Auteur: Mike Tubby Date: À: dng Sujet: [DNG] Devuan 4.0 on Sophos firewall hardware
Just in case anyone is interested, I have had good success at installing
Devuan 4.0 on to second hand Sophos firewall hardware (XG115 and XG125,
Rev 3) to make light-weight firewalls and network appliances.
You have to use a terminal program on the console port at 38400 to get
access to the AMI bios, you can turn off the console port redirection
and revert to the HDMI output (Rev 3 hardware) and then boot from a USB
stick with 'netinst' and flatten the Sophos firmware on the 64Gb eMMC
and install Devuan.
The result is a fast quad core Intel Atom C3508 with four Intel I211
(XG115) or eight Intel 211/X553 gigabit Ethernet ports and an I210 SFP
port (XG125).
Processor Information
Socket Designation: CPU0
Type: Central Processor
Family: Pentium 4
Manufacturer: Intel(R) Corporation
ID: F1 06 05 00 FF FB EB BF
Signature: Type 0, Family 6, Model 95, Stepping 1
Flags:
FPU (Floating-point unit on-chip)
VME (Virtual mode extension)
DE (Debugging extension)
PSE (Page size extension)
TSC (Time stamp counter)
MSR (Model specific registers)
PAE (Physical address extension)
MCE (Machine check exception)
CX8 (CMPXCHG8 instruction supported)
APIC (On-chip APIC hardware supported)
SEP (Fast system call)
MTRR (Memory type range registers)
PGE (Page global enable)
MCA (Machine check architecture)
CMOV (Conditional move instruction supported)
PAT (Page attribute table)
PSE-36 (36-bit page size extension)
CLFSH (CLFLUSH instruction supported)
DS (Debug store)
ACPI (ACPI supported)
MMX (MMX technology supported)
FXSR (FXSAVE and FXSTOR instructions supported)
SSE (Streaming SIMD extensions)
SSE2 (Streaming SIMD extensions 2)
SS (Self-snoop)
HTT (Multi-threading)
TM (Thermal monitor supported)
PBE (Pending break enabled)
Version: Intel(R) Atom(TM) CPU C3508 @ 1.60GHz
Voltage: 1.6 V
External Clock: 100 MHz
Max Speed: 3800 MHz
Current Speed: 1600 MHz
Status: Populated, Enabled
Upgrade: Socket LGA775
L1 Cache Handle: 0x002F
L2 Cache Handle: 0x0030
L3 Cache Handle: Not Provided
Serial Number: Not Specified
Asset Tag: UNKNOWN
Part Number: Not Specified
Core Count: 4
Core Enabled: 4
Thread Count: 4
Characteristics:
64-bit capable
Multi-Core
Hardware Thread
Execute Protection
Enhanced Virtualization
Power/Performance Control
root@xg125:/home/mike/mycrypt# lspci
00:00.0 Host bridge: Intel Corporation Atom Processor C3000 Series
System Agent (rev 11)
00:04.0 Host bridge: Intel Corporation Atom Processor C3000 Series Error
Registers (rev 11)
00:05.0 Generic system peripheral [0807]: Intel Corporation Atom
Processor C3000 Series Root Complex Event Collector (rev 11)
00:06.0 PCI bridge: Intel Corporation Atom Processor C3000 Series
Integrated QAT Root Port (rev 11)
00:09.0 PCI bridge: Intel Corporation Atom Processor C3000 Series PCI
Express Root Port #0 (rev 11)
00:0a.0 PCI bridge: Intel Corporation Atom Processor C3000 Series PCI
Express Root Port #1 (rev 11)
00:0b.0 PCI bridge: Intel Corporation Atom Processor C3000 Series PCI
Express Root Port #2 (rev 11)
00:0c.0 PCI bridge: Intel Corporation Atom Processor C3000 Series PCI
Express Root Port #3 (rev 11)
00:0e.0 PCI bridge: Intel Corporation Atom Processor C3000 Series PCI
Express Root Port #4 (rev 11)
00:0f.0 PCI bridge: Intel Corporation Atom Processor C3000 Series PCI
Express Root Port #5 (rev 11)
00:10.0 PCI bridge: Intel Corporation Atom Processor C3000 Series PCI
Express Root Port #6 (rev 11)
00:11.0 PCI bridge: Intel Corporation Atom Processor C3000 Series PCI
Express Root Port #7 (rev 11)
00:12.0 System peripheral: Intel Corporation Atom Processor C3000 Series
SMBus Contoller - Host (rev 11)
00:13.0 SATA controller: Intel Corporation Atom Processor C3000 Series
SATA Controller 0 (rev 11)
00:15.0 USB controller: Intel Corporation Atom Processor C3000 Series
USB 3.0 xHCI Controller (rev 11)
00:16.0 PCI bridge: Intel Corporation Atom Processor C3000 Series
Integrated LAN Root Port #0 (rev 11)
00:17.0 PCI bridge: Intel Corporation Atom Processor C3000 Series
Integrated LAN Root Port #1 (rev 11)
00:18.0 Communication controller: Intel Corporation Atom Processor C3000
Series ME HECI 1 (rev 11)
00:1f.0 ISA bridge: Intel Corporation Atom Processor C3000 Series LPC or
eSPI (rev 11)
00:1f.2 Memory controller: Intel Corporation Atom Processor C3000 Series
Power Management Controller (rev 11)
00:1f.4 SMBus: Intel Corporation Atom Processor C3000 Series SMBus
controller (rev 11)
00:1f.5 Serial bus controller [0c80]: Intel Corporation Atom Processor
C3000 Series SPI Controller (rev 11)
01:00.0 Co-processor: Intel Corporation Atom Processor C3000 Series
QuickAssist Technology (rev 11)
02:00.0 Ethernet controller: Intel Corporation I211 Gigabit Network
Connection (rev 03)
03:00.0 Ethernet controller: Intel Corporation I211 Gigabit Network
Connection (rev 03)
04:00.0 Ethernet controller: Intel Corporation I211 Gigabit Network
Connection (rev 03)
05:00.0 Ethernet controller: Intel Corporation I211 Gigabit Network
Connection (rev 03)
06:00.0 PCI bridge: ASPEED Technology, Inc. AST1150 PCI-to-PCI Bridge
(rev 03)
07:00.0 VGA compatible controller: ASPEED Technology, Inc. ASPEED
Graphics Family (rev 30)
0a:00.0 Ethernet controller: Intel Corporation I210 Gigabit Fiber
Network Connection (rev 03)
0b:00.0 Ethernet controller: Intel Corporation Ethernet Connection X553
1GbE (rev 11)
0b:00.1 Ethernet controller: Intel Corporation Ethernet Connection X553
1GbE (rev 11)
0c:00.0 Ethernet controller: Intel Corporation Ethernet Connection X553
1GbE (rev 11)
0c:00.1 Ethernet controller: Intel Corporation Ethernet Connection X553
1GbE (rev 11)
root@xg125:/home/mike/mycrypt#
root@xg125:/home/mike/mycrypt# uname -a
Linux xg125 5.10.0-9-amd64 #1 SMP Debian 5.10.70-1 (2021-09-30) x86_64
GNU/Linux
root@xg125:/home/mike/mycrypt# lsb_release -a
No LSB modules are available.
Distributor ID: Devuan
Description: Devuan GNU/Linux 4 (chimaera)
Release: 4
Codename: chimaera
root@xg125:/home/mike/mycrypt# uptime
13:20:15 up 12 days, 20:22, 3 users, load average: 0.01, 0.02, 0.00
root@xg125:/home/mike/mycrypt#
IPv4, IPv6, VLANs, OpenVPN, Wireguard, NTP with GPSD and a hardware
reference clock, DHCP, Bind, Asterisk and more all working and it draws
a fraction of the power of the Dell R210 that I used to use.