readme for alcatel.bz2 package for floppyfw

index

package description

This package contains a pptp compilation of pptp-alcatel.tar.gz against libc-2.0.7, using the flags -m386 -mno-fp-ret-in-387. The binary pppd was taken from ppp.bz2 package and placed in /bin/ during compilation, the Makefile. The package is packed as follows: 

tar -cpvf ../alcatel.tar *
cd ..
bzip2 -9 alcatel.tar
mv alcatel.tar.bz2 alcatel.bz2

The package contains the scripts ip-up, ip-down, pptp-start and the dev/ from floppyfw-adsl.img found under contrib http://www.zelow.no/floppyfw/download/contrib/ . The file ip-up has been modified and pptp-start is probably not necessary (see final remarks).

The binary killall was added along with another script called reconnect.sh which keeps the ADSL connection alive.

Only library file included is libnsl-2.0.7.so, including soft links.

installing and configuring floppyfw

The files to edit are config, network.ini, and modules.lst

Download a floppyfw image from http://www.zelow.no/floppyfw/. This package was tested on the stable version 1.0.11. Write the disc using rawrite2 (DOS) or dd (LINUX). Get a copy of the package ppp.bz2 from http://www.zelow.no/floppyfw/download/packages/ppp and put it into the packages directory on the floppy disk. Put the alcatel.bz2 package there too.

On the floppy disk you must edit the file config. Add the following: 

#
# Only useful for PPTP
#
MODEMSIDE_DEV=eth0
MODEMSIDE_IP=10.0.0.100
MODEMSIDE_BROADCAST=10.255.255.255
MODEMSIDE_NETMASK=255.0.0.0
MODEM_IP=10.0.0.138

OUTSIDE_IP=PPTP
OUTSIDE_DEV=ppp0
Then you must set the variables (examples given): 
USER_IDENT="username@domain.com"
USER_PASSWORD="password"

INSIDE_IP=192.168.1.254
INSIDE_DEV=eth1
INSIDE_NETMASK=255.255.255.0
INSIDE_NETWORK=192.168.1.0
INSIDE_BROADCAST=192.168.1.255

NAME_SERVER_IP1=130.208.165.3
NAME_SERVER_IP2=130.208.165.53
DOMAIN=domain.com

I would comment out this too:

#
# For dialup PPP use:
#
#SERIAL_PORT=/dev/ttyS0
#PORT_SPEED=57600
#TELEPHONE=
#PPP_CONNECT_TIMEOUT=60
#PPP_CONNECT_POLL=6

The network.ini file must also be edited. You can add a simple elseif statement from line 64. 

elif [ ${OUTSIDE_IP} = 'PPTP' ];
then 
    echo "Booting PPTP"
    echo "This file created by network.ini" 					> /etc/ppp/pap-secrets
    echo "#User		#Server		#Password		#IP	"       >> /etc/ppp/pap-secrets
    echo "${USER_IDENT}	*	${USER_PASSWORD}		*	"  	>> /etc/ppp/pap-secrets
    chmod 600 /etc/ppp/pap-secrets
    cp /etc/ppp/pap-secrets /etc/ppp/chap-secrets
    # For  PPTP we need these modules
    if [ ! -e /lib/modules/ppp.o ] ; then
      echo "You must have the package ppp.bz2 installed to use PPP."
      exit 1
    fi
    if [ ! -e /bin/pptp ] ; then
      echo "You must have the package alcatel.bz2 installed to use PPTP."
      exit 1
    fi
    # edit the ppp 'options' file as necessary
    echo "lock"               		> /etc/ppp/options
    echo "noipdefault"       	 	>> /etc/ppp/options
    echo "defaultroute"  	     	>> /etc/ppp/options
    echo "name \"${USER_IDENT}\" " 	>> /etc/ppp/options
    echo "noauth"             		>> /etc/ppp/options

    /bin/ifconfig ${MODEMSIDE_DEV} ${MODEMSIDE_IP} netmask ${MODEMSIDE_NETMASK} broadcast ${MODEMSIDE_BROADCAST}

    /etc/ppp/pptp-start

    echo "Setting up name server (etc/resolv.conf) "

    echo "domain ${DOMAIN}" >> /etc/resolv.conf
    echo "search ${DOMAIN}" >> /etc/resolv.conf

    echo "nameserver ${NAME_SERVER_IP1}" >> /etc/resolv.conf
    echo "nameserver ${NAME_SERVER_IP2}" >> /etc/resolv.conf

    sh /etc/ppp/reconnect.sh &

The last line calls a reconnection shell script, which makes sure the connection never dies.

Copy the modules slhc.o and ppp.o to the modules directory and add their names to the modules.lst file, important: first slhc.o then ppp.o. If you have any network card that is not supported in the kernel you can add modules for it in the same way. Modules for the kernel of your choice may be found here http://www.zelow.no/floppyfw/download/modules/.

firewall.ini

Nothing has really been done with this file. It's still in testing. I had trouble with ftp and so commented out:

# ipchains -A input -p TCP -d ${OUTSIDE_IP} 20 -j ACCEPT

and added this (taken from floppyfw newsgroup):

UNPRIVPORTS="1024:65535"
ANYWHERE="any/0" # Use any FTP server

ipchains -A output -i ${OUTSIDE_DEV} -p tcp \
         -s ${OUTSIDE_IP} $UNPRIVPORTS \
         -d $ANYWHERE 21 -j ACCEPT

ipchains -A input -i ${OUTSIDE_DEV} -p tcp ! -y \
         -s $ANYWHERE 21 \
         -d ${OUTSIDE_IP} $UNPRIVPORTS -j ACCEPT

# Normal Port Mode FTP Data Channels

ipchains -A input  -i ${OUTSIDE_DEV} -p tcp \
         -s $ANYWHERE 20 \
         -d ${OUTSIDE_IP} $UNPRIVPORTS -j ACCEPT

ipchains -A output -i ${OUTSIDE_DEV} -p tcp ! -y \
         -s ${OUTSIDE_IP} $UNPRIVPORTS \
         -d $ANYWHERE 20 -j ACCEPT

# Passive Mode FTP Data Channels

ipchains -A output -i ${OUTSIDE_DEV} -p tcp \
         -s ${OUTSIDE_IP} $UNPRIVPORTS \
         -d $ANYWHERE $UNPRIVPORTS -j ACCEPT

ipchains -A input  -i ${OUTSIDE_DEV} -p tcp ! -y \
         -s $ANYWHERE $UNPRIVPORTS \
         -d ${OUTSIDE_IP} $UNPRIVPORTS -j ACCEPT

final remarks

  1. The package ppp is really too big. It has libraries that are included in the floppyfw distributions.
  2. The pptp-start script may be superfluous since the command /bin/pptp 10.0.0.138 will do the trick, this is what is done in reconnect.sh.
  3. The modules slhc.o and ppp.o could have been distributed with the package, but kept separate since different kernel version are in use.