diff options
author | ficus <ficus@robocracy.org> | 2012-09-11 01:16:38 +0200 |
---|---|---|
committer | ficus <ficus@robocracy.org> | 2012-09-12 01:25:30 +0200 |
commit | e55744bb195f0d665332ceb48acb57b4a4e186b5 (patch) | |
tree | 70824873c9dad07bf55c9e8101a97321f78fc6f5 /freedom-maker/source/etc | |
parent | e109d94422d0687fc84d8aa1804c2b209785d0aa (diff) | |
download | torouter-e55744bb195f0d665332ceb48acb57b4a4e186b5.tar.gz torouter-e55744bb195f0d665332ceb48acb57b4a4e186b5.zip |
update to FBx public-0.1 freedom-maker
Snapshot commit with no torouter-specific changes re-applied.
Updated freedom-maker image to a significantly more recent version, used
by the FreedomBox project. This includes a shift from debian "stable" to
"testing" (wheezy), which has a Linux 3.2 kernel.
date Fri, 24 Aug 2012 03:50:41 +0000
repo git://anonscm.debian.org/freedombox/freedom-maker.git
commit de1f66f0651a3a7c306331eeda1db93535b1470a (public-0.1)
Diffstat (limited to 'freedom-maker/source/etc')
-rw-r--r-- | freedom-maker/source/etc/apt/sources.list | 2 | ||||
-rw-r--r-- | freedom-maker/source/etc/dhcp/dhcpd.conf | 32 | ||||
-rw-r--r-- | freedom-maker/source/etc/dnsmasq.conf | 24 | ||||
-rw-r--r-- | freedom-maker/source/etc/fstab | 6 | ||||
-rw-r--r-- | freedom-maker/source/etc/hosts | 7 | ||||
-rwxr-xr-x | freedom-maker/source/etc/init.d/first-run | 71 | ||||
-rwxr-xr-x | freedom-maker/source/etc/init.d/proxy | 61 | ||||
-rw-r--r-- | freedom-maker/source/etc/mtab | 0 | ||||
-rw-r--r-- | freedom-maker/source/etc/network/interfaces | 25 | ||||
-rw-r--r-- | freedom-maker/source/etc/openvpn/client.conf | 0 | ||||
-rw-r--r-- | freedom-maker/source/etc/openvpn/static.key | 0 | ||||
l--------- | freedom-maker/source/etc/rc1.d/S01first-run | 1 | ||||
l--------- | freedom-maker/source/etc/rc2.d/S01first-run | 1 | ||||
l--------- | freedom-maker/source/etc/rc2.d/S50proxy | 1 | ||||
-rw-r--r-- | freedom-maker/source/etc/resolv.conf | 2 | ||||
-rw-r--r-- | freedom-maker/source/etc/sysctl.conf | 5 | ||||
-rw-r--r-- | freedom-maker/source/etc/udev/rules.d/75-persistent-net-generator.rules | 0 |
17 files changed, 238 insertions, 0 deletions
diff --git a/freedom-maker/source/etc/apt/sources.list b/freedom-maker/source/etc/apt/sources.list new file mode 100644 index 0000000..c06710c --- /dev/null +++ b/freedom-maker/source/etc/apt/sources.list @@ -0,0 +1,2 @@ +deb http://http.debian.net/debian wheezy main +deb-src http://http.debian.net/debian wheezy main diff --git a/freedom-maker/source/etc/dhcp/dhcpd.conf b/freedom-maker/source/etc/dhcp/dhcpd.conf new file mode 100644 index 0000000..ec502c6 --- /dev/null +++ b/freedom-maker/source/etc/dhcp/dhcpd.conf @@ -0,0 +1,32 @@ +# +# FreedomBox ISC dhcpd configuration +# +# + +# The ddns-updates-style parameter controls whether or not the server will +# attempt to do a DNS update when a lease is confirmed. We default to the +# behavior of the version 2 packages ('none', since DHCP v2 didn't +# have support for DDNS.) +ddns-update-style none; + +# option definitions common to all supported networks... +option domain-name "free.dom"; +option domain-name-servers ns1.free.dom, ns2.free.dom; + +default-lease-time 600; +max-lease-time 7200; + +# If this DHCP server is the official DHCP server for the local +# network, the authoritative directive should be uncommented. +authoritative; + +# Use this to send dhcp log messages to a different log file (you also +# have to hack syslog.conf to complete the redirection). +log-facility local7; + +# basic subnet configuration for the 'downstream' wired network + +subnet 192.168.1.0 netmask 255.255.255.0 { + range 192.168.1.10 192.168.1.100; + option routers 192.168.1.1; +} diff --git a/freedom-maker/source/etc/dnsmasq.conf b/freedom-maker/source/etc/dnsmasq.conf new file mode 100644 index 0000000..71403d7 --- /dev/null +++ b/freedom-maker/source/etc/dnsmasq.conf @@ -0,0 +1,24 @@ +log-facility=DAEMON + +local=/fbx/ +local=/freedombox/ + +# Upstream DNS server +# FIXME this should be updated on boot. +server=192.168.0.1@eth1 + +# We will serve this DNS domain +# (DHCP hosts will receive a .lan suffix in DNS) +domain=lan + +# We're the authoritative dhcpd +# Read the manpage for a good explanation of what this does +dhcp-authoritative + +# We are going to serve hosts for: +# - LAN (192.168.1.0/24) (Only static hosts) +# - WLAN (192.168.2.0/24) +# New clients will receive an IP from the WLAN range. + +dhcp-range=interface:eth0,set:lan,192.168.1.10,192.168.1.100,255.255.255.0,2h +# dhcp-range=interface:uap0,set:lan,192.168.2.10,192.168.2.100,255.255.255.0,2h diff --git a/freedom-maker/source/etc/fstab b/freedom-maker/source/etc/fstab new file mode 100644 index 0000000..7c48827 --- /dev/null +++ b/freedom-maker/source/etc/fstab @@ -0,0 +1,6 @@ +/dev/sdc2 / auto relatime,rw 0 0 +proc /proc proc none 0 0 +sys /sys sysfs none 0 0 +none /dev/pts devpts defaults 0 0 +tmpfs /tmp tmpfs rw,nosuid,nodev 0 0 +/dev/sdc1 /boot vfat defaults 0 0 diff --git a/freedom-maker/source/etc/hosts b/freedom-maker/source/etc/hosts new file mode 100644 index 0000000..e252996 --- /dev/null +++ b/freedom-maker/source/etc/hosts @@ -0,0 +1,7 @@ +127.0.0.1 localhost freedombox fbx +::1 localhost ip6-localhost ip6-loopback +fe00::0 ip6-localnet +ff00::0 ip6-mcastprefix +ff02::1 ip6-allnodes +ff02::2 ip6-allrouters + diff --git a/freedom-maker/source/etc/init.d/first-run b/freedom-maker/source/etc/init.d/first-run new file mode 100755 index 0000000..8df2c2d --- /dev/null +++ b/freedom-maker/source/etc/init.d/first-run @@ -0,0 +1,71 @@ +#!/bin/bash +# +# Script to complete the post-install process on first FBX boot. + +### BEGIN INIT INFO +# Provides: first-run +# Default-Start: 1 2 +# Required-Start: 2 +# Required-Stop: +# Default-Stop: +# Short-Description: Finish FBX install on DreamPlug +### END INIT INFO + +function tweak-kernel { + # Update the kernel unless requested otherwise. + + if [ -e /var/freedombox/dont-tweak-kernel ] + then + rm /var/freedombox/dont-tweak-kernel + else + kernel_version="$(/bin/ls $mountpoint/boot/vmlinuz-*-kirkwood | sort -rn | head -n1 | sed s#$mountpoint/boot/vmlinuz-##)" + + mount -t proc proc /proc + flash-kernel $kernel_version + umount /proc + fi +} + +function wifi-ap-setup { + # configure wireless access point with spinifex's prebuilt firmware + + echo "Sleeping 30s for DHCP" + sleep 30 # wait for dhcp + + echo "Installing UAP Firmware." + wget -O /tmp/marvell_wifi_firmware.tar.gz http://www.spinifex.com.au/plugs/downloads/dreamplug/marvell_wifi_firmware.tar.gz + tar -C /tmp -zxf /tmp/marvell_wifi_firmware.tar.gz + mkdir -p /lib/firmware/mrvl + cp /tmp/lib/firmware/mrvl/* /lib/firmware/mrvl +} + +function create-keys { + echo "Creating Keys." + + echo "Creating SSH keys." + rm /etc/ssh/ssh_host_* + dpkg-reconfigure openssh-server + + echo "Need to create other keys." + # gpg --batch --gen-key + # see http://lists.gnupg.org/pipermail/gnupg-users/2003-March/017376.html +} + +function remove-self { + rm -f /etc/init.d/first-run + rm -f /etc/rc1.d/S01first-run + rm -f /etc/rc2.d/S01first-run + rm /etc/init.d/first-run + rm /etc/rc1.d/S01first-run + rm /etc/rc2.d/S01first-run +} + +create-keys +# wifi-ap-setup + +# the last things we do before quitting. +tweak-kernel +remove-self + +echo "Kernel flashed. Rebooting." +reboot diff --git a/freedom-maker/source/etc/init.d/proxy b/freedom-maker/source/etc/init.d/proxy new file mode 100755 index 0000000..901507b --- /dev/null +++ b/freedom-maker/source/etc/init.d/proxy @@ -0,0 +1,61 @@ +#! /bin/sh + +### BEGIN INIT INFO +# Provides: proxy +# Required-Start: $network $remote_fs $syslog +# Required-Stop: $remote_fs $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: Proxy for clients. +### END INIT INFO + +set -e + +INTIF1="eth0" +INTIF2="uap0" +EXTIF="eth1" +EXTIP="`/sbin/ifconfig $EXTIF | grep 'inet addr' | awk '{print $2}' | sed -e 's/.*://'`" + +loadModules() { + depmod -a + modprobe ip_tables + modprobe ip_conntrack + modprobe ip_conntrack_ftp + modprobe ip_conntrack_irc + modprobe iptable_nat + modprobe ip_nat_ftp +} + +setProc() { + echo "1" > /proc/sys/net/ipv4/ip_forward + echo "1" > /proc/sys/net/ipv4/ip_dynaddr +} + +configIpTables() { + iptables -P INPUT ACCEPT + iptables -F INPUT + iptables -P OUTPUT ACCEPT + iptables -F OUTPUT + iptables -P FORWARD DROP + iptables -F FORWARD + iptables -t nat -F + + iptables -A FORWARD -i $EXTIF -o $INTIF1 -m state --state ESTABLISHED,RELATED -j ACCEPT + iptables -A FORWARD -i $EXTIF -o $INTIF2 -m state --state ESTABLISHED,RELATED -j ACCEPT + iptables -A FORWARD -i $INTIF1 -o $EXTIF -j ACCEPT + iptables -A FORWARD -i $INTIF2 -o $EXTIF -j ACCEPT + + iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE +} + +case "$1" in + start) + loadModules + setProc + configIpTables + ;; + *) + log_success_msg "Usage: /etc/init.d/proxy {start}" + exit 1 + ;; +esac diff --git a/freedom-maker/source/etc/mtab b/freedom-maker/source/etc/mtab new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/freedom-maker/source/etc/mtab diff --git a/freedom-maker/source/etc/network/interfaces b/freedom-maker/source/etc/network/interfaces new file mode 100644 index 0000000..9680bed --- /dev/null +++ b/freedom-maker/source/etc/network/interfaces @@ -0,0 +1,25 @@ +# This file describes the network interfaces available on your system +# and how to activate them. For more information, see interfaces(5). + +# The loopback network interface +auto lo +iface lo inet loopback + +# The primary network interface +auto eth0 +iface eth0 inet static + address 192.168.1.1 + netmask 255.255.255.0 + +allow-hotplug eth1 +iface eth1 inet dhcp + +# auto uap0 +# iface uap0 inet static +# address 192.168.2.1 +# netmask 255.255.255.0 +# post-up uaputl sys_cfg_ssid "freedombox" +# post-up uaputl sys_cfg_protocol 32 # WPA2 +# post-up uaputl sys_cfg_wpa_passphrase "freedombox123" +# post-up uaputl sys_cfg_cipher 8 8 # AES CCMP +# post-up uaputl bss_start diff --git a/freedom-maker/source/etc/openvpn/client.conf b/freedom-maker/source/etc/openvpn/client.conf new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/freedom-maker/source/etc/openvpn/client.conf diff --git a/freedom-maker/source/etc/openvpn/static.key b/freedom-maker/source/etc/openvpn/static.key new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/freedom-maker/source/etc/openvpn/static.key diff --git a/freedom-maker/source/etc/rc1.d/S01first-run b/freedom-maker/source/etc/rc1.d/S01first-run new file mode 120000 index 0000000..e24a808 --- /dev/null +++ b/freedom-maker/source/etc/rc1.d/S01first-run @@ -0,0 +1 @@ +../init.d/first-run
\ No newline at end of file diff --git a/freedom-maker/source/etc/rc2.d/S01first-run b/freedom-maker/source/etc/rc2.d/S01first-run new file mode 120000 index 0000000..e24a808 --- /dev/null +++ b/freedom-maker/source/etc/rc2.d/S01first-run @@ -0,0 +1 @@ +../init.d/first-run
\ No newline at end of file diff --git a/freedom-maker/source/etc/rc2.d/S50proxy b/freedom-maker/source/etc/rc2.d/S50proxy new file mode 120000 index 0000000..9855df4 --- /dev/null +++ b/freedom-maker/source/etc/rc2.d/S50proxy @@ -0,0 +1 @@ +../init.d/proxy
\ No newline at end of file diff --git a/freedom-maker/source/etc/resolv.conf b/freedom-maker/source/etc/resolv.conf new file mode 100644 index 0000000..af9304d --- /dev/null +++ b/freedom-maker/source/etc/resolv.conf @@ -0,0 +1,2 @@ +nameserver 208.67.222.222 +nameserver 208.67.220.220 diff --git a/freedom-maker/source/etc/sysctl.conf b/freedom-maker/source/etc/sysctl.conf new file mode 100644 index 0000000..916e972 --- /dev/null +++ b/freedom-maker/source/etc/sysctl.conf @@ -0,0 +1,5 @@ +# Reduce writes to flash drives +vm.laptop_mode=5 +vm.swappiness=0 +vm.dirty_writeback_centisecs=1500 +vm.dirty_expire_centisecs=1500 diff --git a/freedom-maker/source/etc/udev/rules.d/75-persistent-net-generator.rules b/freedom-maker/source/etc/udev/rules.d/75-persistent-net-generator.rules new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/freedom-maker/source/etc/udev/rules.d/75-persistent-net-generator.rules |