The Four Lakes Amateur Radio Club has been using a
Raspberry Pi 1B+ for a couple of years as our
DHCP/Samba/NAT server for events like ARRL Field Day.
As I had a spare RPi 2 sitting around, I decided to see if I could use
FreeBSD on that device instead, instead of Debian based Raspbian.
I am using the FreeBSD 11.1-RELEASE image for the the OS, the instructions on
the FreeBSD website were easy to use to get the image transferred to an SD
card. Once we were booted up and running, using the ethernet port for network
connectivity, I installed the wpa_supplicant package, I probably could have
skipped this step and used the wpa_supplicant installation in the base system.
I had to update /boot/loader.conf
legal.realtek.license_ack=1
if_urtwn_load="YES"
wlan_wep_load="YES"wlan_ccmp_load="YES"
wlan_tkip_load="YES"
Additions to /etc/rc.conf
ntpd_enable="YES"
ntp_sync_on_start="YES"
wlans_urtwn0="wlan0"
ifconfig_wlan0="WPA SYNCDHCP"
The ntp additions are due to the RPi not having a Real Time Clock, these
settings force the RPi to update the time from network clocks at boot time.
Create the /usr/local/etc/wpa_supplicant.conf file
ctrl_interface=/var/run/wpa_supplicant
eapol_version=1
ap_scan=1
fast_reauth=1
country=US
device_name=fpi
network={
ssid="SECRET"
proto=WPA
key_mgmt=WPA-PSK
pairwise=CCMP TKIP
group=CCMP TKIP WEP104 WEP40
psk=SUPER_SECRET
}
And then reboot to have all of the changes take effect.
Once we were up and running on WiFi, I reconfigured the ethernet port for a
static IP by changing the configuration in /etc/rc.conf from
ifconfig_ue0="DHCP"
to
ifconfig_ue0="inet 10.0.0.1 netmask 255.255.255.0"
Then I installed dnsmasq and samba.
pkg install dnsmasq
pkg install samba48
/usr/local/etc/dnsmasq.conf
domain-needed
bogus-priv
no-resolv
server=1.1.1.1
interface=ue0
expand-hosts
domain=local
dhcp-range=10.0.0.10,10.0.0.50,6h
dhcp-option=3,10.0.0.1
dhcp-leasefile=/usr/local/var/lib/misc/dnsmasq.leases
/usr/local/etc/smb4.conf
[global]
workgroup = WORKGROUP
server string = Samba Server Version %v
netbios name = fpi
wins support = yes
security = user
passdb backend = tdbsam
map to guest = Bad User
log file = /var/log/samba4/log.%m
log level = 3
[fd]
comment = Field Day
create mask = 0664
directory mask = 0775
force group = nobody
force user = nobody
guest ok = yes
path = /home/fd
read only = no
And added to /etc/rc.conf again
dnsmasq_enable="YES"
samba_server_enable="YES"
winbindd_enable="YES"
The directory where we will be sharing files from is /home/fd, so we need to
create it and set permissions.
mkdir /home/fd
chown nobody:nobody /home/fd
chmod 775 /home/fd
Now for the NAT portion, since I used to run an OpenBSD firewall for my home
network, I decided to use pf instead of ipfw.
So we need to make some more changes to /etc/rc.conf
pf_enable="YES"
pflog_enable="YES"
pflog_logfile="/var/log/pflog"
gateway_enable="YES"
And create /etc/pf.conf
ext_if='wlan0'
int_if='ue0'
localnet = $int_if:network
nat on $ext_if from $localnet to any -> ($ext_if)
Yes, there should probably be more rules here to restrict access and ports.
Now it's time for another reboot and everything should be working.