The author of Floppyfw, Thomas lundquest, described it as "screening router for Linux routers with firewall functions )". Floppyfw is started through the Linux kernel and provides the minimum set of tools to implement the aforementioned firewall functions. This is an important feature of it, because even if an intruder enters the firewall by some means, it does not have many tools available to cause damage. In addition, because the firewall is fully running in RAM, the system can be restored to its initial state by restarting the disk.
Like many other Linux projects, floppyfw has custom features. However, here we recommend a series of filtering rules that can be executed almost immediately, so that we can quickly build our own firewall.
Hardware requirements
A suitable computer or a component that is sufficient to assemble one. It should be a computer of more than 386. The basic configuration is as follows:
At least 8 MB RAM
3.5 "floppy disk drive
Graphics card
Keyboard
Display
Note: If you want floppyfw to run independently, you may only need the keyboard and display during configuration and testing.
You need to install a pair of NICs. floppyfw supports the following types of NICs:
3Com 3c509
NE2000 compatibles
Tulip-based
Intel EtherExpress PCI
Ensure that each Nic has its own interrupt number IRQ) and memory address. Interrupt number IRQ) and memory address are easily set on the jumper Nic. This is a pair of 3Com 3c509 NICs. When the computer is started for the first time, the two NICs are configured with IRQ 10 and 0x300. It uses 3Com's DOS utility 3C5X9CFG. EXE solves this problem: first, create a DOS boot disk and set 3C5X9CFG. copy the EXE file to the disk. Then, use the floppy disk to start the computer and run 3C5X9CFG. EXE, of course, both NICs must be inserted on the motherboard); select one Nic and select a new IRQ and memory address for it; and re-configure the other Nic. Remember, save the new settings. 3C5X9CFG. EXE is found on EtherDisk 4.3. You can find the latest etherdiskon the official website of 3Com at http://www.3com.com.
Software requirements
It is very easy to create a floppyfw boot disk. First of all, you need to go to http://www.zelow.no/floppyfw/downlo....cheng Jie, blow your work and lie down? /A>
# Dd if = floppyfw-1.0.5.img of =/dev/fd0 bs = 72 k
Configuration
This floppy disk is in DOS (FAT) format and must be edited on another computer before it can be started. You can often use Linux mtools as follows:
$ cd /tmp$ mcopy a:config$ vi config$ mcopy config a: |
If you are using other operating systems, you can use NotePad to complete these tasks.
In fact, floppyfw has five configuration files:
Config (main configuration file)
Firewall. ini (filter rules)
Modules. lst (additional ip_masq module)
Syslinux. cfg (kernel boot parameters)
Syslog. cfg (syslog configuration, similar to/etc/syslog. conf)
You may not need to worry about syslinux. cfg and modules. lst at all. Here, we will only discuss the main configuration file config. To illustrate the problem as much as possible, most of the comments are removed here. The meaning of most of the values is obvious. These toggle options at the end of the file may be hard to understand:
OPEN_SHELL controls shell access to the console (/bin/ash ).
If the computer's RAM is less than 12 MB, set ONLY_8M to "y ".
USE_SYSLOG determines whether syslogd runs.
SYSLOG_FLAGS indicates some tag information that is passed to syslogd when it is started.
File 1ftp: // ftp.mfi.com/pub/sysadmin/2001...? /A>