root/floppyfw/files/config.pppoe

Revision 1, 6.0 KB (checked in by root, 6 years ago)

First post
Line 
1#
2# Configuration for floppyfw
3
4# $Id: config.pppoe,v 1.3 2005/02/05 14:23:13 thomasez Exp $
5
6#
7# Fill in the blanks.
8#
9
10# For configuring of modules to use,
11# this includes the network interfaces: /modules.lst
12
13# For configuring firewall rules and incoming traffic: /firewall.ini
14# For configuring extra network interfaces you may use netwirk.ini
15
16# The default internal network is 10.42.42.* with 10.42.42.1
17# As the floppyfw internal address (and default gateway for all
18# internal machines). To change this go down to the INSIDE section.
19
20#=============================================================================
21#
22# Basic configuration:
23#
24
25# Select the type of your OUTSIDE connection:
26
27# CONNECT_TYPE=PPP      # if you use a modem
28
29CONNECT_TYPE=PPPoE      # if you use some type of DSL that uses PPPoE
30                        # (Most of them do)
31# CONNECT_TYPE=DHCP     # For getting the IP address by DHCP, often used
32                        # on cable modems.
33# CONNECT_TYPE=STATIC   # For the good old LAN connection.
34                        # (Static IP)
35
36# CONNECT_TYPE=EXTERNAL # is a hook for booting a external startup
37                        # script from a package.
38                        # the external script has to be in /etc/ext-up.init
39
40
41#
42# Some connection methods wants a userid and password, PPP and PPPoE
43# is the typical but also the EXTERNAL option may want it.
44#
45USER_IDENT=
46USER_PASSWORD=
47
48#
49# Use a DHCP server on the inside network. (This will turn on DNSMASQ aswell)
50# (Dnsmasq is a dns cache.)
51#
52DHCP_SERVER=n
53
54#
55# Password can be created in many ways. Youhave two (three) options,
56# DES_PASSWORD will accept a crypted strong
57# PASSWORD will accept a strong (the specific root password).
58
59# This will give you "ffw" as login password.
60# DES_PASSWORD=nCLm5JgCK0G5U
61PASSWORD=
62
63#
64# Done! Your floppyfw should already work by now.
65# Save this file and give it a first shot !
66#
67#=============================================================================
68#
69
70#
71# Device layout:
72#
73OUTSIDE_DEV=eth0
74INSIDE_DEV=eth1
75
76#-----------------------------------------------------------------------------
77#
78# INSIDE settings if you are using the STATIC connection option:
79#
80#
81# Your inside network, this has 10.42.42.* set as default, this is
82# addresses assigned for internal networks according to RFC 1918.
83#
84INSIDE_IP=10.42.42.1
85INSIDE_NETWORK=10.42.42.0
86INSIDE_NETMASK=255.255.255.0
87INSIDE_BROADCAST=10.42.42.255
88
89#
90# If you use the internal DHCP server and change the IP address and range
91# above you should also set the dhcp address range.
92#
93DHCP_RANGE_START=10.42.42.100 
94DHCP_RANGE_END=10.42.42.200
95
96#-----------------------------------------------------------------------------
97
98#
99# OUTSIDE settings if you are using the STATIC connection option:
100#
101OUTSIDE_IP=
102OUTSIDE_NETMASK=
103OUTSIDE_NETWORK=
104OUTSIDE_BROADCAST=
105
106#
107# Misc
108# These are not nescessary to set if you are using DHCP.
109# (The DOMAIN field might be useful to change)
110#
111DEFAULT_GATEWAY=
112
113# Name servers can be a list, separated by a space. like "1.1.1.1 1.1.1.2"
114OUTSIDE_NAMESERVERS=""
115
116# MAC address for outside nic
117# Some ISPs uses bootp style dhcp tables and some just remembers the last
118# used MAC address. this allows you to swap nics
119# OUTSIDE_MAC=00:00:e8:48:6c:cb
120
121#-----------------------------------------------------------------------------
122
123#
124# DMZ settings.
125#
126# This is just to set up the network, you have to edit firewall.ini to
127# be able to do ahything useful with this.
128#
129
130USE_DMZ=n
131DMZ_DEV=eth2
132DMZ_IP=10.42.69.1
133DMZ_NETMASK=255.255.255.0
134
135#
136# This switch (is not working yet) will turn on or off NAT to the outside
137# network.
138#
139
140DMZ_USE_NAT=y
141
142#-----------------------------------------------------------------------------
143
144# PPP settings:
145#
146# Change the following only, if you are using PPP !
147
148#
149# Phone number:
150TELEPHONE=
151
152# Serial Port COM1 is /dev/tts/0, COM2 is /dev/tts/1 etc.
153SERIAL_PORT=/dev/tts/1
154PORT_SPEED=57600
155PPP_CONNECT_TIMEOUT=60
156PPP_CONNECT_POLL=3
157
158
159#
160# General configuration options
161#
162USEPEERDNS=yes    # set to 'yes' or 'no'
163#Change the DEMAND variable to either:
164# 'no' for "always on" connection
165# N where N is the number of idle seconds before we disconnect
166#DEMAND=600
167DEMAND=no
168
169# A debug option for debugging PPPoE, it will log to the specified file.
170# This must NOT be used during normal use, it'll fill up the ramdisk..
171# PPPOE_DEBUG=/tmp/pppoe.log
172
173#-----------------------------------------------------------------------------
174
175#
176# Defaults and switches:
177#
178
179HOSTNAME=floppyfw
180DOMAIN=floppyfwsecured.com
181
182#
183# Use a caching DNS server on the floppy. (This will automatically be true if
184# the DHCP daemon is used.)
185#
186DNSMASQ=n
187
188#
189# And for the logging the scripts use:
190# Default works for most purposes.
191#
192DEBUG_LOG="/dev/vc/3"
193
194#
195# Turning on syslogd and klogd.
196# This is a nice thing but will eat CPU which is why it is turned
197# off by default.
198# The firewall.ini file is where you can turn on logging of rejected packages.
199#
200USE_SYSLOG=n
201
202# Uncomment to log to /dev/vc/4 instead of /var/log/messages
203# which aren't exactly a good idea on a ramdisk.
204SYSLOG_TTY="-O $DEBUG_LOG"
205# Or the another virtual console than the other messages:
206# SYSLOG_TTY="-O /dev/vc/4"
207
208# Uncomment to log to network. host:port
209# SYSLOG_NET="-R 10.42.42.42:514"
210
211# Uncomment to not print a mark
212# SYSLOG_MARK="-m 0"
213
214[ "$SYSLOG_TTY" -a "$SYSLOG_NET" ] && SYSLOG_BOTH="-L"
215SYSLOG_FLAGS="$SYSLOG_MARK $SYSLOG_TTY $SYSLOG_NET $SYSLOG_BOTH"
216
217#
218# At the bottom (almost) because this is a feature that should not be
219# widely used but it will be useful for some people, escpecially
220# people using some irc servers demanding a result.
221#
222# This is a fake ident daemon, you can set the userid it shall answer
223# and floppyfw will automagically start the fake identd with this user
224# as the response.
225#
226# This will have security implications since you are running a listening
227# daemon (server) on the outside network interface. do this ONLY
228# if you really need it.
229#
230#FAKEIDENT=
231
232# If you want to use a second device (floppy disk, or whatever),
233# enter a device name like "/dev/fd1"
234# Otherwise enter "n"
235#SECOND_DEVICE="/dev/floppy/1"
236SECOND_DEVICE=n
237
Note: See TracBrowser for help on using the browser.