Writing system images

From securityrouter.org, an OpenBSD-based firewall
Jump to: navigation, search

The security router software is shipped as software images; that is, a complete clone of a system disk. Installing the security router on dedicated hardware (bare-metal) is as simple as downloading the raw image from http://dl2.halon.se/vsr/ and writing it to a disk such as a USB stick or CompactFlash. For more information, see the getting started page.

Important notes about disks

  • Choose a system disk medium with long read endurance. Writes are infrequent (swap and log files may be stored on a separate "storage" disk), but many cheap medium (especially USB sticks) suffers from "read disturb" where many read operations eventually destroys the medium[1][2]. High-quality SLC or MLC flash[3] with ECC is recommended. It's also possible to install the system on a normal/flash hard disk.
  • It's recommended to have a separate storage disk which supports heavy write operations without breaking (unlike most CF cards and USB sticks) to hold scratch files, logs, graphs, the swap, etc.

Mac OS X

  1. Connect the disk (USB stick, CompactFlash, etc)
  2. Start the "Disk Utility"
    • Select the disk
    • Press "Unmount" (if possible)
    • Press "Info" to find the "Disk Identifier" something like disk1
  3. Start the "Terminal"
    • Possibly "cd" to the location of the system image file, or put the file in our user's home folder
    • Run gzcat halon-vsr-serial-amd64-3.0p33.img.gz | sudo dd bs=16k of=/dev/disk1

Terminal only

  1. Start the "Terminal"
  2. Possibly "cd" to the location of the system image file, or put the file in our user's home folder
  3. Run diskutil list
  4. Connect the disk (USB stick, CompactFlash, etc)
  5. Run diskutil list again, and notice the new device that appears (e.g. /dev/disk1)
  6. Run diskutil unmountDisk /dev/disk1 (if it fails, use the "Disk Utility" above)
  7. Run gzcat halon-vsr-serial-amd64-3.0p33.img.gz | sudo dd bs=16k of=/dev/disk1

Note that "sudo" is needed on 10.8 (Mountain Lion) or later, which will make the system ask for your user's (or administrator) password.

Linux/BSD

  1. Connect the disk (USB stick, CompactFlash, etc)
  2. Run as root zcat halon-vsr-serial-amd64-3.0p33.img.gz | dd bs=16k of=/dev/sdb

Note that the path to the file can be relative, and that sdb should be your inserted USB disk

Microsoft Windows

Microsoft Windows does not ship tools for uncompressing .gz files, however free tools are available such as 7-Zip. The uncompressed file should be written to a block device (such as a USB stick or CF disk) using Image Writer for Windows, which provides a graphical way of doing so.

Install from ISO or CD

If it for some reason is impossible or inconvenient to write the disk image directly (might be the case with some cloud computing providers), you can boot another (Linux/BSD) operating system installer or Live CD and write the disk from there. This is how to do it with OpenBSD:

  1. Download and boot OpenBSD
  2. Bring up a shell
  3. Run ftp -V -o - -m http://dl.halon.se/vsr/sr-serial-amd64-3.4p1.img.gz | gzcat | dd of=/dev/rwd0c bs=16k
  4. Reboot

where you substitute wd0 with whatever your disk is called (sd0 for the first SCSI disk) and the URL with the appropriate version and flavour (serial/video, architecture, etc).