This document is for the purpose of building in IPCop Firewall onto a MSI Axis 700 barebones PC. The firewall will also be used as a NTP time-server, Content-filtering proxy server and OpenVPN server.
Wow, can’t believe my last post was 4 months ago, well a quick tip to get me back into the blogging frame of mind. If you wish to take a drive image copy over the network, then apparently you do not have to have an nfs share available. Instead you can use ssh as follows:
$ dd if=/dev/sda bs=1M | ssh root@blah "cat > /root/disk.img"
From time to time I see the comment advocating a closed source program, with the response “as I’m not a developer it doesn’t bother me whether or not I have the source code”. I believe that that view is wrong, and that there are many occasions where non-developers will find benefit from having access to the source code.
Our Debian Lenny LTSP5 Install has hit a road block: currently the site are using a Citrix server at another location over a 256k connection to pick up their emails. I really didn’t feel that I could ask them all to collect their emails over a 256k connection, so what are the alternatives?
How to enable Apache SSL:
# a2enmod ssl
# cd /etc/apache2/
# mkdir ssl
# openssl req -new -x509 -days 3650 -nodes -out /etc/apache2/ssl/apache.pem -keyout /etc/apache2/ssl/apache.pem
# chmod 600 /etc/apache2/ssl/apache.pem
# /etc/init.d/apache2 restart
These instructions are for installing NoMachine’s NX Client for Linux on LTSP, to enable connection to a FreeNX (or NX) server from a screen script.
Following a failure of our Internet connection, I hastily cobbled together a new proxy server using my 3G modem. The reason I did not simply add the modem to our existing IPCop solution, was because IPCop currently only supports a single Red/WAN interface. The IPCop FAQs specifically warn against attempting multiple interfaces.
On Ubuntu and Debian sound on the client gets started automatically during boot by default (the distros udev and the alsa scripts will detect your soundcard and start all needed services if a soundcard was detected on your client). LDM (the default display manager we use in ltsp5) then sets up a virtual ALSA device in the users session during login. The tunnel ALSA uses as endpoint is set up through LDM by setting the PULSE_SERVER variable, it should point to the clients IP at port 4713 (check that by runing “env” in a terminal when logged in).
One of the many benefits of LTSP5 is that it does away with the need for ESD sound (or other hacks), and instead utilises Pulseaudio on the client and Alsa on the server.
The rest of this document is largely based on the following Ubuntu/Gnome instructions:
# aptitude install bootchart
# nano /boot/grub/menu.lst