2. Basic configuration - Sample file
:::[ Sample file ]:::
:::[ Remarks ]:::

Sample configuration file

Contents of the sample file "base.txt" in folder "config":

#------------------------------------------------------------------------------
# General settings:
#------------------------------------------------------------------------------
HOSTNAME='fli4l'                # name of fli4l router
PASSWORD='fli4l'                # password for telnetd, ftpd, sshd, and samba
MOUNT_BOOT='rw'                 # mount boot device (floppy): ro, rw, no

RAMSIZE='2048'                  # size of ramdisk for unzipped opt.tgz
MOUNT_OPT='ro'                  # mount opt device: ro, rw
PART_OPT='hda2'                 # location of opt-files? ram1 or disk-partition
UPDATE_MODE='full'              # add, cfg, full, none, see documentation

#------------------------------------------------------------------------------
# Ethernet card drivers:
# uncomment your ethernet card
#------------------------------------------------------------------------------
ETH_DRV_N='1'                   # number of ethernet drivers to load, usually 1
#ETH_DRV_1='3c505'              # 3COM Etherlink Plus (3c505)
#ETH_DRV_1='3c507'              # 3COM Etherlink 16 (3c507)
#ETH_DRV_1='3c509'              # 3COM EtherLinkIII (3c509)
#ETH_DRV_1='3c515'              # 3COM EtherLink XL ISA (3c515)
#ETH_DRV_1='3c59x'              # 3COM Vortex/Boomerang 3c59x,3c900,3c905
#ETH_DRV_1='82596'              # Apricot Xen-II on board Ethernet
#ETH_DRV_1='8390 3c503'         # 3COM EtherLinkII (3c503)
#ETH_DRV_1='8390 cs89x0'        # CRYSTAL LAN CS8900/CS8920
#ETH_DRV_1='8390 e2100'         # Cabletron E21xx ISA
#ETH_DRV_1='8390 hp'            # HP PCLAN (27245, 27xxx) ISA
#ETH_DRV_1='8390 hp-plus'       # HP PCLAN+ (27247B and 27252A) ISA
ETH_DRV_1='8390 ne'             # NE2000 ISA clone
#ETH_DRV_1='8390 ne2k-pci'      # NE2000 PCI clone (Realtek 8019/8029)
#ETH_DRV_1='8390 smc-ultra'     # SMC ULTRA
#ETH_DRV_1='8390 wd'            # SMC WD80*3
#ETH_DRV_1='at1700'             # AT1700 (Fujitsu 86965) ISA
#ETH_DRV_1='de4x5'              # Digital DE425, DE434, DE435, DE450, DE500
#ETH_DRV_1='depca'              # DEPCA, DE10x, DE200, DE201, DE202, DE422
#ETH_DRV_1='dgrs'               # Digi International RightSwitch PCI/EISA
#ETH_DRV_1='dmfe'               # DM9102 compatible PCI cards from Davicom
#ETH_DRV_1='elp486'             # ISA: (NEW) Intel Professional Workstation/panther 82596
#ETH_DRV_1='eepro'              # Intel EtherExpress Pro/10
#ETH_DRV_1='pci-scan eepro100'  # Intel EtherExpressPro PCI 10+/100B/100+ (NEW)
#ETH_DRV_1='eexpress'           # EtherExpress16 ISA
#ETH_DRV_1='epic100'            # SMC EPIC/100 (EtherPower II) PCI
#ETH_DRV_1='eth16i'             # ICL EtherTeam 16i/32
#ETH_DRV_1='ewrk3'              # EtherWORKS 3 ISA (DE203, DE204, DE205)
#ETH_DRV_1='hp100'              # HP 10/100VG PCLAN (ISA, EISA, PCI)
#ETH_DRV_1='lance'              # AMD LANCE and PCnet (AT1500, NE2100) ISA
#ETH_DRV_1='old_tulip'          # Old DECchip Tulip (dc21x4x) PCI
#ETH_DRV_1='pcnet32'            # AMD PCI PCnet32
#ETH_DRV_1='rtl8139'            # RealTek 8129/8139 (not 8019/8029!) PCI
#ETH_DRV_1='sis900'             # SiS 900/7016
#ETH_DRV_1='tlan'               # TI ThunderLAN (Compaq Netelligent ...)
#ETH_DRV_1='tulip'              # DECchip Tulip (dc21x4x) PCI
#ETH_DRV_1='pci-scan natsemi'   # Nat Semi (NEW)
#ETH_DRV_1='pci-scan starfire'  # Starfire (NEW)
#ETH_DRV_1='pci-scan via-rhine' # PCI: VIA Rhine PCI (3043, VT86c100A, dfe-530tx) (NEW)
#ETH_DRV_1='pci-scan winbond-840'   # Winbond 840 (NEW)
#ETH_DRV_1='lanstreamer'        # Token Ring: IBM Auto LANStreamer PCI Adapter
#ETH_DRV_1='olympic'            # Token Ring: IBM cards (Pit/Pit-Phy/Olympic)
#ETH_DRV_1='ibmtr'              # Token Ring: IBM 16/4
#ETH_DRV_1='8390 pcnet_cs'      # PCMCIA: NS8390-based cards (NE2000, DLINK etc)
#ETH_DRV_1='3c574_cs'           # PCMCIA: 3Com 574
#ETH_DRV_1='3c575_cs'           # PCMCIA: 3Com 575 (NEW)
#ETH_DRV_1='3c589_cs'           # PCMCIA: 3Com 589
#ETH_DRV_1='airo'               # PCMCIA: Airo 4500 & 4800 series cards (NEW)
#ETH_DRV_1='airo_cs'            # PCMCIA: Airo 4500 & 4800 series cards (NEW)
#ETH_DRV_1='eepro100_cb'        # PCMCIA: EtherExpress Pro 100 (NEW)
#ETH_DRV_1='epic_cb'            # PCMCIA: SMC 83c170 EPIC/100 (NEW)
#ETH_DRV_1='ibmtr_cs'           # PCMCIA: IBM Token Ring (NEW)
#ETH_DRV_1='netwave_cs'         # PCMCIA: Netwave AirSurfer Wireless LAN
#ETH_DRV_1='nmclan_cs'          # PCMCIA: New Media Ethernet LAN
#ETH_DRV_1='pcnet_cs'           # PCMCIA: NS8390 Based cards (NEW)
#ETH_DRV_1='ray_cs'             # PCMCIA: Raylink wireless cards (NEW)
#ETH_DRV_1='smc91c92_cs'        # PCMCIA: SMC91c92-based cards
#ETH_DRV_1='tulip_cb'           # PCMCIA: DEC 21040-family cards (NEW)
#ETH_DRV_1='wavelan_cs'         # PCMCIA: WaveLAN
#ETH_DRV_1='wavelan2_cs'        # PCMCIA: WaveLAN2
#ETH_DRV_1='wvlan_cs'           # PCMCIA: Lucent WaveLAN/IEEE 802.11 (NEW)
#ETH_DRV_1='xirc2ps_cs'         # PCMCIA: Xircom: CE2, CEM28, CEM33, or CE3

ETH_DRV_1_OPTION=''             # additional option, e.g. 'io=0x340' for ne

#------------------------------------------------------------------------------
# Ether networks used with IP protocol:
#------------------------------------------------------------------------------
IP_ETH_N='1'                        # number of ip ethernet networks, usually 1
IP_ETH_1_NAME=''                    # optional: other device name than ethX
IP_ETH_1_IPADDR='192.168.6.1'       # IP address of your n'th ethernet card
IP_ETH_1_NETWORK='192.168.6.0'      # network of your LAN
IP_ETH_1_NETMASK='255.255.255.0'    # netmask of your LAN

#------------------------------------------------------------------------------
# Additional routes, optional
#------------------------------------------------------------------------------
IP_DEFAULT_GATEWAY=''               # normally not used, read documentation!
IP_ROUTE_N='0'                      # number of additional routes
IP_ROUTE_1='192.168.7.0 255.255.255.0 192.168.6.99' # network netmask gateway

#------------------------------------------------------------------------------
# Masquerading:
#------------------------------------------------------------------------------
MASQ_NETWORK='192.168.6.0/24'       # networks to masquerade (e.g. our LAN)
MASQ_MODULE_N='1'                   # load n masq modules (default: only ftp)
MASQ_MODULE_1='ftp'                 # ftp
MASQ_MODULE_2='h323'                # h323 (netmeeting)
MASQ_MODULE_3='icq'                 # icq (use with caution!)
MASQ_MODULE_4='irc'                 # irc
MASQ_MODULE_5='raudio'              # raudio
MASQ_MODULE_6='vdolive'             # vdolive
MASQ_MODULE_7='quake'               # quake
MASQ_MODULE_8='cuseeme'             # cuseeme
MASQ_MODULE_9='mms'                 # MSN-Filetransfer
MASQ_MODULE_10='pptp'               # pptp
MASQ_MODULE_11='ipsec'              # ipsec
MASQ_MODULE_12='dplay'              # dplay (direct play)
MASQ_MODULE_13='msn-0.02'           # msn zone (use version 0.01 or 0.02)
MASQ_MODULE_14='udp_dloose'         # pseudo mod: some internet games need it

MASQ_FTP_PORT_N='0'                 # using ftp masq-module on different ports
MASQ_FTP_PORT_1='21'                # standard ftp port
MASQ_FTP_PORT_2='2121'              # additional port

#------------------------------------------------------------------------------
# Optional package: PORTFW
#
# If you set OPT_PORTFW='yes', you can also edit opt/etc/portfw.sh
#------------------------------------------------------------------------------
OPT_PORTFW='no'                     # install port forwarding tools/modules
PORTFW_N='0'                        # how many portforwardings to set up
PORTFW_1='8080 192.168.6.15:80 tcp' # sample 1: forward ext. port 8080 to int.
                                    # host 192.168.6.15 to port 80 (use tcp)
PORTFW_2='3000-3010 192.168.6.15 tcp' # sample 2: forward portrange to int. host
                                    # 192.168.5.15 (use tcp)

#------------------------------------------------------------------------------
# Routing without masquerading
#------------------------------------------------------------------------------
ROUTE_NETWORK=''                    # optional: route from/to network, no masq

#------------------------------------------------------------------------------
# Routing: internal hosts to deny forwarding
#------------------------------------------------------------------------------
FORWARD_DENY_HOST_N='0'             # number of denied hosts
FORWARD_DENY_HOST_1='192.168.6.5'   # optional: 1st denied host
FORWARD_DENY_HOST_2='192.168.6.6'   # optional: 2nd denied host

#------------------------------------------------------------------------------
# Routing: ports to reject/deny forwarding (from inside and outside!)
#------------------------------------------------------------------------------
FORWARD_DENY_PORT_N='1'                 # no. of ports to reject/deny forwarding
FORWARD_DENY_PORT_1='137:139    REJECT' # deny/reject forwarding of netbios

#------------------------------------------------------------------------------
# Firewall: ports to reject/deny from outside (all served ports)
#
# here we leave two ports untouched:
#
#  53 dns
# 113 auth
#------------------------------------------------------------------------------
FIREWALL_DENY_PORT_N='6'                # no. of ports to reject/deny
FIREWALL_DENY_PORT_1='0:52      REJECT' # privileged ports: reject or deny
FIREWALL_DENY_PORT_2='54:112    REJECT' # privileged ports: reject or deny
FIREWALL_DENY_PORT_3='114:1023  REJECT' # privileged ports: reject or deny
FIREWALL_DENY_PORT_4='5000:5001 REJECT' # imond/telmond ports: reject or deny
FIREWALL_DENY_PORT_5='8000      REJECT' # proxy access: reject or deny
FIREWALL_DENY_PORT_6='20012     REJECT' # vbox server access: reject or deny

FIREWALL_DENY_ICMP='no'                 # deny icmp (ping): yes or no
FIREWALL_LOG='yes'                      # log access to rejected/denied ports

#------------------------------------------------------------------------------
# Domain configuration:
#------------------------------------------------------------------------------
START_DNS='yes'                     # start dns server: yes or no
DNS_FORWARDERS='192.76.144.66'      # DNS servers of your provider, e.g. MSN
DNS_VERBOSE='no'                    # log queries in /usr/local/ens/ens.log
DOMAIN_NAME='lan.fli4l'             # your domain name
DNS_FORBIDDEN_N='0'                 # number of forbidden domains
DNS_FORBIDDEN_1='foo.bar'           # 1st forbidden domain
DNS_FORBIDDEN_2='bar.foo'           # 2nd forbidden domain
HOSTS_N='4'                         # number of hosts in your domain
HOST_1='192.168.6.1 fli4l'          # 1st host: ip and name
HOST_2='192.168.6.2 client2'        # 2nd host: ip and name
HOST_3='192.168.6.3 client3'        # 3rd host: ip and name
HOST_4='192.168.6.4 client4'        # 4th host: ip and name

#------------------------------------------------------------------------------
# Special DNS configuration
#------------------------------------------------------------------------------
DNS_N='0'                           # number of special dns servers, normally 0
#DNS_1='company.com 192.168.1.12'      # 1st special dns server for company.com
#DNS_2='lan.company.com 192.168.2.12'  # 2nd special dns server for lan.company.com

#------------------------------------------------------------------------------
# imond configuration:
#------------------------------------------------------------------------------
START_IMOND='yes'                   # start imond: yes or no
IMOND_PORT='5000'                   # TCP-Port, see also FIREWALL_DENY_PORT_x!
IMOND_PASS=''                       # imond-password, may be empty
IMOND_ADMIN_PASS=''                 # imond-admin-password, may be empty
IMOND_LED=''                        # tty for led: com1 - com4 or empty
IMOND_BEEP='no'                     # beep if connection going up/down
IMOND_LOG='no'                      # log /var/log/imond.log: yes or no
IMOND_LOGDIR='/var/log'             # log-directory, e.g. /var/log
IMOND_ENABLE='yes'                  # accept "enable/disable" commands
IMOND_DIAL='yes'                    # accept "dial/hangup" commands
IMOND_ROUTE='yes'                   # accept "route" command
IMOND_REBOOT='yes'                  # accept "reboot" command

#------------------------------------------------------------------------------
# Generic circuit configuration:
#------------------------------------------------------------------------------
IP_DYN_ADDR='yes'                   # use dyn. ip addresses (most providers do)
DIALMODE='auto'                     # standard dialmode: auto, manual, or off

#------------------------------------------------------------------------------
# optional package: syslogd
#------------------------------------------------------------------------------
OPT_SYSLOGD='no'                    # start syslogd: yes or no
SYSLOGD_DEST_N='1'                  # number of destinations
SYSLOGD_DEST_1='*.* /dev/console'   # n'th prio & destination of syslog msgs
SYSLOGD_DEST_2='*.* @192.168.6.2'   # example: loghost 192.168.6.2
SYSLOGD_DEST_3='kern.info /var/log/dial.log'    # example: log infos

#------------------------------------------------------------------------------
# optional package: klogd
#------------------------------------------------------------------------------
OPT_KLOGD='no'                      # start klogd: yes or no

#------------------------------------------------------------------------------
# optional package: y2k correction
#------------------------------------------------------------------------------
OPT_Y2K='no'                        # y2k correction: yes or no
Y2K_DAYS=''                         # correct hardware Y2K-Bug: add x days

#------------------------------------------------------------------------------
# Optional package: PNP
#------------------------------------------------------------------------------
OPT_PNP='no'                        # install isapnp tools: yes or no
[ top ]

Please obey the following: This file has to be stored in DOS format. That means, it contains an additional carriage return (CR) at the end of each line. Since most UNIX editors will not encounter any problems with this format, I decided to use this format. On the other hand there is no chance for Windows Notepad when there are no CRs!

If there are (I donīt know why it should, but....) any problems with Unix/Linux editors, you may use the following command before editing the file. It will convert it to Unix format:

sh unix/dtou config.txt

When you create a boot floppy disk it is not important, if the file contains any CRs at ends of lines or not. All CRs will be completely ignored when the file is written to boot disk.

[ top ]