Saturday, February 18, 2017

Re-purpose Barracuda WebFilter 310 with PFSense

Hello all,

while waiting for the correct power distribution for my NodeMCU project. I obtained two Barracuda WebFilter 310s, one from the 2010 and another from the 2013 area. At first, I simply put Ubuntu 16.10 on it, however I want to reduce power consumption on my current OPNSense server I'm running, as well as remove a PowerEdge server which is simply running a Python script for a client.

Ultimately, here's the steps I took to get this setup working. The CPU heatsink fan is literally a turbine, and way too loud. I've temporally placed a Zalman Heatsink/Fan, The Ubuntu installation went fine since I only required 1 NIC. however this wasn't the case for PFSense.

The front two NIC are activated by several relays on a breakout board. Which are actually fed from the Parallel port on the motherboard, which kinda makes it easy for us to mess with.

  • While the Barracuda WebFilter boots, the relay kick on the NICs for Network boot, or whatever the Barracuda propitiatory does
  • Once PFSense starts booting (which needed to be installed by a CD) the relays tick off causing the front NICs to stop operating
  • I found that if you disconnect power to the relay breakout board and reconnect the Ethernet works for about 5 seconds. Meaning something in the software's not fully activating the relay
  • In researching, I'm finding that you're able to edit the parallel port through C
I'll let this link explain the specifics: https://forum.pfsense.org/index.php?topic=85012.0. Partially down the page, you're given a list of instructions to find out if you're able to read the Parallel pin definitions. 

The CPU installed in my particular unit was an Intel Celeron G540 so 64 bit. While attempting to issue the commands listed in the threat post. I ran into an issue with missing libraries in my PFSense install:

Download the required files:
fetch -o /tmp https://sites.google.com/site/pfsensefirebox/home/readio
/tmp/readio                                   
fetch -o /tmp https://sites.google.com/site/pfsensefirebox/home/writeio
/tmp/writeio      

Change permissions to execute files:
cd /tmp
chmod 0755 readio
chmod 0755 writeio

Execute Read file to see if Parallel port is able to be read:
./readio 0x378 

Received this error:
ELF interpreter /libexec/ld-elf.so.1 not found
Aborted

I've corrected this by issuing the following commands:
fetch ftp://ftp.freebsd.org/pub/FreeBSD/releases/amd64/10.1-RELEASE/lib32.txz
tar -xvpJf lib32.txz -C /

Then, after issuing this final command I was able to utilize the Front NICs
./writeio 0x378 0x08

UPDATE:
While placing the Barracuda into production, i found that the Parallel settings didn't keep after shutting down the firewall. I needed to perform the following:
  • Move the readio and writeio to a static folder, in my case I did /frontnics/
  • In PFSense go to Diagnostics ->  Edit File
  • The file we're editing is: /conf/config.xml
  • Place this just above the </system> string: <shellcmd>/frontnic/writeio 0x378 0x08</shellcmd>

Now when you reboot or shudown the firewall, the front ports will be active.

Thank you