
<optimization>normal</optimization>
<hostname>pfSense</hostname>
<domain>local</domain>
<dnsserver/>
<dnsallowoverride/>
<username>admin</username>
<password>$1$dSJImFph$GvZ7.1UbuWu.Yb8etC0re.</password>
<timezone>Etc/UTC</timezone>
<time-update-interval>300</time-update-interval>
<timeservers>0.pfsense.pool.ntp.org</timeservers>
<webgui>
<protocol>http</protocol>
</webgui>
<disablenatreflection>yes</disablenatreflection>
<enablesshd>yes</enablesshd>
</system>
<interfaces>
<lan>
<if>vr0</if>
<ipaddr>192.168.1.1</ipaddr>
<subnet>24</subnet>
<media/>
<mediaopt/>
<bandwidth>100</bandwidth>
<bandwidthtype>Mb</bandwidthtype>
</lan>
<wan>
<if>vr1</if>
<mtu/>
<ipaddr>dhcp</ipaddr>
<subnet/>
<gateway/>
<blockpriv/>
<blockbogons/>
<disableftpproxy/>
<dhcphostname/>
<media/>
<mediaopt/>
<bandwidth>100</bandwidth>
<bandwidthtype>Mb</bandwidthtype>
</wan>
</interfaces>
<staticroutes/>
<pppoe>
<username/>
<password/>
<provider/>
</pppoe>
<pptp>
<username/>
<password/>
<local/>
<subnet/>
<remote/>
</pptp>
<bigpond>
<username/>
<password/>
<authserver/>
<authdomain/>
<minheartbeatinterval/>
</bigpond>
<dyndns>
<type>dyndns</type>
<username/>
<password/>
<host/>
<mx/>
</dyndns>
<dhcpd>
<lan>
<enable/>
<range>
<from>192.168.1.100</from>
<to>192.168.1.199</to>
</range>
</lan>
</dhcpd>
<pptpd>
<mode/>
<redir/>
<localip/>
<remoteip/>
</pptpd>
<ovpn/>
<dnsmasq>
<enable/>
</dnsmasq>
<snmpd>
<syslocation/>
<syscontact/>
<rocommunity>public</rocommunity>
</snmpd>
<diag>
<ipv6nat>
<ipaddr/>
</ipv6nat>
</diag>
<bridge/>
<syslog/>
<nat>
<ipsecpassthru>
<enable/>
</ipsecpassthru>
</nat>
<filter>
<rule>
<type>pass</type>
<descr>Default LAN -> any</descr>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
</destination>
</rule>
</filter>
<shaper/>
<ipsec>
<preferredoldsa/>
</ipsec>
<aliases/>
<proxyarp/>
<cron>
<item>
<minute>0</minute>
<hour>*</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/bin/nice -n20 newsyslog</command>
</item>
<item>
<minute>1,31</minute>
<hour>0-5</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/bin/nice -n20 adjkerntz -a</command>
</item>
<item>
<minute>1</minute>
<hour>3</hour>
<mday>1</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/bin/nice -n20 /etc/rc.update_bogons.sh</command>
</item>
<item>
<minute>*/60</minute>
<hour>*</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout</command>
</item>
<item>
<minute>1</minute>
<hour>1</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/bin/nice -n20 /etc/rc.dyndns.update</command>
</item>
<item>
<minute>*/60</minute>
<hour>*</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot</command>
</item>
<item>
<minute>*/5</minute>
<hour>*</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/local/bin/checkreload.sh</command>
</item>
<item>
<minute>*/5</minute>
<hour>*</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/etc/ping_hosts.sh</command>
</item>
<item>
<minute>*/140</minute>
<hour>*</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/local/sbin/reset_slbd.sh</command>
</item>
</cron>
<wol/>
<installedpackages>
<package>
<name>siproxd</name>
<website>http://siproxd.sourceforge.net/</website>
<descr>Proxy for handling NAT of multiple SIP devices to a single public IP.</descr>
<category>Services</category>
<config_file>http://www.pfsense.com/packages/config/siproxd.xml</config_file>
<depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url>
<depends_on_package>siproxd-0.7.0_1.tbz</depends_on_package>
<pkginfolink>http://doc.pfsense.org/index.php/Siproxd_package</pkginfolink>
<version>0.7.2</version>
<status>Beta</status>
<required_version>1.2.1</required_version>
<configurationfile>siproxd.xml</configurationfile>
</package>
<menu>
<name>siproxd</name>
<tooltiptext>Modify siproxd users and settings.</tooltiptext>
<section>Services</section>
<url>/pkg_edit.php?xml=siproxd.xml&id=0</url>
</menu>
<service>
<name>siproxd</name>
<rcfile>siproxd.sh</rcfile>
<executable>siproxd</executable>
</service>
</installedpackages>
</pfsense>
--- config.inc.old 2009-07-05 10:18:55.000000000 -0400
+++ config.inc 2009-07-05 11:39:34.000000000 -0400
@@ -1285,6 +1285,95 @@
echo <<<EOD
+Press any key to configure interfaces manually,
+otherwise we're proceeding with autoconfiguring in:
+
+EOD;
+ $anykey = Array();
+ for ( $i = 7 ; $i < 14 ; $i++ ) { $anykey[] = chr($i); }
+ for ( $i = 32 ; $i < 128 ; $i++ ) { $anykey[] = chr($i); }
+ $anykey[] = chr(27);
+ $timeout=9; // How long do you want the script to wait
before moving on (in seconds)
+ $key = null;
+ exec("/bin/stty erase " . chr(8));
+ while(!in_array($key, $anykey)) {
+ echo chr(8) . "{$timeout}";
+ `/bin/stty -icanon min 0 time 25`;
+ $key = trim(`KEY=\`dd count=1 2>/dev/null\`; echo \$KEY`);
+ `/bin/stty icanon`;
+ // Decrement our timeout value
+ $timeout--;
+ // If we have reached 0 exit and continue on
+ if ($timeout == 0)
+ break;
+ }
+
+ if(!in_array($key, $anykey)) { // Auto Assign Interfaces
+ if(count($iflist) < 2) { // If less than two NICs, auto
assign a vlan.
+ echo <<<EOD
+
+Less than two interfaces detected.
+Proceeding with VLAN autoconfig...
+
+EOD;
+ $vflist = Array();
+ $vlan = Array();
+
+ echo "VLAN Capable interfaces:\n\n";
+ if(!is_array($iflist)) {
+ echo "No interfaces found! EXITING \n";
+ return;
+ } else {
+ foreach ($iflist as $iface => $ifa) {
+ if (is_jumbo_capable($iface)) {
+ echo sprintf("% -8s%s%s\n",
$iface, $ifa['mac'],
+ $ifa['up'] ? " (up)"
: "");
+ $vflist[] = $iface;
+ }
+ }
+ }
+
+ if(count($vflist) < 1) {
+ echo "No VLAN capable interfaces detected.
EXITING \n";
+ return;
+ }
+ // Create VLANs
+ echo "\n\n";
+ foreach ($vflist as $v => $vface) {
+ $vlan['if'] = $vface;
+ $vlan['tag'] = 1;
+ $config['vlans']['vlan'][] = $vlan;
+ $iflist['vlan' . $v] = array();
+ echo "Created VLAN interface vlan" . $v . "
with VLAN tag: 1\n";
+ }
+ }
+ // Assignment
+ $optif = Array();
+ $x = $y = 0;
+ echo "\n\n";
+ foreach ($iflist as $iface => $ifa) {
+ if ($x > 1) {
+ $optif[$y] = $iface;
+ echo "Assigned OPT" . ($y+1) . " to :
$optif[$y] \n";
+ $x++;
+ $y++;
+ }
+ elseif ($x == 1) {
+ $wanif = $iface;
+ echo "Assigned WAN to : $wanif \n";
+ $x++;
+ }
+ elseif ($x == 0) {
+ $lanif = $iface;
+ echo "Assigned LAN to : $lanif \n";
+ $x++;
+ }
+ }
+
+ $proceed = 'y';
+ } else { //Manually assign
interfaces
+ echo <<<EOD
+
Valid interfaces are:
@@ -1441,12 +1530,16 @@
echo "OPT" . ($i+1) . " -> " . $optif[$i] . "\n";
}
-echo <<<EOD
+ echo <<<EOD
Do you want to proceed [y|n]?
EOD;
- if (strcasecmp(chop(fgets($fp)), "y") == 0) {
+ $proceed = chop(fgets($fp));
+
+ }
+
+ if (strcasecmp($proceed, "y") == 0) {
$config['interfaces']['lan']['if'] = $lanif;
if (preg_match($g['wireless_regex'], $lanif)) {
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
