Hi, I'd like to report on an almost succesful Oxygen installation, and I hope that someone on this list can help me with the one remaining obstacle. A few days ago I downloaded the newest Oxygen release (oxygen-051401.bin) copied it to a floppy and had an old diskless Pentium PC up and running in no time -- very nice! My goal is to set the machine up as a firewall between a Cisco 2500 router which is my WAN connection and also acts as a DHCP server for my internal network. I wanted to put in the Oxygen machine without having to reconfigure the Cisco router except removing one or two IP addresses from the DHCP pool. This required me to turn on proxy arp, which I did manually by adding a couple of lines to /etc/init.d/network: echo '1' > /proc/sys/net/ipv4/conf/eth0/proxy_arp echo '1' > /proc/sys/net/ipv4/conf/eth1/proxy_arp And since both interfaces are on the same subnet I had to delete the network route and add a route to the Cisco router instead on interface eth0. Is there a canonical way of doing this in Oxygen? If not it might be an idea to add support for this type of thing in one of the configuration files. I've noted that seawall supports proxy arp, but I haven't looked further into that yet. Getting DHCP to work was a little more trouble, but I finally figured out that I needed dhcrelay, and I found a dhcrelay.lrp package in the following location: http://beta.linuxrouter.org/addons/packages/kwong/dhcrelay.html This seems to work nicely with Oxygen. The Oxygen PC was now sitting transparently on the network and everything worked like before -- status quo had been restored -- almost! I realized that multicast packets were not routed by the Oxygen box, so I immediately tried to locate and install mrouted. I found an mrouted.lrp package in this location: http://wpkgate.kc.com.my.cpwright.com/lrp/dev/ Alas, when running "/etc/init.d/mrouted start" I got the the following message in /var/log/daemon.log: May 31 17:41:00 fsknet-skej-fw mrouted[1353]: mrouted version 3.8 May 31 17:41:00 fsknet-skej-fw mrouted[1353]: can't enable Multicast routing in kernel: Protocol not available It seems that the Linux kernel was compiled without support for multicast. I guess I have to compile my own kernel, but I haven't yet figured out how to do that. Can anyone point me to a HOWTO on making a new kernel for Oxygen? For the firewall I burnt a CD-ROM with the firewall.bin image and added dhcrelay.lrp and mrouted.lrp packages to the CD as well. In this way I have the floppy as the boot medium, with extra packages on the CD-ROM. I find this combination ideal since both media are read-only. (or can be made so in the case of the floppy). I've redirected the console to ttyS0, for headless operation. I tried changing the speed on ttyS0 to something higher that 9600 since the e3 editor is really slow in updating the screen. My attempts at this failed, and I got the error message: "Use of setserial/setrocket to SPD_* flag is deprecated" I changed the speed setting in both syslinux.cfg on the floppy and in /etc/inttab. After getting the vi editor on the CD-ROM I left the console port speed at 9600 since vi is more intelligent in updating the screen and hence 9600 is sufficient. I'm very impressed with the ease of installation and configuration of Oxygen, and I hope the platform will evolve. I'm looking forward to moving to the 2.4 kernel series and iptables instead of ipchains. Now all I need is to get multicast routing working. Any suggestions? -Dan _________________________________________________________________ Dan M�nster, PhD E-mail: [EMAIL PROTECTED] UNI�C, Research Phone: (+45) 8937 6621 Olof Palmes All� 38 Fax: (+45) 8937 6677 DK-8200 �rhus N, Denmark WWW: http://www.uni-c.dk _________________________________________________________________ _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-user
