floppyfw 3.0, a stable series of floppyfw. ---- 3.0.14 - 3.0.15 Date: 2011-07-21 - Kernel 2.4.37.11 - Siproxd 0.5.13 A new feature! Now it will attempt to save the DHCP address it got and use that one again on the next reboot. It's configured default on but can be turned off in the config file. ---- 3.0.13 - 3.0.14 Date: 2010-11-28 - Just one fix, had the wrong device named in dmw-fw.ini which made the bandwidthlimit work a bit too much, over the whole line, not the DMZ. ---- 3.0.12 - 3.0.13 Date: 2010-10-31 - You can now use VLAN automagically, just set the interface to dev.VLAN-ID like eth1.42 and it will set up a VLAN on that interface using vconfig. This should work on all interfaces. - The default DOMAIN is now empty. Set it and it will be the internal domain set by the DHCP server - Same with DMZ_DOMAIN - But, if you forgot, it will be floppyfwsecured.local - Kernel 2.4.37.10 - nc now has server (listen) support. (by request and prolly nice to have) ---- 3.0.11 - 3.0.12 Date: 2010-04-25 - 2.4.37.9 - Made a module package for realtek r8168 driver (which is alot of cards.) Should be a part of the base but no space left right now and the driver is quite buggy anyway. - hostapd was broken (too old version probably). Compiles now at least. ---- 3.0.10 - 3.0.11 Date: 2009-10-25 - Added USB serial. (Sorry folks, why have I forgotten this?) - Removed an old kernel patch from svn. ---- 3.0.9 - 3.0.10 Date: 2009-10-11 - Kernel 2.4.37.6 - Changed a few download URLs. ---- 3.0.8 - 3.0.9 Date: 2009-07-14 - Kernel 2.4.37.2 - Busybox 1.11.3 - Dropbear 0.52 ---- 3.0.7 - 3.0.8 Date: 2008-07-20 - Kernel 2.4.36.6 - Busybox 1.11.1 - Two fixes from bug report by Jay ---- 3.0.6 - 3.0.7 Date: 2008-07-07 - Kernel 2.4.36.6 - Busybox 1.11.0 - Now again with tab completion. Shame depmod doesen't work. ---- 3.0.5 - 3.0.6 Date: 2008-02-18 - Kernel 2.4.36.1 - Busybox 1.9.1 - Did a few tweaks on the config to reduce a little size. Bug me if I took away something useful. Removed; old tar format, gnu tar extensions, dd, some vi functions, Added: arp, pscan (couldn't resist), nmeter. ---- 3.0.4 - 3.0.5 Date: 2008-01-05 - Bugfix, iptables 1.3.8 didn't work out. ---- 3.0.3 - 3.0.4 Date: 2008-01-01 - Kernel 2.4.36 ---- 3.0.2 - 3.0.3 Date: 2007-11-15 - Kernel 2.4.35.4 - Dropbear 0.50 - iptables 1.3.8 - newer madwifi and wireless-tools - Added SATA modules to idemods. - Added crond - Small bugfixes from Kai-Ove. - Adding inetd so that we can use the muninlite - client easily. - muninlite package - micro_proxy package. - DMZ config changes from Kai-Ove. now it's supposed to work but it breaks older configs (which is not a good thing but had to be done and it was broken anyway :=) 3.0.1 - 3.0.2 Date: 2007-05-27 - Kernel 2.4.34.4 - busybox 1.2.2.1 - dropbear 0.49 - nanotop 2.1.1 - quagga (Please test) - Some more smaller changes. -- 3.0.0 - 3.0.1 Date: 2007-04-09 - Support for madwifi (as package) - tcpdump (also a package) - nanotop 2.1.0 - kernel 2.4.34.2, removing MCA support (mail me if it's a problem) - added via-rhine netowrk module in the base. - iptables 1.3.7 - ip_conntrack now a module and not compiled into the kernel. (Apachez wanted this so he could tweak option upon inserting.) (see: http://www.wallfire.org/misc/netfilter_conntrack_perf.txt ) -- 3.0rc2 - 3.0 Date: 2006-09-22 - Kernel 2.4.33.3 -- 3.0rc1 - 3.0rc2 Date: 2006-08-29 - Busybox 1.2.1 - Kernel 2.4.33.2 - A better Wondershaper script (Thanks to Brad Skiff) - A wsmenu package for administrating Wondershaper, available in the devkit, made by Brad Skiff. - Better DMZ configuration. (the firewalling is done in an /etc/firewall/ script.) This was done to be able to set a WLAN on the DMZ device and control how open it shall be. ports from DMZ to inside, outside and also bandwidth restriction. -- 2.99.4 - 3.0rc1 Date: 2006-06-05 - New devkit, incompatible uClibc (0.9.28) but this one does not use devfs so it should work on basically any linux distro. - Build scripts now in subversion and available. - iptables 1.3.5 - kernel 2.4.32 - Added /etc/firewall/ and a hook in firewall.ini that will run all scripts there. (Should they have pre- post- and so on?) Put this before DMZ and Wonder shaper and moved DMZ stuff in front of running Wondershaper (if it's enabled of course) - Some cleanups. - Packages for nanotop, e3 and noip provided by Kai-Ove Gran - newer and improved Wondershaper (patched by Brad Skiff) -- 2.99.3 - 2.99.4: Date: 2005-04-16 - ATM is now not supported by base kernel/modules since the bridge modules ended up depending on atm.o, which was 46K big. - And no, Ming's suggestion for strip didn't work out well but he compensated, with success, a patch to lzma compress the kernel instead of UPX'ing it. so, we are still at 1280K base, as with 2.99.3 - A few small bugfixes aswell. -- 2.99.2 - 2.99.3: Date: 2005-03-19 - usbmodules now a part of the ide initrd (for soekris, flash and iso) - iptables 1.3.1 - initrd is now squashfs, compressed with lzma. it will still end up in a tmpfs (ram). - Switched from eepro100 to e100 and added e1000 and r8169. - Managed to strip even more off the kernel modules. (Thanks Ming) - Lzma is here. I know, this was supposed to be the last beta but lzma is so good I had to add it. So, floppyfw now supports two types of packages, the .bz2 as usual and the new .ffw, which is an lzma compressed tarball. Base floppy is now under 1300K, even with all the new network modules. - A first run of hostap packages with wpa_supplicant. -- 2.99.1 - 2.99.2: Date: 2005-03-06 - fix ppp-up to set USEPEERDNS based on OUTSIDE_NAMESERVERS - Yet another devkit, this time with gcc 3.4.3 (With the downside that g++ is not a part of it) - Fixed missing packages in the soekris image. -- 2.9.13 - 2.99.1: Date: 2005-02-27 - Kernel 2.4.29 - uClibc 0.9.27 (with a new devkit) - Forgot the ethers file on iso, soekris and flash images, fixed. - Versioned the soekris and flash directories. - A few changes to the build scripts. - perl -p -i -e 's/NAME_SERVER_IP/OUTSIDE_NAMESERVERS/g' * - Removed USEPEERDNS and added the OUTSIDE_NAMESERVERS to the creation of resolv.conf as the first name servers in the file. - no more /etc/localtime but a TIMEZONE option in the config file. - module options from modules.lst are put in a modules.conf file. - iptables 1.3.0, iproute2-050124 Known issues: Somehow syslinux seems not to make bootable floppies inside the devkit. Just "make floppyimage" outside instead. The conversion to not having USEPEERDNS was not really completed. If you start on something, finish it, stupid. -- 2.9.12 - 2.9.13: Date: 2004-11-14 - Many small changes. - An attempt on making a usb/flash version. not tested at all sinve I don't have any machine that boots off usb. - I promise I shall put versions in the tarballed directories in the next version. -- 2.9.11 - 2.9.12: Date: 2004-10-31 - Forgot to add /var/lock to the add.bz2 package after removing it from the ppp package. - Moved loading of the ppp modules from modules.lst to network.ini - Added the openswan "IPSEC_NAT_TRAVERSAL" patch. - Changed the udhcpcrenew.sh to put the DHCP given domain in the search option in resolv.conf and the DOMAIN as domain. - Put fakeidentd into busybox. (seems like I'm saving whopping 5K!) And this made fakeidentd work again, even with the same code :=) - The Soekris images (tarballs) are back. - Also a floppyfw-buildscripts tarball which is the make system for building it all. -- 2.9.10 - 2.9.11: Date: 2004-10-17 - Added "-floppyfw-" as kernel extraversion. - For some reason, OUTSIDE_IP was used in the old fashion in a few places. - udhcp client now actually gets the domain name right. - changed from DHCP_DAEMON in the config file to DHCP_SERVER. - added a MODEM_INIT in the config file. - done a little more with the serial support, should hopefully work quite nice now. - iptables 1.2.11 - iproute 2.6.9 - busybox 1.0.0 - Moved from netfilters (iptables) patch-o-matic to patch-o-matic-ng - no fakeleases.sh script but added an thers file on the root of the floppy which can be used to statically map MAC to IP for the DHCP server. (new feature in busybox) - had to remove the licenses directory because of space issues. Known bugs: fakeidentd does not work (exits silently) -- Changelog: 2.9.9 - 2.9.10: Date: 2004-09-03 - Loading of the ppp modules fixed (and moved from the ppp scripts to modules.lst) - Dial on demand PPP may work. (it does with the little test I did) - fixed a but in renew-dnsmasq.sh which deleted the pidfile. (side note; new dropbear.bz package which works with this release and also openssl.bz2 and openvpn.bz2 but those two are not tested nor configured) -- 2.9.8 - 2.9.9: Date: 2004-08-29. - The problem with CAPSed modules is now fixed in a different manner. I tried to put them in a CAPS subdirectory but then it was too many subdirectories (maybe it was the FAT/ISO filesystem) but now it's a paralell subdirectory, with the postfix _CAPS - Kernel 2.4.27 (IDE modules works) - renew-dnsmasq.sh was added. - Added Wondershaper (http://lartc.org/wondershaper/) Enable it in the config file. -- 2.9.7 - 2.9.8: Date: It's possible to make it yourself using the devkit. - New devkit - uClibc 0.9.26 (supposed to be compatible with the one used on 2.9.6 and 2.9.7) -- 2.9.6 - 2.9.7: Date: 2004-03-23 Same uClibc as 2.9. 6, so packages should work. - Kernel 2.4.25 - added a "cryptpw" applet to busybox so that PASSWORD= in config, works. - Patched the kernel with patches from netfilter patch-o-matic: 59_ip_nat_h-unused-var, 60_ecn_raw_unclone iprange, cuseeme-nat, h323-conntrack-nat, iptables-loopcheck-speedup mms-conntrack-nat, pptp-conntrack-nat, quake3-conntrack rtsp-conntrack, string connlimit was planned aswell but did not work with 2.4.25 - Some of the new modules are in the base and some of the old modules are removed but kept in the modules directory. Let me know if you miss any modules from the base. - You can now just type "make" in the devkit to build a complete floppy from scratch. a few words more to make and it'll build an iso image, floppy image with pppoe and more to come. - With a patch from Matej Zagiba you can use insmod (yes, the command) with options in modules.lst lines without insmod will be modprobed as ususl. - Removed the floppyfw/ directory. right now, the add.bz2 resides in the root directory. - Ken Yap has made a "fakeleases.sh" which takes a MAC address and IP for the dhcp daemon. - ebtables and ipvs (IP Virtual Server) modules are now separate module packages and will not be a part of the base. (but ebtables modules will be a part of the bridge images of course.) - ppp and dropbear (ssh) ow fits on a 1.44M floppy. Issues: - Sine this version is made from a completely new build system there may be more issues than usual. features (or packages) may lack on release. -- 2.9.5 - 2.9.6: Date: 2003-12-31 - split basemods.bz2 into basemods.bz2 and nics.bz2 (adds about one K but makes things easier if you want to get rid of the NICs.) - But I did the exact opposite with the ppp packages. - the base ISO version now does read from the "configmedia" device (now) set in isolinux/isolinux.cfg on the CD. - made a simple /etc/profile - put the passwd and xargs applets back. - made an /etc/functions.inc for stripcr and load_fsmod (so far) - new network.ini (smaller) from Cristian Ionescu-Idbohrn - floppyfw.ini is now deprecated, the content was moved to rc.initrd - moved modules with CAPS in their name to a caps/ directory to make sure we can have all modules on a VFAT file system (aka case insensitive). - patched ppp-up with a big patch from Uwe Dipple - uClibc 0.9.24 - Kernel 2.4.23 - removed RPC from uClibc which made the library way smaller. - everything from the iproute2 packages except ip and tc is moved to a separate package. (it's basically statistics stuff). Issues: - Still not room for pppoe and dropbear on a 1.44M floppy, which is a shame. - PASSWORD (as usual, I need to find a good fix for this). - I want a hack to make udhcpd support MAC based address allocation. - hostap didn't compile cleanly. pcmcia stuff may not work properly. (it's packages anyway) Known bugs: - basemods.bz2 seems to lack quite a few modules. -- 2.9.4 - 2.9.5: Date: 2003-09-07 - Building ISO images with all modules and mounting it as a "live filesystem" - the option "configdevice" in syslinux (and CD's isolinux) for a separate device to read and copy config, firewall.ini, modules.lst and hosts from. (in case the main media is read-only, like a CD) - Serial console support is back. - the CONSOLE= option in the config file is gone. serial stuff is set up in syslinux.cfg or isolinux.cfg so it's just overhead. - Images for the Soekris NET* boxes. no special soekris kernel config. pcmcia with hostap included in the image as is all modules. - pcmcia-cs package includes wireless-tools and hostap. - removed a few applets from busybox. Issues: not sure where to put the loading of the "live" stuff. it's place in floppyfw,ini now might not be the best one. renew-dnsmasq.sh not completely implemented. IDE modules are stil an issue so there are no CMD640 support. Still no alternative to "USE_SHELL=n" but it will be some with "noconsole" in syslinux.cfg later. unmounitng initrd does not work: And BTW; the packages directory now has Dropbear, an ssh server for this release. Known bugs: Forgot to add the "configmedia=/dev/floppy/0" to the append line on the ISO image so it will not automatically check for config files on a floppy. -- 2.9.3 - 2.9.4: Date: 2003-08-31 - bridging with ebtables and iptables using bridge-ng (ebtables itself may dissapear again because of space issues but iptables will be able to filter bridged packages) - removed *_NETWORK and *_BROADCAST in the config file. ipcalc takes care of this. - added DMZ to config, network,ini and firewall.ini (you HAVE to edit firewall.ini to do anything useful at all with the DMZ) - keymap support. grab a binary keyboard definition file from the Keymaps directory and put it as the file "keymap" in the /packages directory. - rc.initrd reworked (by Ken Yap) to detect more devices. - udhcpcrenew.sh reworked by Ken Yap (and me) - ppp(oe) works again. Known issues: /initrd does not unmount PASSWORD still does not work yet, it should be left blank. DES_PASSWORD does work. -- 2.9.2 - 2.9.3: Date: 2003-07-19 - Biggest change is not visible. floppyfw does now build inside a root filesystem based on the uClibc root_fs (which again is based on uClibc buildroot). - uClibc 0.9.20 - Kernel 2.4.21 - traffic shaping - Probably a few more things aswell.. Known issues: PASSWORD still does not work yet, it should be left blank. DES_PASSWORD does work. PPP(oE) might not work (pppd seems to not compile under uClibc 0.9.20) -- 2.9.1 - 2.9.2: Date: 2003-03-09 - /bin/login implemented, PASSWOD and DES_PASSWD - uClibc 0.9.19 - udhcpd.conf.sh now writes lease and pid file ocnfiguration. - Some more stuff in firewall.ini (nicked some of http://www.sns.ias.edu/~jns/security/iptables/rules.html Known issues: PASSWORD does not work yet, it should be left blank. DES_PASSWORD does work. Yes, it is meant to be a VC with askfirst shell and not login. This is a test version. ip_nat_ftp and ip_nat_irc seems to have a problem loading itself. -- 2.9.0 - 2.9.1: Date: 2003-02-10 - uClibc 0.9.17 - Now uses Busybox init instead of simple loop at the end of floppyfw.ini - Regrouped config file. -- 2.1.0 - 2.9.0: Date: 2002-11-26 - uClibc 0.9.16 - ppp(oe) image fits in a 1.44M floppy -- 2.0.2 - 2.1.0: Date: 2002-09-22 - initrd.gz now minix - rootfs now tmpfs - binaries spread around bin/ sbin/ usr/bin usr/sbin many other smaller changes of course.