Gary Hendershot wrote: > I am working on similar. It scares me that you indicate "OPT/" as the > current version (0.4.2)is not supposed to need the "mkopt" stuff. I setup > my 256mb CF card with a 64MB "/" and a 192MB "/mnt/kd". I do not mount a > separate "/OPT" partition. I end up with an empty /OPT folder after the > install. Maybe this is what I did wrong? > mkopt is not needed in 0.4.x. There really is no opt at this point in the new development environment. There are some parts that are still missing when comparing the last 0.3x release and 0.4.x. Unfortunately it looks like openvpn was one of those areas. The init scripts have not made there way back into the new development svn. This is partially (probably) due to Kristian not using openvpn himself. I do use it and will add the scripts back in shortly. I've just been a little busy. The init changes would include creating the /dev/tun device if it doesn't already exist, the same way the init script for 0.3x did. > I have a Via 1GHz fanless machine. It has 256MB RAM and 3 NICs. Seems most > of the folks playing with Astlinux are dealing with 266MHz machines with > very modest memory and such. While I do not consider my machine to be any > kind of barn burner, it is quite a bit more capable than what most seem to > be using. So I would think that my setup would certainly have the > horsepower needed to what I want to do. > <snip> That should be more than adequate to accomplish what you want to do. I really like the EPIA platform more so than the Soekris hardware. Much more bang for your buck. Just out of curiosity, are you using a new C7 based board or something like a PD10000 with one additional NIC on a pci card? Newer C3 and the C7 chips have hardware acceleration which openssl can be patched to use. (openssl is the underlying engine for openvpn) > The included DnsMasq service seems to be a fairly robust DHCP and caching > DNS. Do not make the mistake I made and waste two days trying to figure out > how to get it to run BIND and DHCPD. In the end, I messed it up so bad I > had to reinstall and start again (twice - I am a slow learner). Once I > figured out dnsmasq, I realized it was a very capable substitute. > Dnsmasq should be more than adequate for most people. It does work quite well. > But on the firewall issue, I am stumped. I have mangled the settings > provided for in rc.conf every way I can think of. I have messed a bit (read > this as messed up!) with the astfw script. I have Googled countless > documents and not yet found what I am looking for. The setup I want to do > would be a snap in m0n0wal or pfsense. But so far, no joy getting it to > work in Astlinux. > The current firewall that is included in astlinux is very basic. While that isn't necessarily a bad thing, it requires knowledge of iptables to create new rules for dnat port forwarding etc. I've thought about incorporating something more user-friendly, but it would be something like shorewall or arno's firewall, both of which use text configuration files. As far as an easy to use web-based interface, a contribution to the project would be welcomed. There are a number of ways the web interface could be extended to provide more ease of use.
Darrick -- Darrick Hartman DJH Solutions, LLC http://www.djhsolutions.com _______________________________________________ Astlinux-users mailing list [email protected] http://lists.kriscompanies.com/mailman/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to [EMAIL PROTECTED]
