---------------------------------------- Materhorn Ethernet to Ethernet Firewall with dhclient support ---------------------------------------- Written by: Charles Steinkuehler Last Revised: 1/27/00 Disclaimer: This is the procedure I used to get my Materhorn based LRP setup running. Your results may vary. Please note that I have made absolutely no changes to the default Materhorn IPCHAINS script. You should examine the firewall setup to determine if it is appropriate and safe in your environment. ---------------------------------------- Usefull LRP related links: http://www.linuxrouter.org/ http://www.linuxrouter.sourceforge.net/ http://lrp.ramhb.co.nz/main.htm http://www.c0wz.com/ http://beta-linuxrouter.razorsedge.com/ http://lrp.plain.co.nz/ http://wpkgate.kc.com.my.cpwright.com/lrp/ ---------------------------------------- You might also want to read up on basic linux networking, including IP masquarading and IPCHAINS. There are many FAQs and HOWTOs available online. Remember, LRP is 'real' linux, so most mainstream linux documentation applies directly to your LRP box. Note that Materhorn runs kernel 2.2.13, and uses the newer commands (ipchains and ip instead of ipfwdadm and ifconfig) when you are looking up documentation. ---------------------------------------- Things to add: DHCP client for those without a static IP internet connection - Included in this version DHCP server to autoconfigure client machines - If you need this, get my dhcpd.lrp for Materhorn. You will need a larger boot device, or two floppy disk support Caching nameserver ---------------------------------------- Setup instructions for Materhorn LRP ethernet-ethernet firewall disk 1) Create a floppy using rawrite (DOS) or dd (linux) and the image you downloaded (1440-eth-eth-dhclient.floppy) 2) Boot the disk on your LRP machine 3) Log in as root 4) You should see a configuration screen. If not, type lrcfg 5) Select menu item 3, then 2, then 1, to edit /etc/modules 6) Uncomment the module(s) needed for your ethernet card(s). All modules listed in the file are already on your LRP disk. If you are using ne.o, ne2k-pci.o, or e2100.o, you will also need to uncomment 8390.o NOTE: If the modules you need are not listed, you will have to add them to your LRP disk. See below. 7) Save the file -w and exit -q 8) Return to the main lrcfg menu 9) IMPORTANT: BACKUP YOUR CHANGES OR THEY WILL BE LOST! 10) Select LRP menu item b, then 5 to backup changes to modules 11) Reboot 12) Configure your client machines: IP=192.168.1.xxx (don't use 0, 254, or 255!) Subnet Mask=255.255.255.0 Default Gateway=192.168.1.254 Primary DNS=your.primary.dns.server Secondary DNS=your.secondary.dns.server 13) You should have a fully functional masquarading firewall OPTIONAL: You might want to set your root password (type passwd at a command propmt). Remeber to backup /etc to your disk or there will be no password the next time you boot. ADDING MODULES TO YOUR LRP DISK 1) Get the Materhorn LRP kernel tarball (2.2.13-2.tar.gz) 2) Extract the module(s) you need using winzip. IMPORTANT: Check the modules.dep file to see if there are any dependancies for the module you want. You will need to add these modules as well. 3) Copy the module(s) to a dos floppy 4) Insert the dos floppy into your LRP machine 5) Get to a command prompt on the LRP machine (login as root, if necessary, and quit from the lrcfg main menu) 6) Mount the dos floppy mount -t msdos /dev/fd0 /mnt 7) Copy the module(s) to /lib/modules cp /mnt/.o /lib/modules 8) Unmount the dos floppy umount /mnt 9) Modify /etc/modules to load your module. You can use ae from the command line, or lrcfg 10) ADVANCED: You might want to delete some of the unused network modules to save disk space. Any of the modules commented out in /etc/modules are safe to delete. 11) IMPORTANT: BACKUP YOUR CHANGES OR THEY WILL BE LOST! 12) Select LRP menu item b, then 5 to backup changes to modules