# # Configuration for floppyfw # Not in use, a sed in config is. # $Id: config.pppoe,v 1.3 2005/02/05 14:23:13 thomasez Exp $ # # Fill in the blanks. # # For configuring of modules to use, # this includes the network interfaces: /modules.lst # For configuring firewall rules and incoming traffic: /firewall.ini # For configuring extra network interfaces you may use netwirk.ini # The default internal network is 10.42.42.* with 10.42.42.1 # As the floppyfw internal address (and default gateway for all # internal machines). To change this go down to the INSIDE section. #============================================================================= # # Basic configuration: # # Select the type of your OUTSIDE connection: # CONNECT_TYPE=PPP # if you use a modem CONNECT_TYPE=PPPoE # if you use some type of DSL that uses PPPoE # (Most of them do) # CONNECT_TYPE=DHCP # For getting the IP address by DHCP, often used # on cable modems. # CONNECT_TYPE=STATIC # For the good old LAN connection. # (Static IP) # CONNECT_TYPE=EXTERNAL # is a hook for booting a external startup # script from a package. # the external script has to be in /etc/ext-up.init # # Some connection methods wants a userid and password, PPP and PPPoE # is the typical but also the EXTERNAL option may want it. # USER_IDENT= USER_PASSWORD= # # Use a DHCP server on the inside network. (This will turn on DNSMASQ aswell) # (Dnsmasq is a dns cache.) # DHCP_SERVER=n # # Password can be created in many ways. Youhave two (three) options, # DES_PASSWORD will accept a crypted strong # PASSWORD will accept a strong (the specific root password). # This will give you "ffw" as login password. # DES_PASSWORD=nCLm5JgCK0G5U PASSWORD= # # Done! Your floppyfw should already work by now. # Save this file and give it a first shot ! # #============================================================================= # # # Device layout: # OUTSIDE_DEV=eth0 INSIDE_DEV=eth1 #----------------------------------------------------------------------------- # # INSIDE settings if you are using the STATIC connection option: # # # Your inside network, this has 10.42.42.* set as default, this is # addresses assigned for internal networks according to RFC 1918. # INSIDE_IP=10.42.42.1 INSIDE_NETWORK=10.42.42.0 INSIDE_NETMASK=255.255.255.0 INSIDE_BROADCAST=10.42.42.255 # # If you use the internal DHCP server and change the IP address and range # above you should also set the dhcp address range. # DHCP_RANGE_START=10.42.42.100 DHCP_RANGE_END=10.42.42.200 #----------------------------------------------------------------------------- # # OUTSIDE settings if you are using the STATIC connection option: # OUTSIDE_IP= OUTSIDE_NETMASK= OUTSIDE_NETWORK= OUTSIDE_BROADCAST= # # Misc # These are not nescessary to set if you are using DHCP. # (The DOMAIN field might be useful to change) # DEFAULT_GATEWAY= # Name servers can be a list, separated by a space. like "1.1.1.1 1.1.1.2" OUTSIDE_NAMESERVERS="" # MAC address for outside nic # Some ISPs uses bootp style dhcp tables and some just remembers the last # used MAC address. this allows you to swap nics # OUTSIDE_MAC=00:00:e8:48:6c:cb #----------------------------------------------------------------------------- # # DMZ settings. # # This is just to set up the network, you have to edit firewall.ini to # be able to do ahything useful with this. # USE_DMZ=n DMZ_DEV=eth2 DMZ_IP=10.42.69.1 DMZ_NETMASK=255.255.255.0 # # This switch (is not working yet) will turn on or off NAT to the outside # network. # DMZ_USE_NAT=y #----------------------------------------------------------------------------- # PPP settings: # # Change the following only, if you are using PPP ! # # Phone number: TELEPHONE= # Serial Port COM1 is /dev/tts/0, COM2 is /dev/tts/1 etc. SERIAL_PORT=/dev/tts/1 PORT_SPEED=57600 PPP_CONNECT_TIMEOUT=60 PPP_CONNECT_POLL=3 # # General configuration options # USEPEERDNS=yes # set to 'yes' or 'no' #Change the DEMAND variable to either: # 'no' for "always on" connection # N where N is the number of idle seconds before we disconnect #DEMAND=600 DEMAND=no # A debug option for debugging PPPoE, it will log to the specified file. # This must NOT be used during normal use, it'll fill up the ramdisk.. # PPPOE_DEBUG=/tmp/pppoe.log #----------------------------------------------------------------------------- # # Defaults and switches: # HOSTNAME=floppyfw DOMAIN=floppyfwsecured.com # # Use a caching DNS server on the floppy. (This will automatically be true if # the DHCP daemon is used.) # DNSMASQ=n # # And for the logging the scripts use: # Default works for most purposes. # DEBUG_LOG="/dev/vc/3" # # Turning on syslogd and klogd. # This is a nice thing but will eat CPU which is why it is turned # off by default. # The firewall.ini file is where you can turn on logging of rejected packages. # USE_SYSLOG=n # Uncomment to log to /dev/vc/4 instead of /var/log/messages # which aren't exactly a good idea on a ramdisk. SYSLOG_TTY="-O $DEBUG_LOG" # Or the another virtual console than the other messages: # SYSLOG_TTY="-O /dev/vc/4" # Uncomment to log to network. host:port # SYSLOG_NET="-R 10.42.42.42:514" # Uncomment to not print a mark # SYSLOG_MARK="-m 0" [ "$SYSLOG_TTY" -a "$SYSLOG_NET" ] && SYSLOG_BOTH="-L" SYSLOG_FLAGS="$SYSLOG_MARK $SYSLOG_TTY $SYSLOG_NET $SYSLOG_BOTH" # # At the bottom (almost) because this is a feature that should not be # widely used but it will be useful for some people, escpecially # people using some irc servers demanding a result. # # This is a fake ident daemon, you can set the userid it shall answer # and floppyfw will automagically start the fake identd with this user # as the response. # # This will have security implications since you are running a listening # daemon (server) on the outside network interface. do this ONLY # if you really need it. # #FAKEIDENT= # If you want to use a second device (floppy disk, or whatever), # enter a device name like "/dev/fd1" # Otherwise enter "n" #SECOND_DEVICE="/dev/floppy/1" SECOND_DEVICE=n