LEAF Documentation
   Next

LEAF Documentation

Abstract

This is a comprehensive set of documentation for current LEAF releases/branches.

A pdf version is available for printing and off-line reading.

Table of Contents

Bering Installation Guide
1. About LEAF "Bering"
What is the LEAF "Bering" distribution ?
Why Bering ?
Feedback
Acknowledgments and thanks
Bering download areas
Bering support
2. LEAF "Bering" Changelog
Current version: 1.2 - May, 11 2003
Version: 1.1 - February,16 2003
Version: 1.0-stable - November,14 2002
Version: 1.0-rc4 - October,20 2002
Version: 1.0-rc3 - June,16 2002
Version: 1.0-rc2 - April,22 2002
Version: 1.0-rc1 - March,16 2002
Version: beta4 - February 2002
Version: beta3 - February 2002
Version: beta2 - January 2002
Older versions
3. Available packages on the LEAF "Bering" floppy
The LEAF "Bering" floppy disk content
Description
4. Installation - step 1: download the distribution
Linux users
Windows users
5. Installation - step 2: download the modules
6. Installation - step 3: Add/remove the (un)needed packages and modules
Removing unneeded packages
Edit the syslinux.cfg file
Removing unneeded modules
Adding a new package
Adding extra modules in /lib/modules
Adding extra modules in /boot/lib/modules
7. Installation - step 4: configure your keyboard
8. Installation - step 5: configure your network
interfaces file (/etc/network/interfaces)
network options file (/etc/network/options)
hosts IP addresses (/etc/hosts)
hostname (/etc/hostname)
resolv.conf (/etc/resolv.conf)
Super server daemon configuration (/etc/inetd.conf)
hosts.allow (/etc/hosts.allow)
hosts.deny (/etc/hosts.deny)
network (/etc/network)
9. Installation - step 6: configure Shorewall
10. Installation - step 7: configure your system
Master LRP settings (/etc/lrp.conf)
POSIXness setting (/etc/POSIXness.conf)
File system mounts (/etc/fstab)
Lowest level boot-up configuration (/etc/inittab)
System wide profile (/etc/profile)
Ports root is allowed to login to (/etc/securetty)
System logging configuration (/etc/syslog.conf)
Service name to number translation (/etc/services)
11. Information on packages provided on the Bering floppy disk
bridge.lrp
dhcpd.lrp
dnscache.lrp
etc.lrp
initrd.lrp
iptables.lrp
keyboard.lrp
local.lrp
log.lrp
modules.lrp
ppp.lrp
pppoe.lrp
pump.lrp
root.lrp
shorwall.lrp
ulogd.lrp
weblet.lrp
12. Information on packages provided in the Bering packages download area
dhclient.lrp
dhclt3.lrp
dhcpcd.lrp
dhcpd3.lrp
dhcrel3.lrp
ebtables.lrp
etherw.lrp
ipsec.lrp
ntpdate.lrp
ntpsimpl.lrp
pcmcia.lrp/pcmcia_hostap.lrp/pcmcia_orinoco.lrp/pcmcia_wlan.lrp/pcmcia_xircom.lrp
pcmutils.lrp
pppatm.lrp
pptpd.lrp
vlan.lrp
qos-htb.lrp
tc.lrp
wireless.lrp and wireutil.lrp
wlan-ng.lrp
Bering-uClibc Installation Guide
1. Bering-uClibc preface
Overview
Contributions and Feedback
2. About Bering-uClibc
What is Bering-uClibc?
Why Bering-uClibc?
Available images
Sourcecode
Acknowledgement
3. Available packages on the LEAF Bering-uClibc floppy
The LEAF Bering-uClibc floppy disk content
Description
4. Download the distribution
Linux users
Windows users
5. The modules package and tarball
6. Adding and removing packages
Objective
Bering-uClibc 2.2 and above
Introduction
Changes in syslinux.cfg
Configuring leaf.cfg
Additional capabilities of leaf.cfg
Bering-uClibc 2.0 and 2.1
7. Configure your keyboard
8. Configure your network
interfaces file (/etc/network/interfaces)
network options file (/etc/network/options)
hosts IP addresses (/etc/hosts)
hostname (/etc/hostname)
resolv.conf (/etc/resolv.conf)
Super server daemon configuration (/etc/inetd.conf)
hosts.allow (/etc/hosts.allow)
hosts.deny (/etc/hosts.deny)
network (/etc/network)
9. Configure Shorewall
10. Choosing the preferred editor
11. Using Bering-uClibc with an IDE harddisk or CD-ROM drive
initrd.lrp
Create a bootable CD-ROM
Introduction
Step1 Create a bootable 1,44MB floppy
Step 2: Create the CD
Step 3: Adding packages and backup configuration
Create a bootable HD
Bering-uClibc 2.1 and earlier versions
Bering-uClibc 2.2 and later versions
Using pxeinstall.tgz
Introduction
Requirements
General description of the PXE boot sequence
Configuration
Booting via PXE
Setting up the new system
Supported network cards
Create a bootable IDE-CF
Booting from an onboard IDE-CF system
Booting from a PCI-IDE CF system
Credits
Links
Building a LEAF CD-ROM
12. Using Bering-uClibc with an prefabricated USB HDD image
Preface
Bootable USB HDD
Initial preparations
This is how you do it
13. Using dnsmasq
Objectives
Load dnsmasq package
Configure dnsmasq dns forwarder
Using dnsmasq with ppp/pppoe
Using dnsmasq with dhcpcd
Using dnsmasq with static ip
Using dnsmasq with pump
Using dnsmasq as dhcpd server
Configure dnsmasq dhcpd
Configure shorewall for dhcpd
14. Serial Modem configuration
Objectives
Step 1: declare the ppp package
Step 2: declare the ppp modules
Step 3: configure ppp
Step 4: configure your interfaces file
Step 5: configure Shorewall
Step 6: Make the connection persistent (optional)
Step 7: reboot...
ppp-filter.lrp
15. PPPoE configuration
Objectives
Step 1: Declare the ppp and pppoe packages
Step 2: Declare the ppp and pppoe modules
Step 3: Configure ppp
Step 4: Configure pppoe
Step 5: Configure your interfaces file
Step 6: Configure Shorewall
Step 7: Reboot...
An example: a PPPoE connection with a two PCMCIA cards setup
16. PPTP/PPPoA configuration
Objectives
Step 1: declare the ppp and the pptp packages
Step 2: declare the ppp modules
Step 3: configure ppp
Step 4: configure your interfaces file
Step 5: configure Shorewall
Step 7: reboot...
17. PPPoA configuration
Objectives
Step 1: declare the pppoatm package
Step 2: declare the ppp and pppoatm modules
Step 3: configure pppoatm
Step 4: configure your interfaces file
Step 5: configure Shorewall
Step 7: reboot...
18. Timezone in Bering-uClibc
Setting the timezone
Examples for TZ values
Specification of the TZ variable
19. Webconf Configuration
Objectives
Step 1: Install the packages
Step 2: Configure mini-httpd
Step 3: Reconfigure Shorewall (Optional)
Step 4: Remove sh-httpd (Optional)
Step 5: Test It
Step 6: Remove Weblet, make Webconf standard (Optional)
Step 7: Install additional plugins (Optional)
Dachstein Installation Guide
1. Conventions, Downloads, and ChangeLog
Conventions
Downloads
ChangeLog
2. Anatomy of a Dachstein Firewall
The Dachstein Floppy-Only Disk
The Dachstein CD
The Dachstein CD Boot Disk
The Booted Operating System
3. Linux Primer
The Lrcfg Script
File and Directory Attributes
Getting Around in the File System
Copying, Renaming and Deleting Files and Directories
Mounting and Unmounting Floppy Disks
Setting a Password
Rebooting the Firewall
Editing Files
4. Preliminary Installation
Preparing the PC
Verify System Requirements
Removing Unnecessary Components
Laptop Installation
Configuring the Network Adapters
Preparing the Disk
Floppy-only Distribution
Dachstein CD Distribution
Fill Out the Network Information Sheet
Initial Configuration
5. Adding Features to the Working Firewall
Modify your Firewall for a Static External IP Address
Modify your Firewall for a Static Internal IP Address
6. Firewall Operation
7. Modifying Your Existing Firewall
A. Backing Up
Backing Up the Firewall
Backing Up the Ramdisk
Other Options
Complete Example
Backing Up the Boot Disk
B. Resources
Web Sites (software and reference)
Learning More About Linux and Routing
List Servers
Books
HOWTO Documents
Subnet Calculators
C. Network Information Sheet
D. Laptop-Specific Issues
Preparing the PC
Configuring NICs
NIC Selection
Preparing the Disk
Initial Configuration
Bering User's Guide
1. Structure of the document
Overview
Contributions and Feedback
Changelog
2. Serial Modem configuration
Objectives
Step 1: declare the ppp package
Step 2: declare the ppp modules
Step 3: configure ppp
Step 4: configure your interfaces file
Step 5: configure Shorewall
Step 6: Make the connection persistent (optional)
Step 7: reboot...
3. PCMCIA configuration
Objectives
Step 1: declare the ppp and the pcmcia packages
Step 2: declare the ppp modules in modules.lrp
Step 3: configure ppp
Step 4: configure pcmcia
Step 5: configure your interfaces file
Step 6: configure Shorewall
Step 7: reboot...
4. PPPoE configuration
Objectives
Step 1: declare the ppp and pppoe packages
Step 2: declare the ppp and pppoe modules
Step 3: configure ppp
Step 4: Configure pppoe
Step 5: configure your interfaces file
Step 6: configure Shorewall
Step 7: reboot...
An example: a PPPoE connection with a two PCMCIA cards setup
5. PPPoA configuration
Objectives
Step 1: declare the pppatm package
Step 2: declare the ppp and pppoatm modules
Step 3: configure pppatm
Step 4: configure your interfaces file
Step 5: configure Shorewall
Step 7: reboot...
6. PPTP/PPPoA configuration
Objectives
Step 1: declare the ppp and the pptp packages
Step 2: declare the ppp modules
Step 3: configure ppp
Step 4: configure your interfaces file
Step 5: configure Shorewall
Step 7: reboot...
7. Configuring an USB Speedtouch modem for Bering
Objectives
Step 1: declare the ppp.lrp and speedtch.lrp packages
Step 2: declare the necessary modules
Step 3: configure speedtch and ppp packages
Step 4: configure your interfaces file
Step 5: configure Shorewall
Step 6: reboot...
8. Configuring an USB Eagle modem for Bering
Objectives
Step 1: declare the ppp.lrp and eagle.lrp packages
Step 2: declare the necessary modules
Step 3: configure eagle and ppp packages
Step 4: configure your interfaces file
Step 5: configure Shorewall
Step 6: reboot...
Getting connected with PPPoE
A special appendix for French users...
9. ISDN Configuration
Objectives
Step 1: Download and declare the isdn.lrp package
Step 2: download the isdn.o and the appropriate hisax.o modules
Step 3: declare the ISDN modules
Step 4: configure ISDN
Step 5: configure your interfaces file
Step 6: configure Shorewall
10. Creating a bootable Bering CD-ROM
Objectives
Step 1: preparing the distro
Step 2: downloading the required packages
Step 3: preparing the Bering CD-Rom content
Step 4: making the CD
Support
Thanks to...
11. Booting Bering from different boot-media
Objectives
The single floppy drive setup
The two-floppy drives setup
Booting from an IDE device
Booting from a CD-Rom with isolinux
Partial backup of packages to/from floppy
12. Installing and booting Bering from a M-Systems DiskOnChip
Objectives
Step 1: prepare the boot floppy
Step 2: configure Bering for DoC booting
Step 3: prepare the DoC
Step 4: reboot
Thanks to...
13. Booting and installing Bering using PXE
Description of and uses for PXE
About pxe.lrp
Step 1: prepare your Bering PXE distro
Setup your server
Setup your client
14. Using GRUB as an alternative boot loader for Bering
Create a partition on your disk
Step 2: Format your partition
Step 3: Copy the grub files on the CF
Step 4: Install grub files on the CF
15. Wireless and orinoco drivers
Objectives
Step 1: declare the appropriate packages
Step 2: declare the appropriate modules
Step 3: configure ppp
Step 4: configure pcmcia and wireless
Step 5: configure your interfaces file
Step 6: configure Shorewall
Tips and tricks
16. Securing a wireless network with openvpn
Objectives
Step 1: declare the appropriate packages and modules
Step 2: configure openvpn
Step 3: configure Shorewall
Step 3: configure your linux wireless clients
Useful references
17. IPSec configuration
Objectives
Step 1: load ipsec or ipsec509 package
Step 2: generate certificates with openssl
Step 3: boot Bering and move certificates into place
Step 4: configure ipsec.conf
Step 5: configure ipsec.secrets
Step 6: configure Shorewall
Step 7: configure Windows 2000 client
18. Monitoring Bering through a terminal console
Objectives
Step 1: Modify /etc/inittab and /etc/securetty files
Step 2: Modify your syslinux.cfg file
Step 3: reboot...
19. Time in Bering
Objectives
Define your timezone
Set the system date/time
Edit the contents of /etc/timezone (optional)
Activate daily clock updating (optional)
Internal network NTP clients
Miscellaneous
20. The Bering "mail" and "cron" facilities
Objectives
The mail command
Cronjobs
21. Configuring Bering as a bridge
Objectives
Step 1: declare the bridge package
Step 2: declare the bridge module:
Step 3: Configure the bridge system
Step 4: Check if the bridge is working properly
Step 5: Using the utilities:
22. Managing QoS with Bering
Credits
Introduction
Step 1: declare the qos-htb package
Step 2: declare the netfilter modules:
Step 3: Check the whole stuff manually
Step 4: Configure qos-htb
Step 5: Save Configuration of qos-htb
Troubleshooting:
Shorewall notice
23. Creating a Print Server on your Bering machine
Objectives
Prerequisites
Configure the system to print
Test your setup
Configuring clients to print
Troubleshooting
Further Information
Bering-uClibc User's Guide
1. Structure of the document
Overview
Contributions and Feedback
2. Using Dropbear
Objectives
Step 1: Load the dropbear package
Step 2: Generate the keys
Step 3: Set root password
Step 4: Check Shorewall rules
Step 5: Finishing up
Miscellaneous
3. ez-ipupdate configuration
About ez-ipupdate
What is ez-ipupdate?
Feedback
Declare the ezipupd.lrp package
Configuring ez-ipupdate
Using ez-ipupdate
Through dhclient exit-hook script
Through ppp /etc/ppp/ip-up script
Configure shorewall
4. Configuring IPv6
Introduction
IPv6 support in Bering-uClibc
What can be found in this document
IPv6 configuration
Objectives
Prerequisites
Step 1: Declare the ipv6 module
Step 2: Declare the ipv6 packages
Step 3: Configure IPv6 addresses
Step 4: Configure the Router Advertisement daemon
Step 5: Check if the router is working properly
Step 6: Configure a 6to4 tunnel
Step 7: Configure Shorewall
Step 8: Configure the local network
Step 9: Configure 6wall, the IPv6 firewall
Tips and tricks
IPv6 (enabled) applications
Overview
ping6 & netstat
radvd
ip6tables
6wall
dnscache & tinydns
inetd
pppd
snmpd
sshd
5. freenet6.lrp - access for tunnel broker freenet6
Introduction
Declare the freenet6.lrp package
Obtain an (authenticated) tunnel or a whole subnet
Configure freenet6
Configure the firewall
Configure shorewall
Configure 6wall
Using radvd
Manual or automatic radvd configuration
Automatic radvd configuration
Manual radvd configuration
6. Managing Certs with tinyca
Introduction
Getting started
Create a Certificate
Exporting everything
7. Configuring openvpn
Introduction
Objectives
Overview of the setup described here
About openvpn
Loading the packages
Loading the modules
Generating keys
Setup for key generation on your Bering-uClibc box
Build your own Root Certification Authority (CA) certificate/key
Build Diffie-Hellmann parameters
Build the server key
Build the client key(s)
OpenVPN server side
OpenVPN server configuration
Configure shorewall on the openvpn server
Starting the OpenVPN server
OpenVPN clients
OpenVPN client configuration
Configure shorewall on an OpenVPN client
Starting the OpenVPN client
Links
OpenVPN links
OpenSSL tools and hints to how to create your own Certificates
8. Configuring openswan(ipsec)
Introduction
Objectives
Overview of the setup described here
About openswan
Loading the packages
Loading the modules
Generating keys
Configuration
ipsec.secrets
ipsec.conf
Starting Openswan
Links
Openswan links
9. Zebra configuration
Overview
Configuring Zebra
Configuring Zebra with telnet
Links
10. Using SNMP and RRD to monitor your LEAF system
Introduction
Objectives
Overview of the setup described here
About Net-SNMP
About RRDTool
Configure the LEAF system
Load netsnmpd package
Configure the snmp daemon
Configure the RRD machine
Prerequisites
Collecting and storing performance data
Retrieving and presenting performance data
11. Using keepalived with LEAF Bering-uClibc
Objectives
Load the keepalived and additionally required packages
Configuration
Troubleshooting
Links
12. Configure Universal Plug-N-Play IGD services
Overview of UPnP
Firewalling UPnP
Installation
Shorewall integration
13. LEAF for the pcengines WRAP
The challenge
PCengines WRAP Hardware
The problem area
Analysis
Keyboard controller jammed messages
Enable reboot without use of the the keyboard controller
syslinux.conf
The solution
Bering uClibc
Bering
14. Revision history
Version 0.11
Version 0.10
Version 0.9
Version 0.8
Version 0.7
Version 0.6
Version 0.5
Version 0.4
Version 0.3
Version 0.2
Version 0.1
Bering Developer's Guide
1. Compiling the Bering kernel
Compilation environment
A special note for the users of the Debian/Woody virtual machine
Downloading the necessary files
Applying Bering patches
What are those patches ? Do I need them ?
Compiling your Bering kernel
Tune-up your own kernel ! (experienced users)
Bering-uClibc Developer Guide
1. Development
Recommended Reading
Building the kernel
Building uClibc
Building busybox
Building sources and libraries against uClibc
Building a LEAF package from the compiled sources
LEAF packages
initrd.lrp
2. Compiling code for Bering uClibc using Buildtool
Introduction
What is buildtool?
Why bother?
Installation
CVS checkout
Initial configuration
Toolchain download/build
Buildtool usage
Options
Getting information about the sources that can be built
The difference between sources and packages
Downloading the sources for a package
Compiling the sources for a package
Creating buildtool sources/packages
Overview
Step by step guide to creating a simple config
Buildtool reference
Buildtool Tips and FAQ
What you find here
undefined reference to '__libc_start_main'
buildenv not building with gcc 4.0
3. Creating lrp packages with buildpacket
Introduction
Step by step guide to setting up the configuration for hdsupp.lrp
Configuration
Includes
Version
Revision
Skeleton
Permissions
Owner
Packagename
Packagetype
Initrdsize
Help
Contents
File
Config settings in buildtool.cfg
Creating packages
Options
4. Webconf Architecture How To
Introduction
What is webconf?
Installation
Getting webconf installed and running
Building Your Own Webconf Plugin
.webconf files
The Configuration Scripts (.cgi)
Haserl Basics
Webconf Helper Functions
Packaging Your Own Webconf Plugin
Package as a LWP
Package as a LRP
Recommendations
Oxygen Developer's Guide
1. Reading Material
2. The LEAF Project
Current LEAF Distributions
How Does the LEAF Distribution Used Affect Development?
3. Creating a Development Environment for LRP
4. Writing or Compiling Programs for LRP
Common Problems
LRP and C Libraries
Why Not Use glibc 2.1.x with LRP?
Why Not Use glibc 2.2.x with LRP?
Standard Libraries Included with LRP
Adding Additional Libraries to LRP
Upgrading or Replacing Libraries in LRP
Compiling for LRP
C Libraries and the Linux Kernel
Compiling with Red Hat Linux 6
Compiling for LRP with Any Distribution
Problem Solving
Scenario #1: Echo Security Scanner
Scenario #2: axfer
5. Using Floppy Disks
Large Nonstandard Floppy Disk Device Files
Creating a Large Floppy Disk
Creating a Disk Image on Disk
Verifying a Disk
Tricks to Gain Even More Space on a Floppy
Preparing a Large Floppy Disk for Booting with LRP
Warnings about Large Floppy Disks
Common Floppy Disk Problems and Their Solutions
Problem: I/O Errors on Mount
Problem: Many I/O Errors on Sectors 19 and 20
Problem: Minix Filesystem Not Found
Problem: root.lrp Fails to Load
Problem: Unable to mount root fs
6. Making a Bootable LRP CDROM
Important Considerations
Creating a CDROM Boot Image
Getting Packages From CDROM
7. Creating Packages for LRP
8. The LRP Boot Process
Syslinux
Linux Kernel
Linuxrc
/sbin/init
/etc/init.d/rc
/sbin/getty
9. Compiling the Linux Kernel for LRP
Kernel Modules
Specifying the Root Volume
Compiling Linux 2.0
Compiling Linux 2.4
Bridge Patch
Important Notes About Compiling a New Kernel
10. Booting with an Unpatched Linux Kernel
A. GNU Free Documentation License
PREAMBLE
APPLICABILITY AND DEFINITIONS
VERBATIM COPYING
COPYING IN QUANTITY
MODIFICATIONS
COMBINING DOCUMENTS
COLLECTIONS OF DOCUMENTS
AGGREGATION WITH INDEPENDENT WORKS
TRANSLATION
TERMINATION
FUTURE REVISIONS OF THIS LICENSE
I. HOWTO
6wall User Guide
About 6wall
What is 6wall?
Limitations
Feedback
Acknowledgments and Thanks
Changelog
Getting started
Reading up
Installing the 6wall.lrp package
Configuring 6wall
Overview
Zone defintions
Interface definitions
Policy definitions
Rule definitions
Finishing up
Controlling 6wall
Overview
Starting and stopping
Information and status
Dynamic blacklisting
Further information
Reference
Components
/etc/6wall/params6
/etc/6wall/zones6
/etc/6wall/interfaces6
/etc/6wall/hosts6
/etc/6wall/policy6
/etc/6wall/rules6
/etc/6wall/common6.def
/etc/6wall/6wall.conf
/etc/6wall/modules6
/etc/6wall/blacklist6
/etc/6wall/sitelocal
Hard Disk HOWTO
Introduction
Copyright and License
Disclaimer
Conventions
Useful LRP related links
The basics
Method 1: Booting LRP from a hard disk
BEFORE YOU GET STARTED
GETTING STARTED
INSTALLING THE SOFTWARE
CONFIGURING THE SOFTWARE
BOOTING FROM THE HARD DRIVE
SOMETHING WENT WRONG
MIGRATING FILES FROM AN EXTENDED CAPACITY FLOPPY DISK
Method 2: Mounting a Hard Disk at runtime
BEFORE YOU GET STARTED
GETTING STARTED
MAKING A PARTITION
FORMATTING THE PARTITION
USING YOUR HARD DRIVE
REBOOTING THE SYSTEM
SOMETHING WENT WRONG
Advanced Procedures: Using SCSI/RAID or other devices
OVERVIEW
BEFORE YOU GET STARTED
PRELIMINARIES
ADDING BOOTSTRAP MODULE SUPPORT
FINISHING UP
NOTES
TESTING
Advanced Procedures: Running with root on a HDD
Adding a kernel module
Mrtg logging for Dachstein/LEAF
Introduction
Copyright and License
Disclaimer
Feedback
Scope
Concept
Prerequisits
Files Needed
Documentation Recommended
Information Needed
Install and Configure
Adding snmp to Dachstein
Configuring for snmpd on Dachstein
Install mrtg on server
Configure mrtg on server
Run mrtg
View mrgt files via server’s web server
Dial-in Server HOWTO
Introduction
Copyright and License
Disclaimer
Credits / Contributors
Feedback
Preface
Needed Modules and Packages
Setting up the system's dial-in user
Modem Configuration
PPP Configuration
PPP user authentication
PPP connection settings
Router settings
Sample '/etc/ppp/ppp.options' file
FINAL NOTES
References
PROXY-ARP HOWTO
Introduction
Copyright and License
Disclaimer
Credits / Contributors
Feedback
When should I use proxy-arp?
Explanation of proxy-arp
Example
Picture of Example
Explanation of Example
How to setup the filtering/firewalling
Dachstein Configuration
Bering using Shorewall Configuration
The Routing Table
Finishing up the configuration
References
I. Reference Pages
busybox — The Swiss Army Knife of Embedded Linux
sh — command interpreter (shell)
   Next
   Bering Installation Guide