IPFire on Lamobo R1 – fresh installation and moving system to SSD

My licence for antivirus expired, so I decided to secure my home network some way .  Now I will try  IPFIRE distro for ARM architecture.

Easy, nice and almost perfect. Why almost? Because on ARM based machines  IDS or IPS will not work in this distro! But proxy , firewall, and antivirus  can still be useful.

Step: 1
Preparing media

Installation is very easy for Banana R1, just format sd card and write image of IPfire  on it with Win32Imager

for formatting  very handy is SDFormatter v4

Size 2GB Class 10 and more is recommended. In my situation card will be used for booting , rest of the  system will be on SSD drive.

Image can be downloaded from http://downloads.ipfire.org/release/

When image is written in to the sdcard  system needs some changes in file uEnv.txt as default is preconfigured for banana pi

Before

KVER=3.14.43
DTBSUNXI=sun7i-a20-bananapi.dtb
uenvcmd=if test "$board" = "panda" ;then run bootpanda; else run bootsunxi; fi;
bootpanda=setenv initrd_high 90000000; fatload mmc 0:1 0x82000000 zImage-ipfire-multi; fatload mmc 0:1 ${fdtaddr} dtb-${KVER}-ipfire-multi/${fdtfile};                                                 setenv bootargs video=800x600 console=ttyO2,115200n8 rootwait smsc95xx.macaddr=$usbethaddr root=/dev/mmcblk0p3; bootz 0x82000000 - ${fdtaddr};
bootsunxi=setenv fdt_high ffffffff;    fatload mmc 0:1 0x46000000 zImage-ipfire-multi; fatload mmc 0:1 0x49000000 dtb-${KVER}-ipfire-multi/${DTBSUNXI}; fatload mmc 0:1 0x49100000 uInit-ipfire-multi; setenv bootargs console=ttyS0,115200n8 rootwait root=/dev/mmcblk0p3 rootwait;                         bootz 0x46000000 0x49100000 0x49000000;

After
DTBSUNXI=sun7i-a20-bananapi.dtb must be replaced with sun7i-a20-lamobo-r1.dtb

DTBSUNXI=

sun7i-a20-lamobo-r1.dtb

KVER=3.14.43
DTBSUNXI=sun7i-a20-bananapi-r1.dtb
uenvcmd=if test "$board" = "panda" ;then run bootpanda; else run bootsunxi; fi;
bootpanda=setenv initrd_high 90000000; fatload mmc 0:1 0x82000000 zImage-ipfire-multi; fatload mmc 0:1 ${fdtaddr} dtb-${KVER}-ipfire-multi/${fdtfile}; setenv bootargs video=800x600 console=ttyO2,115200n8 rootwait smsc95xx.macaddr=$usbethaddr root=/dev/mmcblk0p3; bootz 0x82000000 - ${fdtaddr};
bootsunxi=setenv fdt_high ffffffff; fatload mmc 0:1 0x46000000 zImage-ipfire-multi; fatload mmc 0:1 0x49000000 dtb-${KVER}-ipfire-multi/${DTBSUNXI}; fatload mmc 0:1 0x49100000 uInit-ipfire-multi; setenv bootargs console=ttyS0,115200n8 rootwait root=/dev/mmcblk0p3 rootwait; bootz 0x46000000 0x49100000 0x49000000;

update: Thanks to Luis Oyarce (see comment)

For Banan R1   the best is one with enabled console armv5tel image for boards with serial console, because HDMi on board does not work with this distribution. After pre configuration from console rest can be configured via web page https://10.1.0.1:444  .Address 10.1.0.1 is configured for GREEN interface.

connect computer and banana r1 with USB RS232 converter. Most of cheap converters need only pins with RX TX signals and GND. My is with separated output , so I have to connect 3,3V  powering pin to my banana.  Ports  on board

• UART0-RX: J13-P01
• UART0-TX: J13-P02
• GND: J12-P08
• POWER 3,3 V or 5V (use it only if you have converter with separated/isolated  input , cheap converters does not need powering, and they can damage board after connecting powering!)

Console TTL to USB conveter

This TTL converter  can operate from 2,7  – 5,5 V , so if you have to increase voltage for your Banana , it will work as well with no problem.

I tried cheaper one for a week, but it died without reasons. So is better to invest a little bit more ,because  it can be used for other projects.

Configure Putty for serial connection

setting of serial connection  COM port is automatically created on first connection of converter, it can be checked in windows device manager

port detailed configuration

Step 2
Configuration

After successful connection you will have to go fru the steps of configuration:

1. keyboard type
2. time zone
3. Host name
4. Domain name
5. root password (for ssh and console connection)
6. admin password (for web panel)

Networking :

If you want to use WIFI and wired network Green, Blue and Red must be selected.

Next step is assigning drivers  for each interfaces.

In this distro , switch is not perfectly recognized. So default WAN port must be configured on any „LAN” port. I decided to use firs one 0.11 . numbering is from 0.11 up to 0.14.

In this version of IPFIRE we have only four ports which can be used. In OPENWRT ports are recognized better, it was on newer kernel version.

Next step is configuring IP addresses for interfaces.

I used class 10.1.0.0/24 for wired network (green) and 10.1.1.0/24 for Wifi(blue).

WAN is at the moment configured as DHCP client. But will be as PPPoA , and my current router as a A modem ADSL with bridge option.

DNS and GATEWAY

for DNS I’ve used SYMENTEC secure DNS service

As the gateway is  at he moment my old router.

Last step is configuring DHCP service for GREEN interface. Blue  can be configured via WEB panel.

listing of first boot:

U-Boot SPL 2014.04 (Aug 10 2015 - 10:57:05)
Board: Bananapi
DRAM: 1024 MiB
CPU: 960000000Hz, AXI/AHB/APB: 3/2/2
spl: not an uImage at 1600


U-Boot 2014.04 (Aug 10 2015 - 10:57:05) Allwinner Technology

CPU:   Allwinner A20 (SUN7I)
Board: Bananapi
I2C:   ready
DRAM:  1 GiB
MMC:   SUNXI SD/MMC: 0
*** Warning - bad CRC, using default environment

In:    serial
Out:   serial
Err:   serial
Net:   dwmac.1c50000
Hit any key to stop autoboot:  0
reading uEnv.txt
809 bytes read in 27 ms (28.3 KiB/s)
Loaded environment from uEnv.txt
Running uenvcmd ...
reading zImage-ipfire-multi
3737912 bytes read in 220 ms (16.2 MiB/s)
reading dtb-3.14.43-ipfire-multi/sun7i-a20-lamobo-r1.dtb
22861 bytes read in 57 ms (391.6 KiB/s)
reading uInit-ipfire-multi
8688728 bytes read in 480 ms (17.3 MiB/s)
Kernel image @ 0x46000000 [ 0x000000 - 0x390938 ]
## Loading init Ramdisk from Legacy Image at 49100000 ...
   Image Name:
   Image Type:   ARM Linux RAMDisk Image (lzma compressed)
   Data Size:    8688664 Bytes = 8.3 MiB
   Load Address: 00000000
   Entry Point:  00000000
   Verifying Checksum ... OK
## Flattened Device Tree blob at 49000000
   Booting using the fdt blob at 0x49000000
   Loading Ramdisk to 4f7b6000, end 4ffff418 ... OK
   Using Device Tree in place at 49000000, end 4900894c

Starting kernel ...

Booting Linux on physical CPU 0x0
Initializing cgroup subsys cpuset
Initializing cgroup subsys cpu
Initializing cgroup subsys cpuacct
Linux version 3.14.43-ipfire-multi (root@odroid-x) (gcc version 4.4.7 (GCC) ) #1 SMP Mon Aug 10 11:42:27 GMT 2015
CPU: ARMv7 Processor [410fc074] revision 4 (ARMv7), cr=10c5387d
CPU: PIPT / VIPT nonaliasing data cache, VIPT aliasing instruction cache
Machine model: Lamobo-R1
Memory policy: Data cache writealloc
psci: probing function IDs from device-tree
PERCPU: Embedded 9 pages/cpu @eefda000 s12544 r8192 d16128 u36864
Built 1 zonelists in Zone order, mobility grouping on.  Total pages: 260624
Kernel command line: console=ttyS0,115200n8 rootwait root=/dev/mmcblk0p3 rootwait
PID hash table entries: 4096 (order: 2, 16384 bytes)
Dentry cache hash table entries: 131072 (order: 7, 524288 bytes)
Inode-cache hash table entries: 65536 (order: 6, 262144 bytes)
allocated 2097152 bytes of page_cgroup
please try 'cgroup_disable=memory' option if you don't want memory cgroups
Memory: 1015032K/1048576K available (7022K kernel code, 779K rwdata, 2736K rodata, 664K init, 776K bss, 33544K reserved, 270336K highmem)
Virtual kernel memory layout:
    vector  : 0xffff0000 - 0xffff1000   (   4 kB)
    fixmap  : 0xfff00000 - 0xfffe0000   ( 896 kB)
    vmalloc : 0xf0000000 - 0xff000000   ( 240 MB)
    lowmem  : 0xc0000000 - 0xef800000   ( 760 MB)
    pkmap   : 0xbfe00000 - 0xc0000000   (   2 MB)
    modules : 0xbf000000 - 0xbfe00000   (  14 MB)
      .text : 0xc0008000 - 0xc07db8e8   (8015 kB)
      .init : 0xc0c00000 - 0xc0ca6100   ( 665 kB)
      .data : 0xc0d00000 - 0xc0dc2ef8   ( 780 kB)
       .bss : 0xc0dc2ef8 - 0xc0e84f74   ( 777 kB)
SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=2, Nodes=1
Hierarchical RCU implementation.
        Hierarchical RCU autobalancing is disabled.
        RCU restricting CPUs from NR_CPUS=8 to nr_cpu_ids=2.
        Offload RCU callbacks from all CPUs
        Offload RCU callbacks from CPUs: 0-1.
RCU: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=2
NR_IRQS:16 nr_irqs:16 16
Architected cp15 timer(s) running at 24.00MHz (phys).
sched_clock: 56 bits at 24MHz, resolution 41ns, wraps every 2863311519744ns
Switching to timer-based delay loop
sched_clock: 32 bits at 24MHz, resolution 41ns, wraps every 178956969942ns
sched_clock: 32 bits at 160MHz, resolution 6ns, wraps every 26843545593ns
Console: colour dummy device 80x30
Calibrating delay loop (skipped), value calculated using timer frequency.. 48.00 BogoMIPS (lpj=240000)
pid_max: default: 32768 minimum: 501
Security Framework initialized
Mount-cache hash table entries: 2048 (order: 1, 8192 bytes)
Mountpoint-cache hash table entries: 2048 (order: 1, 8192 bytes)
Initializing cgroup subsys memory
Initializing cgroup subsys devices
Initializing cgroup subsys freezer
Initializing cgroup subsys net_cls
Initializing cgroup subsys blkio
Initializing cgroup subsys perf_event
CPU: Testing write buffer coherency: ok
ftrace: allocating 24685 entries in 73 pages
/cpus/cpu@0 missing clock-frequency property
/cpus/cpu@1 missing clock-frequency property
CPU0: thread -1, cpu 0, socket 0, mpidr 80000000
Setting up static identity map for 0x407daaa0 - 0x407daaf8
CPU1: Booted secondary processor
CPU1: thread -1, cpu 1, socket 0, mpidr 80000001
Brought up 2 CPUs
SMP: Total of 2 processors activated (96.00 BogoMIPS).
CPU: All CPU(s) started in HYP mode.
CPU: Virtualization extensions available.
devtmpfs: initialized
VFP support v0.3: implementor 41 architecture 2 part 30 variant 7 rev 4
pinctrl core: initialized pinctrl subsystem
regulator-dummy: no parameters
NET: Registered protocol family 16
DMA: preallocated 256 KiB pool for atomic coherent allocations
hw-breakpoint: found 5 (+1 reserved) breakpoint and 4 watchpoint registers.
hw-breakpoint: maximum watchpoint size is 8 bytes.
Serial: AMBA PL011 UART driver
bio: create slab <bio-0> at 0
edma-dma-engine edma-dma-engine.0: Can't allocate PaRAM dummy slot
edma-dma-engine: probe of edma-dma-engine.0 failed with error -5
reg-fixed-voltage ahci-5v.4: could not find pctldev for node /soc@01c00000/pinctrl@01c20800/ahci_pwr_pin@0, deferring probe
platform ahci-5v.4: Driver reg-fixed-voltage requests probe deferral
reg-fixed-voltage usb1-vbus.5: could not find pctldev for node /soc@01c00000/pinctrl@01c20800/usb1_vbus_pin@0, deferring probe
platform usb1-vbus.5: Driver reg-fixed-voltage requests probe deferral
reg-fixed-voltage usb2-vbus.6: could not find pctldev for node /soc@01c00000/pinctrl@01c20800/usb2_vbus_pin@0, deferring probe
platform usb2-vbus.6: Driver reg-fixed-voltage requests probe deferral
reg-fixed-voltage gmac-3v3.8: could not find pctldev for node /soc@01c00000/pinctrl@01c20800/gmac_power_pin@0, deferring probe
platform gmac-3v3.8: Driver reg-fixed-voltage requests probe deferral
vgaarb: loaded
SCSI subsystem initialized
usbcore: registered new interface driver usbfs
usbcore: registered new interface driver hub
usbcore: registered new device driver usb
Switched to clocksource arch_sys_counter
NET: Registered protocol family 2
TCP established hash table entries: 8192 (order: 3, 32768 bytes)
TCP bind hash table entries: 8192 (order: 4, 65536 bytes)
TCP: Hash tables configured (established 8192 bind 8192)
TCP: reno registered
UDP hash table entries: 512 (order: 2, 16384 bytes)
UDP-Lite hash table entries: 512 (order: 2, 16384 bytes)
NET: Registered protocol family 1
Trying to unpack rootfs image as initramfs...
Freeing initrd memory: 8484K (cf7b6000 - cffff000)
hw perfevents: enabled with ARMv7 Cortex-A7 PMU driver, 5 counters available
futex hash table entries: 512 (order: 3, 32768 bytes)
audit: initializing netlink subsys (disabled)
audit: type=2000 audit(4.490:1): initialized
bounce pool size: 64 pages
VFS: Disk quotas dquot_6.5.2
Dquot-cache hash table entries: 1024 (order 0, 4096 bytes)
msgmni has been set to 1471
alg: No test for crc32 (crc32-table)
alg: No test for stdrng (krng)
NET: Registered protocol family 38
Block layer SCSI generic (bsg) driver version 0.4 loaded (major 252)
io scheduler noop registered
io scheduler deadline registered
io scheduler cfq registered (default)
platform 1c13400.phy: Driver sun4i-usb-phy requests probe deferral
sunxi-pinctrl 1c20800.pinctrl: initialized sunXi PIO driver
Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled
1c28000.serial: ttyS0 at MMIO 0x1c28000 (irq = 33, base_baud = 1500000) is a U6_16550A
console [ttyS0] enabled
dw-apb-uart 1c29800.serial: Couldn't set LCR to 0
dw-apb-uart 1c29800.serial: Couldn't set LCR to 0
1c29800.serial: ttyS1 at MMIO 0x1c29800 (irq = 51, base_baud = 1500000) is a U6_16550A
dw-apb-uart 1c29c00.serial: Couldn't set LCR to 0
dw-apb-uart 1c29c00.serial: Couldn't set LCR to 0
1c29c00.serial: ttyS2 at MMIO 0x1c29c00 (irq = 52, base_baud = 1500000) is a U6_16550A
Serial: AMBA driver
Serial: IMX driver
Non-volatile memory driver v1.3
brd: module loaded
loop: module loaded
libphy: Fixed MDIO Bus: probed
ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
ehci-pci: EHCI PCI platform driver
ehci-platform: EHCI generic platform driver
platform 1c14000.usb: Driver ehci-platform requests probe deferral
platform 1c1c000.usb: Driver ehci-platform requests probe deferral
ehci-omap: OMAP-EHCI Host Controller driver
ehci-orion: EHCI orion driver
uhci_hcd: USB Universal Host Controller Interface driver
usbcore: registered new interface driver usb-storage
mousedev: PS/2 mouse device common for all mice
sunxi-rtc 1c20d00.rtc: rtc core: registered rtc-sunxi as rtc0
sunxi-rtc 1c20d00.rtc: RTC enabled
input: axp20x-pek as /devices/soc.3/1c2ac00.i2c/i2c-0/0-0034/axp20x-pek/input/input0
LDO1: 1300 mV
LDO2: 1800 <--> 3300 mV at 3000 mV
LDO3: 700 <--> 3500 mV at 2275 mV
LDO4: 1250 <--> 3300 mV at 2800 mV
LDO5: 1800 <--> 3300 mV at 2800 mV
DCDC2: 700 <--> 2275 mV at 1400 mV
DCDC3: 700 <--> 3500 mV at 1300 mV
axp20x 0-0034: AXP20X driver loaded
device-mapper: uevent: version 1.0.3
device-mapper: ioctl: 4.27.0-ioctl (2013-10-30) initialised: [email protected]
sdhci: Secure Digital Host Controller Interface driver
sdhci: Copyright(c) Pierre Ossman
sunxi-mmc 1c0f000.mmc: Got CD GPIO #234.
sunxi-mmc 1c0f000.mmc: base:0xf09d6000 irq:64
sdhci-pltfm: SDHCI platform and OF driver helper
ledtrig-cpu: registered to indicate activity on CPUs
hidraw: raw HID events driver (C) Jiri Kosina
usbcore: registered new interface driver usbhid
usbhid: USB HID core driver
nf_conntrack version 0.5.0 (15992 buckets, 63968 max)
ip_tables: (C) 2000-2006 Netfilter Core Team
TCP: cubic registered
Initializing XFRM netlink socket
NET: Registered protocol family 10
ip6_tables: (C) 2000-2006 Netfilter Core Team
NET: Registered protocol family 17
Bridge firewalling registered
Key type dns_resolver registered
ThumbEE CPU extension supported.
Registering SWP/SWPB emulation handler
registered taskstats version 1
LDO4: disabling
LDO3: disabling
regulator-dummy: disabling
ahci-5v: 5000 mV
usb1-vbus: 5000 mV
usb2-vbus: 5000 mV
gmac-3v3: 3300 mV
ehci-platform 1c14000.usb: EHCI Host Controller
ehci-platform 1c14000.usb: new USB bus registered, assigned bus number 1
ehci-platform 1c14000.usb: irq 71, io mem 0x01c14000
ehci-platform 1c14000.usb: USB 2.0 started, EHCI 1.00
usb usb1: New USB device found, idVendor=1d6b, idProduct=0002
usb usb1: New USB device strings: Mfr=3, Product=2, SerialNumber=1
usb usb1: Product: EHCI Host Controller
usb usb1: Manufacturer: Linux 3.14.43-ipfire-multi ehci_hcd
usb usb1: SerialNumber: 1c14000.usb
hub 1-0:1.0: USB hub found
hub 1-0:1.0: 1 port detected
ehci-platform 1c1c000.usb: EHCI Host Controller
ehci-platform 1c1c000.usb: new USB bus registered, assigned bus number 2
ehci-platform 1c1c000.usb: irq 72, io mem 0x01c1c000
ehci-platform 1c1c000.usb: USB 2.0 started, EHCI 1.00
usb usb2: New USB device found, idVendor=1d6b, idProduct=0002
usb usb2: New USB device strings: Mfr=3, Product=2, SerialNumber=1
usb usb2: Product: EHCI Host Controller
usb usb2: Manufacturer: Linux 3.14.43-ipfire-multi ehci_hcd
usb usb2: SerialNumber: 1c1c000.usb
hub 2-0:1.0: USB hub found
hub 2-0:1.0: 1 port detected
sunxi-rtc 1c20d00.rtc: setting system clock to 1970-01-01 00:00:11 UTC (11)
Freeing unused kernel memory: 664K (c0c00000 - c0ca6000)
mmc0: host does not support reading read-only switch. assuming write-enable.
usb 2-1: new high-speed USB device number 2 using ehci-platform
mmc0: new high speed SD card at address e624
mmcblk0: mmc0:e624 SU02G 1.84 GiB
 mmcblk0: p1 p3
usb 2-1: New USB device found, idVendor=0bda, idProduct=8178
usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
dracut: dracut-038
usb 2-1: Product: 802.11n WLAN Adapter
usb 2-1: Manufacturer: Realtek
usb 2-1: SerialNumber: 00e04c000001
udevd[179]: starting version 208
random: systemd-udevd urandom read with 14 bits of entropy available
EXT4-fs (mmcblk0p3): mounted filesystem without journal. Opts: (null)
ahci-sunxi 1c18000.sata: controller can't do PMP, turning off CAP_PMP
ahci-sunxi 1c18000.sata: forcing PORTS_IMPL to 0x1
ahci-sunxi 1c18000.sata: AHCI 0001.0100 32 slots 1 ports 3 Gbps 0x1 impl platform mode
ahci-sunxi 1c18000.sata: flags: ncq sntf pm led clo only pio slum part ccc
scsi0 : ahci_platform
ata1: SATA max UDMA/133 mmio [mem 0x01c18000-0x01c18fff] port 0x100 irq 88
ata1: SATA link up 3.0 Gbps (SStatus 123 SControl 300)
ata1.00: ATA-8: OCZ-VERTEX3 MI, 2.22, max UDMA/133
ata1.00: 234441648 sectors, multi 16: LBA48 NCQ (depth 31/32)
ata1.00: configured for UDMA/133
scsi 0:0:0:0: Direct-Access     ATA      OCZ-VERTEX3 MI   2.22 PQ: 0 ANSI: 5
sd 0:0:0:0: [sda] 234441648 512-byte logical blocks: (120 GB/111 GiB)
sd 0:0:0:0: Attached scsi generic sg0 type 0
dracut: Checking ext4: /dev/mmcblk0p3
dracut: issuing e2fsck -a  /dev/mmcblk0p3
sd 0:0:0:0: [sda] Write Protect is off
sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
 sda: sda1 sda2 sda3
sd 0:0:0:0: [sda] Attached SCSI disk
dracut: /dev/mmcblk0p3: clean, 22979/120000 files, 193295/466432 blocks
dracut: Mounting /dev/mmcblk0p3 with -o defaults
EXT4-fs (mmcblk0p3): mounted filesystem without journal. Opts: (null)
dracut: Mounted root filesystem /dev/mmcblk0p3
dracut: Switching root
INIT: version 2.88 booting
Mounting kernel-based file systems:                                    [  OK  ]
Setting kernel runtime parameters...                                   [  OK  ]
Loading modules: lp cryptodev                                          [  OK  ]
Populating /dev with device nodes...                                   [  OK  ]
Activating all swap files/partitions...                                [  OK  ]
Mounting root file system in read-only mode...                         [  OK  ]
Checking file systems...
/dev/mmcblk0p3: clean, 22979/120000 files, 193295/466432 blocks
dosfsck 3.0.9, 31 Jan 2010, FAT32, LFN
/dev/mmcblk0p1: 195 files, 26862/30651 clusters                        [  OK  ]
Remounting root file system in read-write mode...                      [  OK  ]
Create /etc/mtab...                                                    [  OK  ]
Mounting remaining file systems...                                     [  OK  ]
Mounting ramdisk file systems: /var/lock                               [  OK  ]
Retrying failed uevents, if any...                                     [  OK  ]
Cleaning file systems: /tmp /var/ipfire/dhcp /var/ipfire/red /var/lock /var/log/updatexlrator /var/run                                                 [  OK  ]
Creating files and directories...                                      [  OK  ]
Setting system clock...                                                [  OK  ]
Setting up Linux console...                                            [  OK  ]
Configure vlan-switch on eth0 ...
Added VLAN with VID == 11 to IF -:eth0:-
Added VLAN with VID == 12 to IF -:eth0:-
Added VLAN with VID == 13 to IF -:eth0:-
Added VLAN with VID == 14 to IF -:eth0:-
Populating /dev with device nodes...                                   [  OK  ]
Bringing up the loopback interface...                                  [  OK  ]
Setting hostname to ipfire...                                          [  OK  ]
Loading firewall modules into the kernel                               [  OK  ]
Setting up firewall                                                    [  OK  ]
Triggering network devices...                                          [  OK  ]
No Hardware Random Number Generator found...                           [ WARN ]
INIT: Entering runlevel: 3
Restore ramdisk...                                                     [  OK  ]
Starting kernel log daemon...                                          [  OK  ]
Starting system log daemon...                                          [  OK  ]
Saving Bootlog...                                                      [  OK  ]
Enabling S.M.A.R.T.: sda                                               [  OK  ]
Starting Domain Name Service Proxy...                                  [  OK  ]
Using DNS server(s): 199.85.126.10 199.85.127.10
Bringing up the green0 interface...
Adding IPv4 address 10.1.0.1 to the green0 interface...                [  OK  ]
Bringing up the blue0 interface...
Adding IPv4 address 10.1.1.1 to the blue0 interface...                 [  OK  ]
Bringing up the red0 interface...
Starting dhcpcd on the red0 interface...                               [  OK  ]
           DHCP Assigned Settings for red0:
           IP Address:      192.168.1.107
           Hostname:        ipfire
           Subnet Mask:     255.255.255.0
           Default Gateway: 192.168.1.1
           DNS Server:      194.204.159.1 194.204.152.34
Adding static routes...                                                [  OK  ]
Starting the Cyrus SASL Server...                                      [  OK  ]
Initializing kernel random number generator...                         [  OK  ]
Setting time on boot...                                                [  OK  ]
Starting ntpd...                                                       [  OK  ]
Loading Sensor Modules:                                                [  OK  ]
Starting Collection daemon...                                          [  OK  ]
Starting DHCP Server...                                                [  OK  ]
Starting Apache daemon...                                              [  OK  ]
Starting fcron...                                                      [  OK  ]

IPFire v2.17 - www.ipfire.org
===============================
ipfire running on Linux 3.14.43-ipfire-multi armv7l
ipfire login: root
Password:
Last login: Sat Oct 31 10:31:34 +0100 2015 on ttyS0.
No mail.

[root@ipfire ~]#

What we can see there:

dracut: Mounted root filesystem /dev/mmcblk0p3

SD card is used as default media.  SSD disk is recognized . One thing what I need is move entire system to SSD.  Boot partition cannot be moved, because Bananna need SD card at boot.

So we have to prepare our disk for it:

Prepare system (updates and necessary tools)

Prepare disk (partitioning and preparing file system)

Configure SSD as main disk for system (copy all data from SD )

Now it is the time to prepare machine for backup.

Updating IPFire and installing nano, rsync

[root@ipfire ~]# pakfire update
gpg: checking the trustdb
gpg: no ultimately trusted keys found
CRYPTO WARN: The GnuPG isn't configured corectly. Trying now to fix this.
CRYPTO WARN: It's normal to see this on first execution.
CRYPTO WARN: If this message is being shown repeatedly, check if time and date are set correctly, and if IPFire can connect via port 11371 TCP.
server-list.db       100.00% |=============================>|    1.25 KB
packages_list.db     100.00% |=============================>|    3.47 KB
core-list.db         100.00% |=============================>|   248.00 B
[root@ipfire ~]#
[root@ipfire ~]# pakfire install nano
meta-nano            100.00% |=============================>|   323.00 B
PAKFIRE RESV: nano: Resolving dependencies...



PAKFIRE INFO: Packages to install:
PAKFIRE INFO: nano       - 110.00 KB

PAKFIRE INFO: Total size:        ~ 110.00 KB

PAKFIRE INFO: Is this okay? [y/N]
y
nano-2.4.2-6.ipfi... 100.00% |=============================>|   99.84 KB

PAKFIRE INST: nano: Decrypting...
PAKFIRE INST: nano: Copying files and running post-installation scripts...
PAKFIRE INST: nano: Finished.

[root@ipfire ~]# pakfire install rsync
meta-rsync           100.00% |=============================>|   325.00 B
PAKFIRE RESV: rsync: Resolving dependencies...



PAKFIRE INFO: Packages to install:
PAKFIRE INFO: rsync      - 210.00 KB

PAKFIRE INFO: Total size:        ~ 210.00 KB

PAKFIRE INFO: Is this okay? [y/N]
y
rsync-3.1.1-9.ipf... 100.00% |=============================>|  202.76 KB

PAKFIRE INST: rsync: Decrypting...
PAKFIRE INST: rsync: Copying files and running post-installation scripts...
PAKFIRE INST: rsync: Finished.

1 CHECK DEVICE UUID, NAME,PARTITIONS

[root@ipfire ~]# lsblk
NAME        MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
sda           8:0    0 111.8G  0 disk
├─sda1        8:1    0  19.5G  0 part
├─sda2        8:2    0  94.1M  0 part
└─sda3        8:3    0  92.2G  0 part
mmcblk0     179:0    0   1.9G  0 disk
├─mmcblk0p1 179:1    0    60M  0 part /boot
└─mmcblk0p3 179:3    0   1.8G  0 part /

Disk was already paritioned , but you will need two paritions  sda1 as swap , and sda3 for system.

checking file type of system
 fdisk -l

Disk /dev/mmcblk0: 1.9 GiB, 1977614336 bytes, 3862528 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x00000000

Device         Boot     Start       End  Blocks  Id System
/dev/mmcblk0p1 *         8192    131071   61440   c W95 FAT32 (LBA)
/dev/mmcblk0p3         131072   3862527 1865728  83 Linux


Disk /dev/sda: 111.8 GiB, 120034123776 bytes, 234441648 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x88ade8d9

Device    Boot     Start       End   Blocks  Id System
/dev/sda1           2048  40962047 20480000  82 Linux swap / Solaris
/dev/sda2 *     40962048  41154827    96390   b W95 FAT32
/dev/sda3       41154828 234441647 96643410  83 Linu

Creating backup of SDcard with IPfire, it will prevent reinstalling of system from the beginning in case of problems.

[root@ipfire ~]# /sbin/poweroff

and create img file. For windows most popular is Win32imager .

Creating partitions on SSD disk with cfdisk

cfdisk (util-linux 2.24)

                              Disk Drive: /dev/sda
                       Size: 120034123776 bytes, 120.0 GB
             Heads: 255   Sectors per Track: 63   Cylinders: 14593

    Name        Flags      Part Type  FS Type          [Label]        Size (MB)
 ------------------------------------------------------------------------------
                            Pri/Log   Free Space                           1.05*
    sda1                    Primary   swap                             20971.52*
    sda2        Boot        Primary   vfat                                98.71*
    sda3                    Primary   ext4             [rootfs]        98962.86*








     [   Help   ]  [   New    ]  [  Print   ]  [   Quit   ]  [  Units   ]
     [  Write   ]

                      Create new partition from free space

Creating SWAP partition

[root@ipfire ~]# mkswap /dev/sda1
mkswap: /dev/sda1: warning: wiping old swap signature.
Setting up swapspace version 1, size = 20479996 KiB
no label, UUID=74f9f952-cb32-4389-a931-a2ba8f935b34

enaling swap
swapon /dev/sda1

SWAP partition can be checked with swapmon command

[root@ipfire ~]# swapon -s
Filename                                Type            Size    Used    Priority
/dev/sda1                               partition       20479996        0       -1

Preparing system partition on SSD disk , where whole system will be copied on the end.

[root@ipfire ~]# mke2fs -t ext4 -L rootfs /dev/sda3
mke2fs 1.42.6 (21-Sep-2012)
Discarding device blocks: done
Filesystem label=rootfs
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
Stride=0 blocks, Stripe width=0 blocks
6045696 inodes, 24160852 blocks
1208042 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=0
738 block groups
32768 blocks per group, 32768 fragments per group
8192 inodes per group
Superblock backups stored on blocks:
        32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
        4096000, 7962624, 11239424, 20480000, 23887872

Allocating group tables: done
Writing inode tables: done
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done

Preparing sda2 partition

[root@ipfire ~]# mkfs.vfat -n boot /dev/sda2
mkfs.vfat 3.0.9 (31 Jan 2010)

last checking 

[root@ipfire ~]# blkid /dev/sda2
/dev/sda2: SEC_TYPE="msdos" LABEL="boot" UUID="4140-4B66" TYPE="vfat" PARTUUID="88ade8d9-02"
[root@ipfire ~]# blkid /dev/sda3
/dev/sda3: LABEL="rootfs" UUID="2e6fd445-27dc-4f6a-82ab-65f7ced6c8f7" TYPE="ext4" PARTUUID="88ade8d9-03"
[root@ipfire ~]# blkid /dev/sda1
/dev/sda1: UUID="7d2facb1-9a6e-4756-8d2e-b8a9a005d5ee" TYPE="swap" PARTUUID="88ade8d9-01"

ADDING THEM TO SYSTEM /etc/fstab

 GNU nano 2.4.2              File: /etc/fstab

UUID=43A2-1205 /boot    auto defaults   1 2
#UUID=65c431cf-58ce-40fa-854b-ff3e03692b81 /        auto defaults   1 1
UUID=2e6fd445-27dc-4f6a-82ab-65f7ced6c8f7 /        ext4 defaults,noatime
0 1
# a swapfile is not a swap partition, so no using swapon|off from here
on, use  dphys-swapfile swap[on|off]  for that

                               [ Wrote 7 lines

create copy of cmdline.txt

[root@ipfire ~]# cp /boot/cmdline.txt /boot/cmdline.orig

And we can edit this file and change entry where is determined system disk sda3  it after copying data on this disk, sdcard will be used only for boot lamobo R1 . after that system will be loaded from sda3.

KVER=3.14.43 DTBSUNXI=sun7i-a20-lamobo-r1.dtb uenvcmd=if test "$board" = "panda" ;then run bootpanda; else run bootsunxi; fi; bootpanda=setenv initrd_high 90000000; fatload mmc 0:1 0x82000000 zImage-ipfire-multi; fatload mmc 0:1 ${fdtaddr} dtb-${KVER}-ipfire-multi/${fdtfile}; setenv bootargs video=800x600 console$ bootsunxi=setenv fdt_high ffffffff; fatload mmc 0:1 0x46000000 zImage-ipfire-multi; fatload mmc 0:1 0x49000000 dtb-${KVER}-ipfire-multi/${DTBSUNXI}; fatload mmc 0:1 0x49100000 uInit-ipfire-multi; setenv bootargs console=ttyS0,115200n8 rootwait root=/dev/sda3 rootfstype=ext4 rootwait; bootz 0x46000000 0x49100000 0x49000000;

Mount drives via web console sda2 as boot, sda 3 as  sda3 , sdcard paritions

mmcblk0p1 as sdboot.

Crete copy sd>SSD of boot and system parition

[root@ipfire ~]# rsync -axv /mnt/sdboot /mnt/boot

[root@ipfire ~]# rsync --exclude-from=/mnt -axv / /mnt/sda3

And some conclusions on the end. When I tried to edit cmdline.txt via console  ,  ipfire would not boot. It stooped in emergency mode. I’ve lost some time to figure what is going on, and I edited file in notepad++ in Winows. And voala! It worked.