Context Navigation

Changeset 269

Timestamp:

10/31/10 03:56:00 (19 months ago)

Author:

root

Message:

Quite a few changes, new release 3.0.13 and many changes to accomodate a better VLAN setup.

Location:

floppyfw-3.0

Files:

r268	r269
38	38
39	39	# Which version of floppyfw is this?
40		FLOPPYFW_VERSION=3.0.13~~rc1~~
	40	FLOPPYFW_VERSION=3.0.13
41	41
42	42	# What sortof target system shall we compile this for?

r257	r269
679	679	# CONFIG_FEATURE_NAMEIF_EXTENDED is not set
680	680	CONFIG_NC=y
681		# CONFIG_NC_SERVER is not set
	681	CONFIG_NC_SERVER=y
682	682	# CONFIG_NC_EXTRA is not set
683	683	CONFIG_NETSTAT=y

r253	r269
679	679	# CONFIG_FEATURE_NAMEIF_EXTENDED is not set
680	680	CONFIG_NC=y
681		# CONFIG_NC_SERVER is not set
	681	CONFIG_NC_SERVER=y
682	682	# CONFIG_NC_EXTRA is not set
683	683	CONFIG_NETSTAT=y

r257	r269
5	5	#############################################################
6	6
7		# BUSYBOX_VERSION=1.2.2.1
8		# BUSYBOX_VERSION=1.10.4
9		BUSYBOX_VERSION=1.11.3
	7	BUSYBOX_VERSION=1.11.2
10	8	BUSYBOX_CONFIG_VERSION=1.11
	9	# Newest version did not compile.
	10	#BUSYBOX_VERSION=1.17.3
	11	#BUSYBOX_CONFIG_VERSION=1.17
11	12
12	13	ifeq ($(USE_BUSYBOX_SNAPSHOT),true)

r266	r269
27	27
28	28	# Version of Linux to download and then apply patches to
29		DOWNLOAD_LINUX_VERSION=2.4.37.9
	29	DOWNLOAD_LINUX_VERSION=2.4.37.10
30	30	# Version of Linux AFTER patches
31	31	LINUX_VERSION=$(DOWNLOAD_LINUX_VERSION)-floppyfw-$(FLOPPYFW_VERSION)

r230	r269
133	133	# and it will use ip aliasing to make it all work.
134	134	#
	135	# You can also use device.VLAN-ID to automatically set it as a VLAN.
	136	#
135	137	OUTSIDE_DEV=eth0
136	138	INSIDE_DEV=eth1
…	…
186	188	# DMZ settings.
187	189	#
188		# This is just to set up the network, you have to edit firewall.ini to
189		# be able to do anything useful with this.
	190	# You can also fine tune the firewall settings in dmz-fw.ini
190	191	#
191	192	# This can also be set up as the device/LAN for an open WLAN.
	193	# As with the other interfaces, you can use device.VLAN-ID to automatically
	194	# set it as a VLAN.
192	195	#
193	196	# Please note that enabling this automatically opens up for DNS requests to
…	…
196	199
197	200	USE_DMZ=n
	201	DMZ_DOMAIN=
198	202	DMZ_DEV=eth2
199	203	DMZ_IP=10.42.69.1
…	…
274	278
275	279	HOSTNAME=floppyfw
276		DOMAIN=floppyfwsecured.com
	280	# Set this if you don't want your outside DHCP server decide.
	281	# DOMAIN=floppyfwsecured.local
277	282
278	283	#

r1	r269
1	1	#
2	2	# Configuration for floppyfw
	3	# Not in use, a sed in config is.
3	4
4	5	# $Id: config.pppoe,v 1.3 2005/02/05 14:23:13 thomasez Exp $

r258	r269
28	28	iptables -A INPUT -i ${DMZ_DEVICE} -p UDP --dport 53 -j ACCEPT
29	29
30		if [ "$DMZ_DHCP_SERVER" = y ]
	30	if [ "$DMZ_DHCP_SERVER" = "y" ]
31	31	then
32	32	iptables -A INPUT -i ${DMZ_DEVICE} -p TCP --dport 67 -j ACCEPT

r258	r269
6	6	. /etc/dmz.info
7	7
8		DHCPDDOMAIN=`for DOMAINS in $(grep search /etc/resolv.conf \| sed 's/^search//'); do echo $DOMAINS; break; done`
	8	if [ "$DMZ_DOMAIN" ]
	9	then
	10	DMZ_DHCPDDOMAIN=$DMZ_DOMAIN
	11	else
	12	DMZ_DHCPDDOMAIN=`for DOMAINS in $(grep search /etc/resolv.conf \| sed 's/^search//'); do echo $DOMAINS; break; done`
	13	fi
9	14
10		cat >> /etc/dmz-udhcpd.conf <<EOF
	15	# Just a default to be sure we have something.
	16	[ -z "$DMZ_DHCPDDOMAIN" ] && DMZ_DHCPDDOMAIN=dmz.floppyfwsecured.local
	17
	18	echo "DMZ_DOMAIN:$DMZ_DHCPDDOMAIN" >> $DEBUG_LOG
	19
	20	cat > /etc/dmz-udhcpd.conf <<EOF
11	21	interface $DMZ_DEVICE
12	22	start $DMZ_DHCP_RANGE_START
…	…
19	29	option broadcast $DMZ_BROADCAST
20	30	option router $DMZ_IP
21		option domain $DHCPDDOMAIN
	31	option domain $DMZ_DHCPDDOMAIN
22	32	option lease 864000
23	33	$OPS
…	…
26	36	# Adding the /etc/dmz-ethers file:
27	37	# I'll use the same file for both. shouldn't matter.
28		sed -e '/^#/d;/^$/d;s/^/static_lease /' /etc/dmz-ethers >> /etc/dmz-udhcpd.conf
	38	[ -f /etc/dmz-ethers ] && sed -e '/^#/d;/^$/d;s/^/static_lease /' /etc/dmz-ethers >> /etc/dmz-udhcpd.conf

r268	r269
69	69	# some bootp/dhcp servers and arp.
70	70	#
71		if [ ~~"$OUTSIDE_MAC" != "~~" ]
	71	if [ -n "$OUTSIDE_MAC" ]
72	72	then
73	73	echo "Faking MAC address."
…	…
79	79	# it's the outside stuff that starts firewall.ini
80	80	#
81		if ~~[ "$USE_DMZ" = y ]~~
	81	if bool_value $USE_DMZ
82	82	then
83	83	#
…	…
210	210	DNSMASQ_OPTS="-i $INSIDE_DEV"
211	211
212		if ~~[ "$USE_DMZ" = y ]~~
	212	if bool_value "$USE_DMZ"
213	213	then
214	214	DNSMASQ_OPTS="$DNSMASQ_OPTS -i $DMZ_DEV"
215	215	fi
216	216
217		if ~~[ "$DHCP_SERVER" = y ]~~
	217	if bool_value "$DHCP_SERVER"
218	218	then
219	219	/etc/udhcpd.conf.sh
…	…
221	221	pidof dnsmasq > /dev/null \|\| /sbin/dnsmasq $DNSMASQ_OPTS
222	222	else
223		if ~~[ "$DNSMASQ" = y ]~~
	223	if bool_value "$DNSMASQ"
224	224	then
225	225	pidof dnsmasq > /dev/null \|\| /sbin/dnsmasq $DNSMASQ_OPTS
…	…
227	227	fi
228	228
229		if ~~[ "$DMZ_DHCP_SERVER" = y ]~~
	229	if bool_value "$DMZ_DHCP_SERVER"
230	230	then
231	231	/etc/dmz-udhcpd.conf.sh

r1	r269
2	2
3	3	. /etc/config
	4	. /etc/functions.inc
4	5
5		~~[ "$DNSMASQ" = y ] \|\| [ "$DHCP_SERVER" = y ]~~ && {
	6	bool_value "$DNSMASQ" \|\| bool_value "$DHCP_SERVER" && {
6	7	# Find out if dnsmasq is running
7	8	p=`pidof dnsmasq`

r71	r269
6	6	. /etc/inside.info
7	7
8		DHCPDDOMAIN=`for DOMAINS in $(grep search /etc/resolv.conf \| sed 's/^search//'); do echo $DOMAINS; break; done`
	8	if [ "$DOMAIN" ]
	9	then
	10	DHCPDDOMAIN=$DOMAIN
	11	else
	12	DHCPDDOMAIN=`for DOMAINS in $(grep search /etc/resolv.conf \| sed 's/^search//'); do echo $DOMAINS; break; done`
	13	fi
9	14
10		echo "DOMAIN:$DHCPDDOMAIN"
	15	# Just a default to be sure we have something.
	16	[ -z "$DHCPDDOMAIN" ] && DHCPDDOMAIN=floppyfwsecured.local
11	17
12		cat >> /etc/udhcpd.conf <<EOF
	18	echo "DOMAIN:$DHCPDDOMAIN" >> $DEBUG_LOG
	19
	20	cat > /etc/udhcpd.conf <<EOF
13	21	interface $INSIDE_DEVICE
14	22	start $DHCP_RANGE_START
…	…
27	35
28	36	# Adding the /etc/ethers file:
29		sed -e '/^#/d;/^$/d;s/^/static_lease /' /etc/ethers >> /etc/udhcpd.conf
	37	[ -f /etc/ethers ] && sed -e '/^#/d;/^$/d;s/^/static_lease /' /etc/ethers >> /etc/udhcpd.conf