> By some miracle, a year ago I got LRP up and running using 2.9.7 with > SSH, DHCPD, DHCLIENT on a 1440 floppy. It provides NAT from my > home network (5 PCs) through a cable modem to the internet. I've been > thrilled with it! > > Now I want to add VPN access (IPSec) so I can get to the home network > while mobile. > > 1) Looks like I'll need IDE or 2 floppy support, so maybe I should upgrade. > If I upgrade to a newer LRP version, which one? Eigerstein2Beta? > Dachstein pr5? When will Dachstein be released?
I'd probably use Dachstein. The firewall rules are pretty pounded out now, so the main thing left to do is modify the backup scripts so it can work easier from CD or floppy. This is turning into an ugly project without re-writing pretty much the whole packaging system, so I'm considering leaving the floppy version as-is, and modifying the scritps on the CD version, and wait until the "next big thing" (probably a 2.4 kernel & 2.2 libc based disto) to merge the floppy & CD versions. > 2) I assume modules are version dependent, but are packages version > independent? If not, how do I tell which package to use with which version? Only a few packages depend on which version of LRP/LEAF you're running, and those are usually kernel dependant (like dhcp & ipsec). Look at the docs for the package to see if it says anything. > 3) I want to use X509 and know that it has to be added (to the kernel > or the freeswan stuff?). Do files already exist for IPSec (freeswan) with > X509 support or do I have to fire up a devel system to add it? You'll have to fire up a development system...I don't do the x.509 stuff with my IPSec package. While you're at it, you can help me finish porting the IPSec scripts to LRP ;-) > 4) I use SSH for access from a computer at home (not from Internet). > I can't really remember how I set these up, but I know I can log in (using > putty) and transfer files (using pscp) from w2k. Should I skip SSH (I > trust everyone on this side of LRP) and use telnet to make it simpler? > Can I still transfer files? With pscp? You'll need some other method of file transfer. Telent won't transfer files. The original mountain releases came with in.telned and in.tftpd for file transfer (trivial FTP server). I find ssh/scp to be easier > 5) If I want to get really fancy, is it reasonably easy to set up a CD > boot? If you just want to burn a copy of a working system, yes, it's pretty easy. > 6) Where is the dachstein pr5 image? I found pr4 but can't see pr5. It doesn't exist yet. The pr5 readme on my site 'leaked out' when I was doing a web update...it basically contains notes on changes I made (I have to keep a running log online or I forget what I did). I've since actually backed out the DMZ change I'd made, as I figured out I could do the same thing using the pr4 scripts, by setting DMZ_IF="! eth0", so I didn't need to update the scripts. There have been no updates (other than a few attempts at tweaking the backup scripts, which I've discarded) to pr4, which is what I'm currently running on my firewall. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
