wiki:WikiStart

Context Navigation

Version 19 (modified by huub, 15 years ago) ( diff )
--

Welcome to the Proxy Factory project

Objective

The aim of this project is to build a 'factory' based on Nanobsd to generate proxy images, similar to the 'nodefactory' that is used for generating node-images. We will try to incorporate the results of the Hogeschool Leiden project 'generic proxy'.

Functionality

proxy server for internet browsing from wleiden.net (no access to local subnet if present), e.g. tinyproxy
name server for wleiden.net, e.g. nsd
ntpd for wleiden.net
sshd for administrative use
snmpd for monitoring
no browsing from wleiden.net of local webserver(s)
access to wleiden.net from local network
SSH tunnel to dellas (backdoor)

Previous (and other ongoing) work

Basic work on configuration of a proxy-PC has been done by Dennis, see http://svn.wirelessleiden.nl/svn/projects/proxy/.

There is also a howto-description for building proxy-images on the basis of the (outdated) FreeBSD6.0 configuration: http://svn.wirelessleiden.nl/svn/projects/proxy/proxy_op_soekris.txt.

Recently Richard has provided some notes on building a proxy for a Soekris-compact flash card: http://svn.wirelessleiden.nl/svn/projects/proxy/2.0/

Hogeschool Leiden is carrying out the GenericProxy project, see also Generic Proxy project website.

Approach

Files will be stored in a dedicated svn directory.

We will use the NodeFactory as the basis for this project, based on nanobsd, but build on FreeBSD-8.0. Tinyproxy, ntpd, sshd, snmpd are already included in the packagelist.

rebuilding the nodefactory on the basis of FreeBSD-8.0 No surprises here. We do not need the patches to the driver modules, only usbdevs.patch is still required.
kernel configuration needs some adjustments for 8.0. notably following options should be commented out:
- # options CLK_USE_I8254_CALIBRATION
- # options ADAPTIVE_GIANT # Giant mutex is adaptive.
- # device wlan_scan_ap # 802.11 AP mode scanning.
- # device wlan_scan_sta # 802.11 STA mode scanning.
- # device ppp # Kernel PPP
- # device ugen # Generic
- # device sio

adjustments of nanobsd.wleiden config file (required for kernel to build): add the option NANO_PARALLEL_MAKE="1"

Building a Proxy Factory

Please note that you can find the supporting files in the subdirectory nanobsd. Also keep a close look at the INFO WARN ERR directives as they guide you trough the common pitfalls of the guide.

A. Setup a FreeBSD host

WARN: Make sure /usr is at least 5GB in size building as building images require quite some space
WARN: Make sure you install the i386 release of FreeBSD also when your system does support amd64, as cross compiling can give some nasty surprises

Get yourself a fresh i386 freebsd host with ports and subversion installed as follows:

A.1. Run the basic CD installer of 8.0.

The procedure below has been tested with 8.0-RELEASE (standard developer install - no ports - will fit our needs). Installing FreeBSD is outside the scope of this document, take a look into the FreeBSD handbook Chapter 2 Installing FreeBSD if you do not know the details.

Please do mind that all commands below need to be executed as root, due to the many mounts and unmounts done in various phases.

Internet connection is required.

Set correct date/time, e.g.
$ ntpdate -s pool.ntp.org

A.2. get latest sources

$ csup  -h cvsup.nl.freebsd.org /usr/share/examples/cvsup/standard-supfile

A.3 fetch ports
$ portsnap fetch extract

A.4 set some usefull variables

Edit the shell configuration file .cshrc:
vi /root/.cshrc
check whether ftp is set to passive mode, to avoid potential firewall issues:
setenv FTP_PASSIVE_MODE YES
set a default password for the images that you will produce
setenv CFG_ROOT_PASSWORD [default password]
and define the svn download directory:
setenv R /root/nanobsd

A.5. install subversion . NOTE: Install all packages via ports to prevent issues later on!
$ cd /usr/ports/devel/subversion; make install clean BATCH=yes

A.6. OPTIONAL, every developer has his own preferences, these are mine ;-)

$ (cd /usr/ports/editors/vim-lite; make install clean BATCH=yes)
$ (cd /usr/ports/security/sudo; make install clean BATCH=yes)
$ (cd /usr/ports/sysutils/screen; make install clean BATCH=yes)

B. Build environment

B.1 Download the environment from the Wireless Leiden svn repository
$ 
$ svn checkout http://svn.wirelessleiden.nl/svn/projects/proxy/2.0/nanobsd/nanobsd $R
$ cd $R
Note: if svn is not found: svn is in /usr/local/bin, alternatively log out and in, or use rehash in a csh shell to make it available.

B.2. Compile all required packages using
$ /root/nanobsd/tools/package-build.sh

About Trac

TracGuide -- Built-in Documentation
The Trac project -- Trac Open Source Project
Trac FAQ -- Frequently Asked Questions
TracSupport -- Trac Support

For a complete list of local wiki pages, see TitleIndex.

Note: See TracWiki for help on using the wiki.

Download in other formats:

Plain Text