pfSense is great stuff when you’re looking for Firewall but I need more 🙂
Case :
A user want to store his file in the form of FTP but pfSense is the only server that available in the office. New HDD ready to support this method.
Solution : Add new HDD and install FTP server inside pfSense.
Steps : ( I use vmware for reproduction the steps)
Install pfSense version 1.2.3
1. Install pfSense
I install version 1.2.3 as I need to produce it with latest pfSense version.
I use 2 HDD ( system located in 8G HDD and second HDD for FTP data)
Ethernet 1 set for LAN ( ip address 192.168.12.110) and ethernet 2 work as WAN ( I set to DHCP)
Enable sshd for remote configuration via ssh client like putty, securecrt etc.
Restart system after successfully install to HDD.
2. Login to pfSense with default user.
User : admin, pass: pfsense
3. Check FreeBSD version
# uname -a
FreeBSD pfSense.local 7.2-RELEASE-p5 FreeBSD 7.2-RELEASE-p5 #0: Sun Dec 6 22:57:48 EST 2009
sullrich@FreeBSD_7.2_pfSense_1.2.3_snaps.pfsense.org:/usr/obj.pfSense/usr/pfSensesrc/src/sys/pfSense.7 i386
Add and Initialize new HDD
4. Check for storage hardware
# atacontrol list
ATA channel 0:
Master: ad0 <VMware Virtual IDE Hard Drive/00000001> ATA/ATAPI revision 4
Slave:  ad1 <VMware Virtual IDE Hard Drive/00000001> ATA/ATAPI revision 4
ATA channel 1:
Master: acd0 <VMware Virtual IDE CDROM Drive/00000001> ATA/ATAPI revision 4
Slave:      no device present
#
Good, ad0 for 1st HDD and ad1 for second HDD
5. Clear all partition
#dd if=/dev/zero of=/dev/ad1 bs=1k count=100
6. Initialize HDD
#fdisk -BI /dev/ad1
7. Disklabel
#disklabel -Bw ad1s1
8. Relabel slice ( press CTRL +D to quit)
#bsdlabel -BR ad1s1 /dev/stdin
9. Disklabel
#disklabel -e ad1s1
########### condition before edit ##############
# /dev/ad1s1:
8 partitions:
#       size  offset   fstype  [fsize bsize bps/cpg]
a: 12582785      16   unused       0    0
c: 12582801       0   unused       0    0        # “raw” part, don’t edit
########### EOF condition before edit ##############
change into :
########### after edit ##############
# /dev/ad1s1:
8 partitions:
#       size  offset   fstype  [fsize bsize bps/cpg]
a:    5800M  16      4.2BSD
c:    *   0   unused       0    0        # “raw” part, don’t edit
########### EOF after edit ##############
save the file.
10. Create filesystem
# newfs /dev/ad1s1a
/dev/ad1s1a: 5800.0MB (11878400 sectors) block size 16384, fragment size 2048
using 32 cylinder groups of 183.77MB, 11761 blks, 23552 inodes.
super-block backups (for fsck -b #) at:
160, 376512, 752864, 1129216, 1505568, 1881920, 2258272, 2634624, 3010976, 3387328, 3763680, 4140032, 4516384, 4892736, 5269088, 5645440, 6021792, 6398144,
6774496, 7150848, 7527200, 7903552, 8279904, 8656256, 9032608, 9408960, 9785312, 10161664, 10538016, 10914368, 11290720, 11667072
#
11. Mounting and make permanent
# mkdir /hd2
# mount -t ufs /dev/ad1s1a /hd2# mount
/dev/ad0s1a on / (ufs, local)
devfs on /dev (devfs, local)
/dev/md0 on /var/run (ufs, local)
devfs on /var/dhcpd/dev (devfs, local)
/dev/ad1s1a on /hd2 (ufs, local)
Check the space
# df -H
Filesystem    Size   Used  Avail Capacity Mounted on
/dev/ad0s1a   7.8G   152M   7.0G    2%   /
devfs         1.0k   1.0k     0B  100%   /dev
/dev/md0      3.8M    27k   3.5M    1%   /var/run
devfs         1.0k   1.0k     0B  100%   /var/dhcpd/dev
/dev/ad1s1a   5.9G   4.1k   5.4G    0%   /hd2
#
Edit fstab
# ee /etc/fstab
Make the content into this :
# Device               Mountpoint     FStype Options        Dump   Pass#
/dev/ad0s1a            /              ufs    rw             1      1
/dev/ad0s1b            none           swap   sw             0      0
/dev/ad1s1a            /hd2           ufs    rw             2      2
save and type :
# reboot
For restart pfSense.
Install Pure-FTP Server
12. Install FTP Server
export package :
#setenv PACKAGESITE=ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.2-release/Latest/
Install pure-ftp
#pkg_add -vr pure-ftpd
#
Rename configuration file.
#mv /usr/local/etc/pure-ftpd.conf.sample /usr/local/etc/pure-ftpd.conf
Edit configuration file
#ee /usr/local/etc/pure-ftpd.conf
Uncomment BOLD lines I highlight.
# If you want simple Unix (/etc/passwd) authentication, uncomment this
# UnixAuthentication           yes
# Automatically create home directories if they are missing
#CreateHomeDir              yes
#Bind                      192.168.12.110,3333
Save the file.
11. Make pure-ftpd as permanent service
# cd /usr/local/sbin/
# chmod 755 pure-config.pl
# ee /usr/local/etc/rc.d/pureftp.sh
type this :
##################
#!/bin/sh
/usr/local/sbin/pure-config.pl /usr/local/etc/pure-ftpd.conf#################
Execute permission :
# chmod +x /usr/local/etc/rc.d/pureftp.sh
12. Run FTP service
# cd /usr/local/sbin/
# ./pure-config.pl /usr/local/etc/pure-ftpd.conf
Running: /usr/local/sbin/pure-ftpd -A -c50 -B -C8 -D -fftp -H -I15 -lunix -L2000:8 -m4 -s -S192.168.12.110,3333 -U133:022 -u100 -j -k99 -Z
13. Add User
# pw useradd alam -d /hd2/alam
# passwd alam
Changing local password for alam
New Password:
Retype New Password:
#
Test login with ftp client
Test upload a file
Great. Now pfSense work as FTP Server with dedicated HDD 🙂
Stay Health!
Reference :