Installing to pfsense

David Wood david at
Wed Mar 30 14:56:41 CEST 2011

Hi Franz,

In message 
<AANLkTikH+a1YJDGU5N-TyF-8Xo8_tdE23EqO2V7k+YJX at>, Franz 
<flamana at> writes
>I have currently installed freeradius 2.1.10 and Mysql 5..5.10 on a pfsense
>box which is freebsd. I want this to work with mysql however I was wondering
>how to install freeradius with mysql support as I am unable to do it via
>ports or try any commands or flags with ./configure via tarball. Only
>pkg_add is available, can I recompile or install from scratch to get
>freeradius to bind to mysql?

Alan has already given you the answer - you need a development 
environment. pfSense does not contain compilers and other development 
tools to keep the image size down.

Another reason why pfSense does not contain development tools is because 
it is arguably inappropriate to build software on a firewall. Maybe you 
are using pfSense for some other task, though if you are using it as a 
firewall, I would argue strongly that your RADIUS server should be 
running on another machine inside your firewall.

You can't reconfigure a binary package - the configuration is burned in 
when it is created, usually by the default options. It is nonsense to 
try to pass configuration flags to pkg_add.

The default options are always set for minimum external dependencies - 
if you want features like SQL or LDAP support, you have to set the 
relevant options yourself and rebuild the package. FreeBSD does not 
adopt the approach of some Linux distributions, where the additional 
modules are distributed in separate binary packages.

You will need to set the appropriate options for the net/freeradius2 
port and build a package using that port on a FreeBSD box of the 
appropriate release and major version - ideally the minor version should 
also match, though that doesn't usually matter. You can then pkg_add 
that package on the pfSense machine.

pfSense 2.0 RC is based on FreeBSD 8.1 - amd64 for the 64 bit version 
and i386 for the 32 bit version.

pfSense 1.2.3 is based on FreeBSD 7.2 i386.

A virtual machine can be useful for building packages if you don't have 
access to a FreeBSD machine.

When I maintained the FreeBSD FreeRADIUS ports, I was asked to create a 
net/freeradius-mysql slave port for someone working on pfSense. This is 
FreeRADIUS 1.x and should probably die. It isn't realistic to create 
slave ports for all the dependencies that people might require - port 
bloat is frowned on.

With best wishes,

David Wood
david at

More information about the Freeradius-Users mailing list