Route Hat Linux v0.3 Documentation Written by Peter Surda 2002-2004 This document is public domain. The author reserves the moral right to be identified as the author of this document. Shurdix is Licensed under GNU GPL v2 http://www.gnu.org/copyleft/gpl.html Programs written by third parties are licensed under their respective licenses System requirements =================== - i586 (Pentium I, Pentium II, K6, Celeron III, Athlon XP and Cyrix MediaGX tested) or better - 32MB RAM (well, for realistic use 64MB is better) - some media for booting (CDROM, Harddisk, DoC, USB stick tested) - some media for writing config (CDROM, HDD, DoC, USB stick) - the 2 previous shouldn't require more than about 32MB together - PCI network card known to linux 2.4 Boot parameters (for grub or isolinux or whatever) ================================================== All parameters are optional of course. ROOTPW=some_password -------------------- sets root's password. Without both previously saved configuration and this parameter, there is no way to login to routehat NOCONFIG -------- don't load saved config during boot even if some is found, most likely you need to use ROOTPW in this case as well, otherwise you won't be able to login LOWMEM ------ Intended for really low_mem_systems (32MB), in that case will try not to use rootfs as a ramdisk but mount it from a device. At the moment "device" is hardcoded to /dev/hda3, which has to be a partition of at least 16MB and its contents will be destroyed on boot. VIRUS ----- also on default ISO when you use label "virus" if inet available updates virus databases and runs destroyvirii.pl ETH0=ip/mask ------------ you can configure your network card before booting this way DNS1=ip DNS2=ip ------- DNS configuration GATEWAY=ip ---------- default gateway ROOTDEV=hd[a-d] --------------- device for automatic installation. Currently only first 4 IDE drives are supported, but of course you can install it manually on any generally supported media (such as USB sticks or DoC). It will DELETE THE PARTITION TABLE on /dev/ROOTDEV and create /dev/${ROOTDEV}1 as reiserfs with full disk capacity, and install GRUB into MBR. INSTALL ------- Perform automatic installation. both for automatic and manual installation, internet access is required, because it will download data from www.routehat.org. MANUAL INSTALLATION =================== - boot with preferably ROOTPW=your_root_password - in case you don't use DHCP, configure network (see "Network Configuration") - if necessary, partition the disk and create filesystems - vi /mnt/ramdisk/config CONFIG=where_the_hell_your_root_e_g_/dev/hda1 CONFIGFS=reiserfs_or_ext2_or_vfat_perhaps_some_other_willwork_as_well - "service conf save" => this saves the contents of /mnt/ramdisk to $CONFIG you can use this later as well to save any configuration changes - "service setup start" => If you want to boot from CD you can skip this step. currently works only for IDE disks, it installs grub into the device that contains the $CONFIG partition and sets up the boot menu. THIS WILL OVERWRITE ANY PREVIOUS BOOTLOADERS. - you need internet access for the last step, as it downloads the latest version from www.routehat.org - that's it - and then? - no, that's it! - and then? - no "and then"! Network Configuration ===================== - vi /mnt/ramdisk/network/$device_name (where $device_name is eth* or ppp*) - for eth - IP=dhcp - use DHCP, same as if the file doesn't exist - IP=$ip1/$bits1[ broadcast $brd1], $ip2/$bits2[ broadcast $brd2] - e.g. "192.168.1.1/24, 192.168.2.1/24 broadcast 192.168.2.255" - ROUTE=$route1_parameters, $route2_parameters - e.g. "default via 10.1.2.3, 100.100.100.100 via 10.1.2.4" - as you can see, both IP and ROUTE can take more than 1 record per interface, so there is no need to use the obsolete aliases like eth0:0 - of course, you can also use only 1 parameter, like IP=192.168.1.1/24 ROUTE=default via 192.168.1.254 - MODULE, IO, IRQ -> can be set for cards taht need it (MODULE refers to kernel module name) - ESSID, IWCHANNEL, IWKEY, IWMODE -> for wireless cards - NODEFROUTE -> don't set up default route even if it would have been set otherwise (e.g. when using DHCP). - for br - everything as for eth plus - BRIDGE=$eth0,$eth1,$eth2 - for ppp (at the moment only pptp is supported) - IP=$ip_of_remote_pptp_server - MPPE=yes_or_no - if the remote server doesn't support MPPE, you must set this to no, otherwise it won't connect - DEFROUTE=yes_or_no - wheter to use the remote peer as a default route - set this to yes for e.g. ADSL modems, no for e.g. VPN - ROUTE=route_command - exactly as with eth, e.g. "192.168.1.1/24" ("via" or "dev" isn't necessary) - USER=ppp_user_name - password is set in /etc/ppp/chap-secrets, check ppp/pptp docs for more info - PEERDNS=yes_or_no - if the system should use DNS settings recommended by the PPP server. - ppp-watch-script.sh is automatically launched and restarts the connection if it breaks - you shouldn't use quotes: - IP=1.2.3.4 broadcast 2.3.4.5 -> correct - IP="1.2.3.4 broadcast 2.3.4.5" -> wrong - turn an interface up -> "ifup eth0" - turn an interface down -> "ifdown eth0". Don't use "kill" even for ppp, because otherwise the watch script will restart it. - stop whole network -> "service network stop" - start whole network -> "service network start" - BUG: if you restart ppp* too quickly, it may fsck up. Wait at least 30 seconds between ppp* restarts please Services ======== - basically, "service something start" starts it and "service something stop" stops it, just like in Red Hat - exceptions: - conf - service conf save -> saves configuration - service conf start -> OVERWRITES current running configuration by the saved configuration on the disk - firewall - service firewall save -> saves configuration - update - service update start -> downloads latest routehat and installs it - setup - service setup start -> installs bootloader - hwdetect - detects hardware, shouldn't be used other than during boot time - list (incomplete) - conf - update - sshd - pptpd -> pptp server - network - gpm -> mouse daemon - firewall -> iptables (+ in the future other stuff) - tc -> traffic control - update - clamav - httpd - hwdetect - syslog - stunnel -> not working yet - setup System update ============= - simply type "service update start" - THEN YOU HAVE TO REBOOT FOR THE NEW SYSTEM TO BECOME ACTIVE Contents of /mnt/ramdisk ======================== - clamav -> clamav databases - config -> device which holds your config and logs CONFIG=/dev/wherever_your_config_is CONFIGFS=reiserfs_or_vfat_or_ext2_or_whatever - ddupdate -> configuration of DynDNS-updater, if exists, ddupdate will start on boot - HOST=hostname.dyndns-domain.org -> hostname to update - you should have a paid account, because if the IP doesn't change for 35 days DynDNS will delete the hostname - LOGIN=login - PASS=password -> authentication - STATIC=yes_or_1_or_no_or_0 -> whether it is a DynamicDNS or StaticDNS hostname - your IP is automatically obtained from the current routing table - dnsmasq.conf -> configuration for dnsmasq, which is a great DNS/DHCP server - hostname -> HOSTNAME=my-hostname.my-domain - iptables -> (in iptables-save format) if present, will start iptables on boot - rh-fw -> if present, will setup firewall as I do on default for my customers - if both "rh-fw" and "iptables" is present, "rh-fw" will be loaded first and the contents of "iptables" will be added instead of replaced - network/ -> network interfaces configuration - root/ -> root's home directory, you can use it the normal way like put ssh keys there - rc.local -> will be executed upon bootup if exists and executable - rrd/ -> accounting data (created and used automatically) - sshd/sshd_config -> sshd_config (created on first boot, may be edited if needed) - sshd/ -> other ssh things like host keys (created on first boot) - ppp/ifup-ppp -> script that will be called after a ppp interface goes up. Can be used for stuff like traffic control or routing - ppp/pptpd.conf -> pptpd config file (if exists pptpd will start on boot) - ppp/chap_secrets -> ppp username/password (don't forget to chmod 0600!!!) - ppp/ -> other ppp config files - pwd -> root (and on demand others') password as MD5 hash, used by pam. Use chpwdfile to modify - tc -> configuration for traffic-control-script: DEV_IN=LAN-Interface DEV_OUT=Inet-Interface BW_IN=Incoming bandwidth in kbit/s - set BW_IN to about 90-95% of your real bandwidth BW_OUT=Outgoing bandwidth in kbit/s - you can use 100% here MAXCLASSES=number - optional, if missing, it will be calculated from the netmask of $DEV_IN - tz -> timezone - for Central Europe do "echo CET-1CEST > /mnt/ramdisk/TZ" - www/ -> root for webserver (only static html and png are recognised) I think that's all, perhaps I missed something :-) Besides of these mentioned you can put whatever you want there, but be careful not to fill it too much as it is a ramdisk. Contents of /mnt/conf ===================== this is where the $CONFIG gets mounted to, i.e. it is usually a disk. - /conf.tar.gz -> basically a .tar.gz of /mnt/ramdisk (your config) - /logs/-> /var/log/messages gets rotated there or saved between reboots You can put whatever you want there, it can be your other linux distribution's root partition. System ====== /tmp is tmpfs of 10MB. /mnt/ramdisk is also tmpfs, uses 10MB as a minimum, but if the boot script finds out that for loading the configuration from disk it would need more, it tries to get more. It will complain if there is not enough RAM to create a large enough tmpfs, but will continue booting anyway, hoping at least some functionality will be preserved. The end Last modified 4.12.2004