But That’s Not All!!!
Hello all and welcome to part 2 of getting PFSense on the WatchGuard Firebox x-core UTM. In Part 1 we hacked our way into the bios of the Firebox changed the bios settings and booted our 4GB card with PFSense. We could stop there and be the end of it. As it sits the Firebox will now bend to our will with the awesome new firmware installed and doing nothing else done to the box. But why stop there, there’s no fun in that. Instead there are a few other hacks to this box I would like to share to truly make it yours.
Lets Get That LCD a Bit more Useful:
Stock after installing PFSense, the LCD after boot will display “PFSense B7… Booting OS…..” that’s kinda boring and way useful to me. But lucky for us, the forms come to the rescue again. In this section we will get that LCD to display some running stats live from PFSense (original forum post here). Using the following method to lasso in the LCD should not only work, but survive a firmware upgrade.
1. First thing we want to do is install a few packages on our Firewall. In PFSense navigate to System -> Packages. From there click on the “Available Packages” tab. Then search and install “LCDproc-dev” and “Shellcmd“. We need the dev version of LCDproc as it includes working drivers for the watchguard LCD. Shellcmd will allow us to start the LCDproc service once installed and configured.
2. Once installed, navigate to Services -> LCDproc. Select/change the following: ‘Enable LCDproc at startup’ yes | Com port – Parallel Port 1 | Display Size – 2×20 | Driver – Watchguard Firebox with SDEC.
3, When settings are correct, hit save at the bottem. This will create the lcdd.conf file needed; but its in a temporary location. So we need to move it a bit more permanent. Open Diagnostics -> Command Prompt and run:
cp /usr/local/etc/LCDd.conf /conf
Note form forum: this can be done from the terminal. But the command tab will take care of the mount and remounting of the file system for you. (and I can be a bit lazy, but what geek isn’t)
4. From here, go back into Services -> LCDproc and uncheck start at boot. Also change the Com port to none. Setting com to none is a must. the Startup RC script expects this.
5. Open up Shellcmd from Services -> Shellcmd and add the following command to start LCDproc server and client.
/usr/bin/nice -20 /usr/local/sbin/LCDd -r 0 -c /conf/LCDd.conf > /dev/null &
/usr/bin/nice -20 /usr/local/bin/lcdproc C L I T U &
6. Reboot or run the above commands in the terminal and see your LCD come to life!!!
— UPDATE 20140717: This box is now live in my network. Upgraded Firmware from 2.1.3 to 2.1.4 and all changes (so far) survive the Firmware Upgrade. However the custom ‘shellcmd’ commands that run at boot do not run after required reboot. Simply reboot your Firebox or run manually to avoid rebooting again. —
And that’s all, for the LCD. Stay tuned for part 3, where we tackle cooling tweaks.
– PFsense: https://pfsense.org/
– Install: https://doc.pfsense.org/index.php/PfSense_on_Watchguard_Firebox#X-Core-e
– LCD: https://forum.pfsense.org/index.php/topic,7920.msg344513.html#msg344513
– x550e thread: https://forum.pfsense.org/index.php?topic=20095.0
– BIOS: https://sites.google.com/site/pfsensefirebox/home
– BIOS CMD: http://forums.pcper.com/showthread.php?290476-AWDFLASH-command-line-switches
– Minicom: https://alioth.debian.org/projects/minicom