Just in case anyone is considering it, I switched over from ESB2 to DSv1.0.1 yesterday. The system in question is a 486DX266 with 16MB RAM and an old 4x atapi cdrom. This PC cannot boot from a CD directly so the following is tailored as such. It was VERY easy:
- Used WinISO to extract and add to the DS-CD ISO image. Added echowall, portsentry and ez-ipupd lrp packages, extracted bootdisk.bin file. - Used WinImage to create a new boot disk using the bootdisk.bin image from the ISO file. Changed bootdisk format to 1680KB from default size to get more space. - Modified syslinux and lrpkg.cfg files with the additional modules I wanted (libz/sshd, portsentry and echowall). - Modified default root RAM in syslinux.cfg to 6MB (ramdisk_size=6144) and boot device to 1680 floppy (boot=/dev/fd0u1680,msdos). - Dug out an old 4x Atapi CDROM and plugged it into the VESA IDE card. - Put VESA video card and keyboard back into machine so I can debug/configure after initial boot up. - Inserted the new boot floppy and cd into the machine and rebooted. - After boot up (much faster even with old 4x cdrom) edit the /etc/modules to reflect the 2 NIC's in my system. - Modified ramlog package to 2MB (2048) - Modified /etc/lrp.conf with mail server, email address, date server and ping hosts. - Modified /etc/network.conf with machine hostname (default is "firewall") - Generated root password via passwd command from command line. - Set-up openSSH keys: Mounted CD (mount -t iso9660 -r /dev/hda /mnt), installed sshkey package (cd /mnt, lrpkg -i sshkey), generated keys (makekey), unmount CD (cd /, umount /mnt) - Added "sshd: 192.168.1." to hosts.allow so I can ssh into firewall. - In backup menu, set all packages to partial type and floppy disk destination. - Backed up everything except logs. - Rebooted and voila, all LAN PC's surfing the net again. - Used putty to ssh into firewall verifying I can remove video card and keyboard. - Brought up weblet interface to verify it works (much nicer looking!). - SCP'd mountain time localtime file into /etc to get system clock squared away. - Backup /etc. Done in a little over an hour. TBD - Get a null modem cable and set-up serial console for local debugging/configuring (http://lrp.steinkuehler.net/Documentation/LRP-Serial-HOWTO.txt). - Remove video card and keyboard. - Get ixplorer or winscp working so I can move files around via gui instead of pscp command line. They aren't working because when they log in the lrcfg gui comes up rather than the shell prompt. I had this working on ESB2, not sure why they don't work now. Anyone figure this out? - Change SSH to use keys rather than password login. Can anyone point me to any resource to set this up? Guides I've seen just use password login. - Setup portsentry. - Change firewall rules to stop logging of port 53 (ads.x10.com etc.) and port 80 (code red) spewage. - Portforward port 81 for external web access rather than port 80 to avoid @home scanning and code red. - Setup so I can SSH through firewall from work to internal machine. - Figure out if echowall is easier to use than ipchains to setup the previous 3 points. Thank you Charles and all other contributors to this fine product! Paul Rimmer Calgary, Alberta _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
