There is no official pkgng repo for FreeBSD-arm, yet.  There is an unofficial one, here, however in order to use it, you have to have pkgng installed.  As far as I can tell, the only way to install pkgng on ARM is to builds and install from source. On the platform I’m using, Wandboard, the mmc device isn’t working 100% yet, so I decided to compile on a RAM disk.  I did this to create the RAM disk mkdir /mnt/tmpdisk mount -t tmpfs tmpfs /mnt/tmpdisk cd /mnt/tmpdisk The second step is: ftp ftp://ftp.freebsd.org/pub/FreeBSD/distfiles/pkg-1.1.4.tar.xz Once you have the source, untar it, build and install tar zxvf pkg-1.1.tar.xz cd pkg-1.1 make make install In my case, “make install” on FreeBSD-Current failed due to lack of certain directories.  This may help: mkdir /usr/local/lib mkdir /usr/local/man mkdir /usr/local/libdata mkdir /usr/local/sbin mkdir /usr/local/man/man8 Once you’ve installed pkgng, you should be able to verify that it’s available root@wandboard:/mnt/tmpfs/pkg-1.1.4 # /usr/local/sbin/pkg -v 1.1.4 From here, there are a couple of options. You can use the unofficial repo provided here. You can download the packages you need from here, and install them.

I got interested in building my own wireless point after seeing some of the wireless firmware issues like this.  Besides, I’ve always been interested in embedded devices and FreeBSD. So, the first step was a device.  I chose to use a Wandboard.  I’m a committer to Crochet-FreeBSD, so I built out the device support for Crochet-FreeBSD.  You can take a look here. For the wireless interface I used an Cisco AE1000 wireless interface. The AE1000 uses the run driver. Starting the wireless interface and scanning for wireless points looks like this ifconfig wlan0 create wlandev run0 ifconfig wlan0 up scan On this board I have two interfaces: ffec0.  The wired interface run0.  The Cisco USB wireless ffec0 is configured to get an IP, gateway and DNS via DHCP, in /etc/rc.conf ifconfig_ffec0=”DHCP” I had these design criteria. I already have a DHCP server, so I didn’t want to assign IP leases on the wireless point; I want to delegate to my existing DHCP server I prefer to use WPA Personal for authentication I’d like to install as little software as possible; this doesn’t need to be complicated It would be great to automatically firewall any IPs that fail to log in more than a couple times A simple web administration interface would be very helpful Of course, I’m not interesting in connecting to an existing wireless point, instead I want to be the wireless point.   I need only one piece of software installed to function as a wireless point; hostapd.  Fortunately hostapd is part of the base FreeBSD install. There are a couple kernel features I needed, so I loaded them at boot time.  My /boot/loader.conf looks like: console=”comconsole” #pf pf_load=”YES” pflog_load=”YES” pfsync_load=”YES” #altq alq_load=”YES” #wlan wlan_wep_load=”YES” wlan_ccmp_load=”YES” wlan_tkip_load=”YES” wlan_acl_load=”YES” wlan_xauth_load=”YES” # run driver if_run_load=”YES” runfw_load=”YES” # bridge if_bridge_load=”YES” if_bridgestp_load=”YES” # set wandboard to use 1 cpu hw.ncpu=1 These options give me various wlan capabilties, the pf devices, the bridge device, and altq.  I’ve also loaded the kernel module for the run driver. The strategy I want to use for leveraging my existing DHCP server and existing network is to configure my wireless point as a transparent proxy. The bridge device provides me exactly what I want, by enabling me to bridge the ffec0 and run0 interfaces. My /etc/rc.conf includes: # hostname hostname=”wandboard” # services ntpdate_enable=”YES” sshd_enable=”YES” hostapd_enable=”YES” # pf pf_enable=”YES” pf_rules=”/etc/pf.conf” pflog_enable=”YES” pflog_logfile=”/var/log/pflog” # lan ifconfig_ffec0=”DHCP” # turn off sendmail sendmail_submit_enable=”NO” sendmail_outbound_enable=”NO” sendmail_msp_queue_enable=”NO” # wireless wlans_run0=”wlan0″ create_args_wlan0=”wlanmode hostap mode 11g” ifconfig_wlan0=”ssid snagglepuss11 channel 11″ # bridge cloned_interfaces=”bridge0″ ifconfig_bridge0=”addm ffec0 addm wlan0 up” This configuration sets up the lan interface on DHCP, the wifi interface as an 11g access point on channel 11, and then bridges the interface.  At this point, we have a working wifi interface.  However, it’s not secured yet. My /etc/hostapd.conf file, the configuration file for hostapd looks like this interface=wlan0 logger_syslog=-1 logger_syslog_level=2 debug=1 ctrl_interface=/var/run/hostapd ctrl_interface_group=wheel ssid=snagglepuss1 wpa=1 wpa_passphrase=xxxx wpa_key_mgmt=WPA-PSK wpa_pairwise=CCMP TKIP It’s pretty simple; I have WEP authentication on the interface wlan0, with the ssid khublacom1. Finally, I decided to implement some simple packet filtering.  /etc/pf.conf looks like this: # interfaces lan_if=”ffec0″ wifi_if=”wlan0″ # options set block-policy return set optimization conservative # normalization scrub in all scrub out all # anti-spoof antispoof for $lan_if inet # pass on lo set skip on lo # default, deny everything block in log all # out is ok pass out quick # pass inet4 and inet6 traffic in on wifi and lan pass in on $wifi_if inet pass in on $wifi_if inet6 pass in on $lan_if inet pass in on $lan_if inet6 # icmp all good pass out inet proto icmp from any to any keep state pass in quick inet proto icmp from any to any keep state I allow all IP4 and IP6 traffic in on the wifi interface. I don’t have a web interface yet; I’ve had some trouble reliably compiling on the current builds of FreeBSD ARM.  However, I’m sure that’ll be worked out shortly.