A few things. If the driver is propriety, you're on your own. Ask your vendor. If possible, tell him how usefull Open Source is (www.opensource.org). If you have the source, you can patch it into the kernel (see howtopatchkernel) If the source is GPL or BSD licenced, try and get it into the official tree, so you or we don't have to keep manually patching it. Encourage your vendor to do so, but act as middleman to the Linux community. you knwo it better then the vendor.
With a 1.44mb disk, things will not fit, but you can if you are using something bigger. You need to change the boot loader, and fiddle with some scripts.
Yes, edit syslinux.cfg and change /dev/fd0 to the approrpiate value (eg /dev/hda1 for C:, /dev/hdb1 for first drive on second IDE, /dev/sda1 for first SCSI drive etc. See any Linux book about boot drives for more info)
Also see: DiskOnChip ATA/IDE emulation
Read the appropriate Linux Kernel howto, then patch the kernel with the current patches for LRP (they are normally within the kernel version tree on the ftp site). One way of patching is:
cd /usr/src/linux patch -p1 -s < patchfile.diff
The general rule of thumb: First untar the kernel and apply any official patches. Then apply pre-patches if appropriate. Then apply the LRP patches. Then apply the vendor specific patches.
Don't underestimate the manual work you'll find you have to do. If you give up, send Dave a postcard for fixing all the diffs for you :)
Do NOT use the kernel source RPM's from RedHat. They're often customized and you have no clue what has been patched in and what hasn't been patched in. Ftp a virgin kernel from a real kernel.org mirror.
first, why not just add
IF6="eth0:0" together with the other *6 fields (if you need so many of course) and add some more testlines afterwards ?
Second, I guess the stock lrp-kernel is not compiled with ip_alias, is it ? I had to do my own, and included it both in the kernel or as a module. Works very good. Have you added ip_alias in the /etc/modules file ?
(paul: check LRP .config file)
Sure is. Try the module generator at www.linuxrouter.org/modmaker/.
Edit the init configuration through the menu or manually at /etc/inittab. Look at the sample serial console entry. don't forget to remove the # for the line you're going to use.
Syslinux is considered the default boot loader, and it is easiest to maintain and can be installed from either DOS or Linux. With version 1.32+ it will also handle FAT16 formatted devices (LS-120, ZIP, HD). However I have not yet been able to get it is to work from a partition. (it wants the entire device) LILO is also known to work. It can work with file systems besides FAT and on a partitioned device, but is difficult to deal with, and requires Linux to install it. GRUB would make a nice solution but as of v0.4 it does not support Linux initrd loading, and will not work. v0.5 is due to include initrd support. When that version is released it will be tested.
Currently is uses the latest pre kernels based on the Alan Cox tree. Some experiments with 2.1 kernels is also on its way.
Sure. LRP is based on a boot medium insensitive scheme. Even though the typical install is a 1.44MB floppy, anything that linux can boot and mount can be used. The trick, of course, is the former, and may require detailed linux boot loader knowledge to get it to boot. The doc about booting 'Higher' Density formatted disks with Linux may be of some help to you.
First of all, see the Radius and portslave sections if you think you need to add users just to provider dailin connectivity If not, then the following answer might help:
Edit /etc/passwd, copy the first line. Edit all 0's into 1's (or 2's) and rename "root" to the username. Then go buy a book about Linux.
A very experimental open issue, hopefully soon to be completely resolved. Try an diald.lrp from the incoming dir in linux-router-devel, or try the latest LRP's with the new ppp package with inbuilt diald on demand.
Yes. Normal higher formats as well as some 2m formats will work. See the doc about booting 'Higher' Density formatted disks with Linux. A problem with these disks is there is no way to accuratly determine their size. For LRP to be able to mount these disks, you must edit /var/lib/lrpkg/root.mount. Change fd0 to the correct size, IE fd0u1680, fd0u1840, etc.
There are various programs that can read a floppy disk to file. But you can also use LRP itself. For example:
dd if=/dev/fd0 of=mybackuplrp (change disk and reverse of and if)
or
Boot the LRP disk on your system. Mount a fat IDE partition/LS-120/etc. (mount -t msdos /dev/hda1 /mnt/)
or Use the ramdisk, and use tftp or scp to get the file off.
cat /dev/boot > /mnt/myimage.bin
dd bs=512 <//dev/boot >/mnt/myimage.bin
But it's trivial to just keep all the *.lrp files, and your syslinuc.cfg file. With those, and the syslinux.exe you can always make a new disk/
paul: add netmask explanation
Yes, there is a cron daemon, but no "user end" crontab utilities. See the files /etc/cron*
To activate the changes, use : svi cron reload
Policy routing and other 2.1 featurisms:
uhm. Check out this doc.
LRP supports whatever Linux supports. If you want some non stock hardware support, ask one of the LRP developers. Note that GPL licence drivers are likely to be included (either in LRP or stock Linux) but propriety, copyrighted trademarked, patented binary only things are up to you yourself.
We might want to try and add something like Isinglass
Here is an example from Tim Gladding,
I went through hell trying to find a decent balance between useability and security.. so here is my setup, assuming:
eth0 - the outside world interface eth1 - 193.82.159.* (sub-split in to 0-127, 128-191) eth2 - 193.82.159.192-255
------------------------------------------------------------------------
#!/bin/sh
# Set the default policies /sbin/ipfwadm -I -p deny # Deny all inbound traffic /sbin/ipfwadm -O -p accept # Allow out outbound traffic /sbin/ipfwadm -F -p accept # Allow all forwarding rules (none so far)
# Reset to known state, flush everything (except policy) /sbin/ipfwadm -I -f # flush existing input rules /sbin/ipfwadm -O -f # flush existing output rules /sbin/ipfwadm -F -f # flush existing forwarding rules
# Prevent loopback spoofing /sbin/ipfwadm -I -a deny -o -W eth0 -S 127.0.0.0/8 /sbin/ipfwadm -I -a deny -o -W eth0 -D 127.0.0.0/8 /sbin/ipfwadm -O -a deny -o -W eth0 -S 127.0.0.0/8 /sbin/ipfwadm -O -a deny -o -W eth0 -D 127.0.0.0/8
# Prevent flood ping attacks /sbin/ipfwadm -I -a deny -o -P icmp -S 0/0 8 -D 255.255.255.255/32
# Prevent all Internet hosts from pinging the local network broadcast addresses /sbin/ipfwadm -I -a deny -P icmp -S 0/0 8 -D 193.82.159.127/32 /sbin/ipfwadm -I -a deny -P icmp -S 0/0 8 -D 193.82.159.191/32 /sbin/ipfwadm -I -a deny -P icmp -S 0/0 8 -D 193.82.159.255/32
# Allow anyone to ping us normally - we'll give them at least that. /sbin/ipfwadm -I -a accept -P icmp
# Unprotect 193.82.159.192-255, allow anything through. /sbin/ipfwadm -I -a accept -S 193.82.159.192/26 /sbin/ipfwadm -I -a accept -D 193.82.159.192/26
# Allow hr-net machines to send packets between each other /sbin/ipfwadm -I -a accept -S 193.82.159.0/255.255.255.0
# Allow upstairs machines access to everything /sbin/ipfwadm -I -a accept -S 193.82.131.84 -D 193.82.159.0/24 /sbin/ipfwadm -I -a accept -S 193.82.131.86 -D 193.82.159.0/24 /sbin/ipfwadm -I -a accept -S 193.82.131.87 -D 193.82.159.0/24 /sbin/ipfwadm -I -a accept -S 193.82.131.88 -D 193.82.159.0/24
# Allow pangaea to access redoubt /sbin/ipfwadm -I -a accept -P tcp -S 193.82.159.2 -D 193.82.159.1 23
# Allow the world to view these services on pangaea # 2401 = cvs, 25 = smtp, 53 = dns, 110 = pop3, 119 = news # dns is udp as tell as tcp, allow both. /sbin/ipfwadm -I -a accept -P tcp -D 193.82.159.2 2401 25 53 110 113 119 /sbin/ipfwadm -I -a accept -P udp -D 193.82.159.2 53
# Allow the world to view these services (smtp, http) on phoenix /sbin/ipfwadm -I -a accept -P tcp -D 193.82.159.3 25 80
# Allow the world to view the virtual web servers, but deny pangaea /sbin/ipfwadm -I -a deny -P tcp -D 193.82.159.2 80 /sbin/ipfwadm -I -a accept -P tcp -D 193.82.159.0/255.255.255.0 80
# Block AMANDA to everyone but hr-net machines /sbin/ipfwadm -I -a accept -P tcp -S 193.82.159.0/24 -D 193.82.159.0/24 10082 10083 /sbin/ipfwadm -I -a accept -P udp -S 193.82.159.0/24 -D 193.82.159.0/24 10080 /sbin/ipfwadm -I -a deny -P tcp -D 193.82.159.0/24 10082 10083 /sbin/ipfwadm -I -a deny -P udp -D 193.82.159.0/24 10080
# Allow un-priviledged port connections from anywhere providing they # are coming from a priviledged port on the remote machine. # (this is important - you can't make outgoing connections without it) /sbin/ipfwadm -I -a accept -P tcp -S 0/0 1:1023 -D 193.82.159.0/24 1024:65535 /sbin/ipfwadm -I -a accept -P udp -S 0/0 1:1023 -D 193.82.159.0/24 1024:65535
Yes, you'll need shaper support (traffic shaper) which is available for 2.0 and 2.1 kernels. (Is this enabled in LRP?)
See Alan's ftp site.
What is needed? shapercfg? where?
Edit /etc/syslogd.conf
(Is there a menu item for this?) and make it like this:
*.* @some.host *.* /dev/console
/dev/console
entry.
Here's a script you might use and/or tweak. Additions welcome
# Note: when using this, don't add ip_masq_* to the modules conf file. Order is important, cause ipautofw can be an ip_masq module if [ -e /proc/net/ip_masquerade ] then echo -n "Masquerading support detected, loading modules:" for i in /lib/modules/`uname -r`/ipv4/ip_masq* do MMOD=`echo $i|sed "s/.*\(ip_masq_.*\)\.o.*$/\1/"` insmod $MMOD echo -n $MMOD echo -n " " done echo "" else echo "No Masquerading support in kernel, skipping masquerading modules" fi if [ -e /proc/net/ip_autofw ] then /sbin/ipautofw -F echo -n "IPautofw support detected, adding rules:" echo -n RealAudio /sbin/ipautofw -A -r udp 6970 7170 -c tcp 7070 else echo "No IPautofw support in kernel, skipping ipautofw rules" fi