Expand root zpool while online

When the physical zvol has increased in capacity, ZFS should expand to use all the extra space. However this usually requires a re-mount which also means a reboot if your zpool is used for the root filesystem.

There is a command I found that works around this limitation, usually used for bringing new disks into a running zpool.

zpool online -e zroot <disk>

This should cause the zpool to recognise the new storage area immediately.

A re-mount may be a safer way to do this however if that is possible and a reboot is not so much of a problem.

Running pfSense as a VM guest on FreeNAS 9.10 host using Bhyve

Update 31/03/2016: FreeNAS 9.10 is now marked STABLE and 9.3 is in maintenance mode until the version 10 release. There are issues to be aware of though, I have updated the post below, new information is in italics.

Update 15/06/2016: I have tested and started using the vmrun.sh script that allows guest VMs to be successfully rebooted and shutdown from inside the guest OS.

IX Systems recently announced the FreeNAS 9.10-nightly train, an unsupported a version of FreeNAS 9 using a FreeBSD 10 base. This allows users to make use of FreeBSD 10 features including Bhyve, the FreeBSD virtualisation module. I have tested this out to run pfSense firewall as a guest on my HP Microserver running FreeNAS. It was a very experimental process but I managed to get a working configuration which I’ve documented below for my own reference and for others trying to do a similar thing.

The information here is not a step-by-step guide. It involves diving under the hood of the  FreeNAS Web UI and there is no official support available from IX Systems, the FreeNAS and FreeBSD communities may also struggle to help you, so I am assuming you have a decent enough understanding of computer networking and FreeBSD’s networking stack to muddle your way through problems you will likely encounter.

If you follow the information here, there is no warranty, I am not liable if it deletes your data, gets you hacked, burns your house down or anything else. If you follow the information contained here you do so entirely at your own risk.


My home server is a HP Microserver N36L, with 8GB ECC RAM, 2xTB WD Red hard disks in ZFS RAID1 (mirrored).

I am using an Intel PRO/1000 PCI-e network interface card instead of the on-board HP/Broadcom NIC, mainly because of VLAN issues I had with the on-board NIC. Most people won’t use VLANs, just replace the VLAN interfaces with the appropriate physical interface name in your own config.

To do this, you must have the following:

  • A CPU with support for virtualisation.
  • Two network cards, or a switch with 802.1q VLAN support.
  • A ZFS zpool, UFS probably will work but will involve some significant differences.
  • At least 8GB RAM, preferably more, that is the minimum for FreeNAS and some of it will be dedicated to pfSense’s use.
  • A 16GB+ USB flash drive for FreeNAS.

Preparing the Images


Download FreeNAS 9.3 from their website, follow the official instructions to install it to your USB flash drive.

Boot it on your system and then use the System Update menu to switch to the 9.10-Nightlies 9.10-STABLE train, upgrade the system and reboot into FreeNAS 9.10.


Download the 4GB embedded image of pfSense from their website, this is not the normal installation image, the file name is:


Download this onto your freshly installed FreeNAS system, unzip the file using gunzip.

On FreeNAS Web UI create a 4GB zvol, call it pfSense.

Copy the embedded image to the zvol using ‘dd’, my zpool is called “tank”, change this in the command below to the name of your zpool.

dd if=pfSense-CE-2.3.1-RELEASE-4g-amd64-nanobsd.img of=/dev/zvol/tank/pfSense bs=1M


Go to system > tunables in the Web UI, these are the settings you will need, some are not applicable in all situations so read the descriptions here.

Variable cloned_interfaces
Value bridge0 bridge1 tap0 tap1
Type rc

This creates the virtual interfaces we need at boot time.

Variable ifconfig_bridge0
Value addm tap0 addm vlan1 up
Type rc

This configures and brings up bridge0, adding the two interfaces tap0 and vlan1 to it, replace “vlan1” with your LAN interface name.

Variable ifconfig_bridge1
Value addm tap1 addm vlan100 up
Type rc

As above, this configures the WAN bridge. Replace “vlan100” with your WAN interface name.

Variable net.link.bridge.pfil_onlyip
Value 0
Type Sysctl

If you are not using PPPoE you may exclude this. If you are using PPPoE, this is required to prevent the packet filter from blocking anything that’s not IP leaving the bridge.

Variable net.link.tap.up_on_open
Value 1
Type Sysctl

This tells FreeBSD to enable (bring up) the tap interfaces when they are opened by pfSense.

Variable nmdm_load
Value YES
Type loader

This loads the kernel module for nmdm, which is used for gaining serial console access to pfSense locally, this is necessary because Bhyve does not support VGA console access.

Variable vmm_load
Value YES
Type loader

This loads the VMM module for virtualisation support in the kernel.

You can test this first by running ‘kldload vmm’ from the CLI, then look at the output from dmesg, if you have errors then your CPU might not support VM extensions, or they may be disabled in the BIOS.


I have configured my VLAN interfaces through FreeNAS’s network interface menu. You should configure your LAN/WAN interfaces through the networks menu too.

While it’s possible to configure interfaces in the tunables section, if you do so FreeNAS will try to DHCP configure all available interfaces, including bridges, which is undesirable. It must have at least one interface manually configured to prevent this, even if that is just to bring up an interface and nothing more.

The WAN-side interface, VLAN or physical, should be configured to come up (options=up), but should not have an IP address on it. You don’t need it, you’re more secure without it.

My LAN-side interface has the FreeNAS IP address, this goes against FreeBSD best practice advice which is to put the IP address on the bridge. By the time I got this into a working state I didn’t want to break things again by making this change, it probably would work by only bringing up the interface in FreeNAS network configuration and then using tunables to add the IP to the ifconfig_bridge0 entry. edit: When doing so using tunables however the IP address is not present when the jails come up, this causes jails to join an isolated bridge network disconnected from the LAN, this needs further testing.

Boot scripts

On the FreeNAS Web UI, go to Tasks then Init/Shutdown Scripts.

Create a new entry and put the following:

type command
command sh /usr/share/examples/bhyve/vmrun.sh -c 2 -m 384 -C /dev/nmdm0A -d /dev/zvol/tank/pfSense -t tap0 -t tap1 pfsense &
when postinit

This command starts pfSense with 384MB RAM and two network interfaces, it can be adjusted to suit your own requirements.

384MB is about the minimum amount of RAM I’ve found necessary on a minimal pfSense 2.3 installation, this was increased from 256MB on version 2.2, obviously the more services you run the more RAM you will need to allocate but keep it as small as possible so not to take too much RAM away from the host.

A serial console is installed on nmdm0, the number can be adjusted if this is in use.

You must end the command with an ampersand (&) so that the command is put into the background and does not hang the VGA console.

Accessing pfSense

Reboot FreeNAS to cause it to boot pfSense as it should do.

To access pfSense, as root on FreeNAS run the command:

cu -l /dev/nmdm0B

As it is a serial console, you will need to tap return to see the menu. You can then configure pfSense’s interfaces in order to access it’s Web UI.

Be careful to check that you have your pfSense vtnet interfaces matched to the correct tap/bridge interface on FreeNAS and so aren’t exposing your unconfigured pfSense box to the Internet, that would be very bad.

Try a reboot, you should see it shutdown and come back up if your loop is properly configured.

To exit the serial console type tilde+fullstop (~.) and you should drop to FreeNAS. If accessing FreeNAS remotely this may also drop you to the local terminal.

In most cases you will just use SSH to manage pfSense but this provides a fail-safe.

How well does it work?

Quite well, pfSense is happy and performs well under Bhyve. I haven’t experienced any crashes or weird behaviour from pfSense.

The boot loop means pfSense cannot be totally shut down without rebooting itself, I’m not aware of a way to force this either, I’ll probably look into this in the near future but at the moment having it automatically reboot is a good thing. Edit: Reboot and shutdown from inside the guest now works successfully when using the vmrun.sh script which responds appropriately to the bhyve exit code.

The network configuration is still a bit unstable, I enabled IPv6 on the LAN interface only to find once it restarted the interface configuration it managed to drop it out of bridge0. However, this only happens if you make configuration changes on a running system, which should almost never need to happen, just be careful when you do. The configuration will come up again properly on reboot.

FreeNAS 9.10 shows tap devices as configurable in the FreeNAS Network menu, however they are not usable by FreeNAS, so this is probably a bug owing to the fact FreeNAS doesn’t normally support tap interfaces, expect the unexpected when making modifications in tunables. Unfortunately bridge interfaces which are usable by FreeNAS, are not recognised as configurable and so can only be configured using tunables.

Bhyve is a new virtualisation system, it seems to work well but it isn’t as mature as other VM systems such as KVM or VMWare. It lacks support for features common in alternatives such as USB support or VGA consoles, it can run various BSD systems and Linux but it’s only really useful for servers, not graphical desktops.

FreeNAS 9.10 is a nightly train, I will periodically update it but I haven’t yet updated it since making the changes, I don’t expect it will cause any breakages but I cannot be sure yet. Edit: FreeNAS 9.10 is now out as STABLE and upgrade is recommended by iX Systems. I have now upgraded to the stable branch, this was successful and the configuration continued to function through the upgrade (woot!), there are several other issues with the stable branch that hit me such as HTTPS being broken, pkg is broken in newly created jails, iohyve does not work, but that’s another story… I personally would recommend waiting until at least a patch release in April before upgrading to STABLE for these reasons.

Iohyve is a Bhyve management tool, based on iocage which in-turn is a more advanced replacement for Warden. I haven’t tested iohyve to see how well it interacts with the manually configured bhyve jail for pfSense. I have some experience with iohyve and I know it would not be suitable for managing a pfSense guest due to it supporting only a single network bridge.

In hindsight

Doing this has been an interesting experience, I learned a lot from it and encountered a number of issues both limitations in my hardware, bugs in FreeNAS and quirks of FreeBSD’s network stack. I look forward to proper Bhyve support in FreeNAS 10 and I hope it comes with flexible support for bridged interfaces.

ownCloud unable to add new users – A user with that name already exists.

Using owncloud 8.2, when adding a new user it can error saying that the user already exists, regardless what username you put in.

owncloud user already exists

This turned out to be a problem with an App called “User backend using remote HTTP servers”, disabling this resolved this error for me.

If you are using the standard ownCloud authentication method then this App should not need to be enabled.

Flight tracking with RTL-SDR and Dump1090

One of the interesting uses for RTL Software Defined Radio is to set it up to track ADS-B  data sent from nearby aircraft, this information provides transponder information such as altitude, course, speed and the flight number.

To examine this data I am using a Linux utility called Dump1090, I compiled this from source using the current git HEAD at https://github.com/MalcolmRobb/dump1090, there are other repositories but I hear this is the best. To start on an Ubuntu or derivative, install build-essential and git;

apt-get install build-essential git

Then clone the repository into a folder somewhere:

git clone https://github.com/MalcolmRobb/dump1090

Enter the folder and compile the application:

cd dump1090

Now run the application with the following options:

./dump1090 --interactive --net

I was already running another server on dump1090’s default 8080 so I needed to specify an alternative port 10900

./dump1090 --interactive --net --net-http-port 10900

Now, open your browser and point to the address http://localhost:8080, replacing the 8080 with the alternative port chosen if you needed to.


The application will start finding nearby aircraft and plotting them on a Google map, you can select the planes  to look up their flight plan on web sites like flightaware and flightstats. I live near to Manchester International Airport so I could see a good few flights arriving and departing MAN that would show up as they leave and disappear as they left range somewhere off the coast of the Irish Sea.

RTL SDR frequency correction

Tuning the radio on an RTL SDR receiver, it’s very common to find the frequency read-out to be wildly inaccurate. To correct for this SDR applications request a PPM value which is unique to each RTL SDR USB dongle. To get your PPM value run the following command in the Linux CLI:

rtl_test -p

After several minutes you’ll have a read-out like the following:

Found 1 device(s):
0:  Realtek, RTL2838UHIDIR, SN: 00000001

Using device 0: Generic RTL2832U OEM
Found Rafael Micro R820T tuner
Supported gain values (29): 0.0 0.9 1.4 2.7 3.7 7.7 8.7 12.5 14.4 15.7 16.6 19.7 20.7 22.9 25.4 28.0 29.7 32.8 33.8 36.4 37.2 38.6 40.2 42.1 43.4 43.9 44.5 48.0 49.6
Sampling at 2048000 S/s.
Reporting PPM error measurement every 10 seconds...
Press ^C after a few minutes.
Reading samples in async mode...
lost at least 196 bytes
real sample rate: 2048184 current PPM: 90 cumulative PPM: 90
real sample rate: 2048151 current PPM: 74 cumulative PPM: 82
real sample rate: 2048198 current PPM: 97 cumulative PPM: 87
real sample rate: 2048152 current PPM: 74 cumulative PPM: 84
real sample rate: 2048186 current PPM: 91 cumulative PPM: 85
real sample rate: 2048166 current PPM: 82 cumulative PPM: 85
real sample rate: 2048161 current PPM: 79 cumulative PPM: 84
real sample rate: 2048189 current PPM: 93 cumulative PPM: 85
real sample rate: 2048170 current PPM: 83 cumulative PPM: 85
real sample rate: 2048165 current PPM: 81 cumulative PPM: 84
real sample rate: 2048188 current PPM: 92 cumulative PPM: 85
real sample rate: 2048162 current PPM: 80 cumulative PPM: 85
real sample rate: 2048180 current PPM: 88 cumulative PPM: 85
real sample rate: 2048174 current PPM: 85 cumulative PPM: 85
real sample rate: 2048161 current PPM: 79 cumulative PPM: 84
real sample rate: 2048182 current PPM: 89 cumulative PPM: 85
real sample rate: 2048183 current PPM: 90 cumulative PPM: 85
real sample rate: 2048153 current PPM: 75 cumulative PPM: 84
real sample rate: 2048179 current PPM: 88 cumulative PPM: 85
real sample rate: 2048184 current PPM: 90 cumulative PPM: 85
real sample rate: 2048165 current PPM: 81 cumulative PPM: 85
real sample rate: 2048178 current PPM: 87 cumulative PPM: 85
real sample rate: 2048177 current PPM: 87 cumulative PPM: 85
real sample rate: 2048166 current PPM: 81 cumulative PPM: 85
real sample rate: 2048195 current PPM: 95 cumulative PPM: 85

As you can see. the value averages out over time to give a stable reading. My USB dongle is off by 85 PPM so I’ll enter this to correct my frequency reading.

However I found afterwards that this still leaves me slightly off the mark, so using a graphical SDR application such as GQRX, tune to a known frequency then fine-tune the PPM value until the signal meets the tuning line in the middle. Typically I find mine is ~73 PPM using this method, this can vary by ~1-2 PPM but it’s enough to hit signals when tuned to the right frequency.

For a known frequency I suggest finding a local repeater, preferably on 70cm to 23cm for highest precision, but one that is most active is best. You might also use APRS which is always 144.8MHz in Europe, different frequencies in other regions but it’s reliable. Both these choices are NFM so you should hit them exactly in the centre of the broadcast when tuned correctly.
sm313 on YouTube tried using GSM mobile frequencies, this is a good choice because it’s a high frequency so has good precision and is constantly broadcasting, but you need to know what you’re looking for in a very wide-band signal so might not be that straight-forward.

If you have other suggestions please leave advice in the comments.

Reduce Pipelight/Netflix CPU usage on Intel HD graphics by disabling hardware acceleration

I have been trying to solve a problem viewing Netflix on my laptop. I was annoyed by the laptop fan running high while playing video making it difficult to hear the audio from Netflix.

The laptop has a current generation Intel Haswell i5 4340M CPU with Intel HD4600 graphics and I’m running Linux kernel 3.16 on Kubuntu 14.04 although this problem existed on kernel versions 3.14 and 3.15. I mention this because YMMV particularly with different GPU makes.

The solution I found is to disable GPU hardware acceleration on Pipelight, this drops the CPU usage from 30-40% to under 20% allowing the laptop to run cooler and use less power, meaning a quieter laptop and longer battery life.

Before, GPU acceleration on:


After, GPU acceleration off:


It is possible to disable hardware acceleration permanently using the instructions on the Pipelight website here, however I prefer to be more selective and have created myself an application launcher to start a new Firefox Window that opens Netflix immediately, the launcher command line is:

PIPELIGHT_GPUACCELERATION=0 firefox -new-window http://www.netflix.com

I would normally expect hardware acceleration to reduce CPU load because this hands off the video decoding work onto the GPU but the opposite appears to be happening here, I don’t know why this is the case, the CPU seems barely notice that it’s decoding 1080p video so it might be some magic built into integrated Intel chips but if anyone has any better theories I’d be interested to know!

RossLUG Talk: Radio on Linux

This is a copy of the talk I gave to the Rossendale Linux User Group on Monday 28th October 2013, the topic is “Radio on Linux” intending to provide an overview of some of the amateur radio and software define radio technologies I have been playing with during the summer.

Radio on Linux


Hardware required

R820T Digital TV Tuner

A very cheap digital TV tuner that was discovered to allow hackers the ability to read raw radio i/o for software processing.


  • House TV antenna is fine for VHF/UHF.
  • Long-wire antenna for low frequencies under 30MHz, 20 metres of thin wire.
  • Can get quite complicated, lots of information online
Optional and Alternatives

e4000 TV tuners

Earlier DTV tuner chip that is similarly capable as newer R820T


  • 30MHz – 6GHz (wider frequency range)
  • 20MHz sampling bandwidth
  • RX/TX (can also transmit with appropriate licensing)
  • Costs ~£200 when available

Softrock SDR kits[3]

  • DIY electronic kits for self-assembly
  • Various capabilities and prices

“Ham It Up” v1.2 Up-converter[4]

  • Open Source hardware
  • Enables access to 0-30MHz frequencies on other SDR hardware
  • Requires a “pig-tail” lead to link with SDR receiver
  • Costs ~£30

Software Set-up

Blacklist DTV module

Linux may try to load the v4l module for the TV tuner card, this will claim the hardware preventing access by the SDR driver, so we need to disable it

On Ubuntu and derivatives:

$ rmmod dvb_usb_rtl28xxu # unload module if already loaded
$ sudo echo 'blacklist dvb_usb_rtl28xxu' >> /etc/modprobe.d/blacklist.conf # add to blacklist

Install the applications


GQRX is not in Ubuntu repositories, it is also under rapid development so it’s best to compile from source. GNU Radio in Ubuntu 13.10 should be adequate, compiling from source takes a long time!

Source: http://vereniging.opensource.nl/wiki/index.php/Software-Defined_Radio_on_Ubuntu


Fedora has a ham radio special interest group maintaining a lot of packages. Currently GQRX does not seem to be included.

Using the application

  • Once loaded turn it on
  • Beware that frequencies are badly calibrated
  • Zoom into the frequency band by scrolling up on the frequency axis of the top display
  • Use “SQL” to squelch out noise to stop irritating your neighbours, the noise floor changes at different frequencies so may need to be reset
  • Don’t forget to set the right modulation type
    • WFM for commercial FM (Wide-band FM)
    • NFM for ham radio and CB Radio (27MHz), thought some illegal CB is AM
    • Airband is all AM
    • LSB (Lower Sideband) for ham radio < 10MHz
    • USB (Upper Sideband) for ham radio > 10MHz
  • Learn to recognise signals by their sound and pattern on the waterfall
  • Find numbers stations like “The Buzzer” we listened to at 4625KHz

Things to see and do


Try out listening to and decoding radio signals without paying a penny. WebSDR connects remote SDR hardware to the Internet so any user can tune in (without impacting others!).

Go to www.websdr.org

My favourites:

University of Twente – http://websdr.ewi.utwente.nl:8901/

  • Full HF frequency range available
  • Based in Netherlands – Good location to hear all of Europe

Hack Green – http://hackgreensdr.org:8901/

  • Based in Cheshire, similar results to what can be heard locally
  • Covers main HAM radio bands

What to see and do

  • Discuss what you can hear with other listeners
  • Find interesting signals, my favourite is polytones


Used for encoding and decoding digital modes such as Morse or more recent phase-shift-keying and others.

It’s designed for sending and receiving but fine to just receive

Digital communications tend to follow a standard format, don’t expect deep conversations going on (Rag-chews – in ham terminology)

Most common digital modes are:

  • Morse code AKA “CW” or “continuous wave”
  • BPSK31 – phase shift keying, 31Hz wide, very narrow on frequency waterfall
  • RTTY – two tones but wider apart than BPSK31

Keep trying different modes until it starts outputting readable text, you’ll get an ear for what different modes sound like with experience

 Other Applications

  • GNU Radio – build simple and complex radio systems, endless possibilities
  • Sigmira – Decode NATO STANAG 4285 modem signals
  • aprs.fi – See how APRS is translated with Google Maps
  • Dream – Digital Radio Mondiale on shortware frequencies
  • 433MHz home automation

Useful Links