The pfSense Store

Author Topic: [As Good As Solved!] Watchguard Firebox Arm/Disarm LED  (Read 37864 times)

0 Members and 1 Guest are viewing this topic.

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 14990
  • Karma: +4/-0
    • View Profile
« Last Edit: February 16, 2011, 08:03:54 pm by jimp »
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Offline fastcon68

  • Sr. Member
  • ****
  • Posts: 593
  • Karma: +0/-0
    • View Profile
Re: [As Good As Solved!] Watchguard Firebox Arm/Disarm LED
« Reply #61 on: February 17, 2011, 04:26:42 pm »
will this work on the embedded version 1.2.3?
RC

Offline stephenw10

  • Hero Member
  • *****
  • Posts: 8167
  • Karma: +8/-0
    • View Profile
Re: [As Good As Solved!] Watchguard Firebox Arm/Disarm LED
« Reply #62 on: February 17, 2011, 05:07:11 pm »
It should work fine with any install type.
I've tested it with NanoBSD installs of 1.2.3-release and 2.0Beta.

Steve

Offline brcisna

  • Full Member
  • ***
  • Posts: 189
  • Karma: +0/-0
    • View Profile
Re: [As Good As Solved!] Watchguard Firebox Arm/Disarm LED
« Reply #63 on: February 17, 2011, 05:21:42 pm »
stephenw10.

I been trying to follow this thread as of late. I am a bit confused on WG FB hardware versioning? Will your proggy work on an x550 WG FB?
If so,Ill give it a spin in a couple days and post a report.

Thanks,
Barry


Offline stephenw10

  • Hero Member
  • *****
  • Posts: 8167
  • Karma: +8/-0
    • View Profile
Re: [As Good As Solved!] Watchguard Firebox Arm/Disarm LED
« Reply #64 on: February 17, 2011, 06:59:16 pm »
I'm assuming you mean the X550e right?
If so then yes it should work fine. I used the X750e to test it and that's the same box but with a 4 port add on card.
You get all the functions on that box.

Steve

Edit: Just to add, if you have an unusual Firebox then it probably won't be detected as a Firebox and the program will just exit. Even if it happens to have the gpio_sel register set in such a way that it is detected as a Firebox the likely result is that nothing will happen. Even if, in a bizarre coincidence, there is something present at the gpio being altered it all gets reset by the bios at boot time so you can just turn it off and on again.  ;D
« Last Edit: February 18, 2011, 06:26:31 am by stephenw10 »

Offline iFloris

  • Full Member
  • ***
  • Posts: 169
  • Karma: +0/-0
  • one layer of information removed
    • View Profile
    • Small personal site
Re: [As Good As Solved!] Watchguard Firebox Arm/Disarm LED
« Reply #65 on: February 19, 2011, 11:24:38 am »
Sorry for the delay.

I've tried the program and it seems to work!

Code: [Select]
[2.0-BETA5][admin@firebox1.domain]/etc/rc.d(15): chmod 0755 WGXepc
[2.0-BETA5][admin@firebox1.domain]/etc/rc.d(16): ./WGXepc
Found Firebox X-Core
WGXepc Version 0.3 17:2:2011
WGXepc can accept two arguments:
 -f (fan) will return the current fan speed or if followed
    by a number in hex, 00-FF, will set it.
 -l (led) will set the arm/disarm to the second argument:
    red, green, red_flash, green_flash, off
Not all functions are supported by all models
[2.0-BETA5][admin@firebox1.domain]/etc/rc.d(17): ./WGXepc -l green
Found Firebox X-Core
[2.0-BETA5][admin@firebox1.domain]/etc/rc.d(18): ./WGXepc -l red
Found Firebox X-Core
[2.0-BETA5][admin@firebox1.domain]/etc/rc.d(19): ./WGXepc -l red_flash
Found Firebox X-Core
[2.0-BETA5][admin@firebox1.domain]/etc/rc.d(20): ./WGXepc -l green_flash
Found Firebox X-Core
[2.0-BETA5][admin@firebox1.domain]/etc/rc.d(21): ./WGXepc -l green
Found Firebox X-Core

The commands do what they are supposed to, and response is immediate.
« Last Edit: February 19, 2011, 11:28:17 am by iFloris »
one layer of information
removed

Offline stephenw10

  • Hero Member
  • *****
  • Posts: 8167
  • Karma: +8/-0
    • View Profile
Re: [As Good As Solved!] Watchguard Firebox Arm/Disarm LED
« Reply #66 on: February 19, 2011, 12:40:38 pm »
Excellent!  ;D

Offline brcisna

  • Full Member
  • ***
  • Posts: 189
  • Karma: +0/-0
    • View Profile
Re: [As Good As Solved!] Watchguard Firebox Arm/Disarm LED
« Reply #67 on: February 20, 2011, 05:51:29 pm »
stephen,

I will have to look at my WG FB. I am thinking mine is not the 'e' suffix? Doesn't the 'e' suffixed WG FB's have the gigE ethernet?
Mine only has 10/100 nics in it. I should know what the model is too?:(.
Won't know for a couple days,when I get back to work. I'll give your prog a spin regardless and report.
I guess,I'm not real clear. Does your prog do the 'native' green to red routine at bootup,when everything is up, ,or is it simply capable of you manually toggling the led to do whatever you want it to?

thanks,
Barry



Offline stephenw10

  • Hero Member
  • *****
  • Posts: 8167
  • Karma: +8/-0
    • View Profile
Re: [As Good As Solved!] Watchguard Firebox Arm/Disarm LED
« Reply #68 on: February 20, 2011, 07:29:28 pm »
Hmm, x550 no e?
Be interesting to see if it detects it.
At the moment the program is 'manual' only.
It's easy to put a bash script in /usr/local/etc/rc.d to make it go green at the end of boot.

Steve

Edit:
I can't find any mention of the x550 on Watchguard's website, but a lot of the good information is hidden away. The models I haven't yet any gpio information on are:
X-Peak-E; almost certainly the same as the X-Core-E but with more ram, faster CPU and vpn card.
SSL-100; looks like an X550E with different software, maybe an encryption card, 2GB ram!
SSL-500/1000; also same as X550E.
SSL-Core; looks like an X-Core but has different software using the harddisk bay!

All the other newer models are still way too valuable to show up on Ebay!  ::)

Edit: X-Peak-E confirmed working. Same board as the X-Core-E.
« Last Edit: March 12, 2011, 12:13:19 pm by stephenw10 »

Offline brcisna

  • Full Member
  • ***
  • Posts: 189
  • Karma: +0/-0
    • View Profile
Re: [As Good As Solved!] Watchguard Firebox Arm/Disarm LED
« Reply #69 on: February 21, 2011, 08:34:57 am »
stephenw10,

I miscombobulated on the model number. My FB is x500 ( no 'e').
I believe this is/was the first generation 1u cased FB. It has the 1.2GHZ celeron cpu,FYI.
I would guess the mobo is significantly different than the board you were testing on.
The second gen 1u cased FB's were numbered x550e,x750e,etc,I believe the 'e' designates gigE nics?
In three-four days ill down your code and try it on this box and file a report,,,:)
FWIW. This simple box does handle two 3mb up/down connections with about 350 pc's and 1000 users,(possible)
Using squid,squidGuard,Lightsquid, load balance,failover.

Take Care,
Barry


Offline stephenw10

  • Hero Member
  • *****
  • Posts: 8167
  • Karma: +8/-0
    • View Profile
Re: [As Good As Solved!] Watchguard Firebox Arm/Disarm LED
« Reply #70 on: February 21, 2011, 09:32:25 am »
X500 (all the X-Core boxes) have been confirmed working. No off mode for the led for some reason.

Steve

Offline hmeister

  • Jr. Member
  • **
  • Posts: 88
  • Karma: +0/-0
    • View Profile
    • Nettech
Re: [Almost Completely Solved!] Watchguard Firebox Arm/Disarm LED
« Reply #71 on: May 03, 2011, 08:44:13 am »
Here is the new program incorporating all the new values for the X-Core.
Obviously rename it WGXepc (remove the .png extension). Copy it to your box and chmod it to 0755. Run it!  ;D

Because the new memory locations were quite high I felt it would be dangerous to simply write all the values on every box, which what the previous programs did. This new one tries to find out which Firebox model it's running on by reading the gpio_sel register and comparing it with known values. It works fine for me here on the three boxes I've tested it on but I don't have an X-Core and I can imagine that a different bios version might cause detection problems. Deal with that if it happens. Hopefully this might stop people randomly installing it on any box and messing with some important setting!  ::)

It seems to run fine on 1.2.3 and 2.0Beta5.

Steve
Steve - what syntax do I use when I copy this to the /tmp dir. to run this? (yes-will rename it first!)
thx
H.
Best Regards;
H.

Offline stephenw10

  • Hero Member
  • *****
  • Posts: 8167
  • Karma: +8/-0
    • View Profile
Re: [As Good As Solved!] Watchguard Firebox Arm/Disarm LED
« Reply #72 on: May 03, 2011, 09:18:58 am »
You can use the upload feature in the web gui to copy it /tmp. However /tmp only exists in memory so you have to move it somewhere else if you want it to survive a reboot.
It's up to you where you put it but /usr/local/bin seems good. Since you are running a full install you shouldn't have any problems with a read-only filesystem.
You can use WinSCP (if you're running Windows) to copy the file directly to /usr/local/bin.

Then you can put a script in /usr/local/etc/rc.d that runs on startup.
Here's mine, called WGXepc.sh
Code: [Select]
#!/bin/sh
#
/usr/local/bin/WGXepc -l green

Steve

Edit: And make sure the file permissions are set to 0755 or it won't run. You can do this from WinSCP or from the command line:
Code: [Select]
chmod 0755 /usr/local/bin/WGXepc
« Last Edit: May 03, 2011, 09:22:49 am by stephenw10 »

Offline hmeister

  • Jr. Member
  • **
  • Posts: 88
  • Karma: +0/-0
    • View Profile
    • Nettech
Re: [As Good As Solved!] Watchguard Firebox Arm/Disarm LED
« Reply #73 on: May 03, 2011, 09:31:43 am »
Steve...
Thanks - will set this up now...
H.
Best Regards;
H.

Offline hmeister

  • Jr. Member
  • **
  • Posts: 88
  • Karma: +0/-0
    • View Profile
    • Nettech
Re: [As Good As Solved!] Watchguard Firebox Arm/Disarm LED
« Reply #74 on: May 03, 2011, 11:40:00 am »
You can use the upload feature in the web gui to copy it /tmp. However /tmp only exists in memory so you have to move it somewhere else if you want it to survive a reboot.
It's up to you where you put it but /usr/local/bin seems good. Since you are running a full install you shouldn't have any problems with a read-only filesystem.
You can use WinSCP (if you're running Windows) to copy the file directly to /usr/local/bin.

Then you can put a script in /usr/local/etc/rc.d that runs on startup.
Here's mine, called WGXepc.sh
Code: [Select]
#!/bin/sh
#
/usr/local/bin/WGXepc -l green

Steve

Edit: And make sure the file permissions are set to 0755 or it won't run. You can do this from WinSCP or from the command line:
Code: [Select]
chmod 0755 /usr/local/bin/WGXepc

Steve - working great!
Best Regards;
H.