ZeroShell FW4L
From Koala
Contents
Installazione di ZeroShell firewall su Koala FW4L
KOALA MINI PC a basso consumo e con Linux preinstallato
Questo test è stato effettuato con la configurazione più completa possibile:
- 2GB RAM
- 4 LAN Gigabit 10/100/1000 (tutte onboard)
- 1 Wifi Atheros
Zeroshell 3.0
Zeroshell è una distribuzione Linux per server e dispositivi embedded creata e gestita da Fulvio Ricciardi, il cui scopo è fornire i principali servizi di rete di cui una LAN necessita. È disponibile nel formato di Live CD o di immagine per Compact Flash ed è configurabile ed amministrabile tramite un browser web.
Zeroshell non è basata su di una distribuzione già esistente così come per esempio Knoppix è basata su Debian. L'autore ha ricompilato tutto il software di cui è composta la distribuzione partendo dai sorgenti ottenuti in formato tar.gz o tar.bz2. Anche il compilatore gcc e le glibc della GNU sono stati compilati partendo dai sorgenti ed hanno poi subito la cosiddetta fase di bootstrap in cui hanno ricompilato se stessi più volte. Ciò è stato necessario per ottimizzare il compilatore ed eliminare ogni dipendenza dalle glibc del sistema da cui si è effettuata la prima compilazione. Si dice infatti che nessun compilatore può essere compilato meglio che da se stesso.
Download
- Sezione download del sito Zeroshell : http://www.zeroshell.net/download
- L'immagine ISO utilizzata per il nostro test è la Zeroshell-3.0.0
http://mirror.switch.ch/ftp/mirror/zeroshell/ZeroShell-3.0.0.iso
Boot di sistema
Log del boot di sistema e riconoscimento di tutte le periferiche senza problemi.
dmesg
lspci -v
00:00.0 Host bridge: Intel Corporation Atom Processor D2xxx/N2xxx DRAM Controller (rev 04) Subsystem: Intel Corporation: Unknown device 1999 Flags: bus master, fast devsel, latency 0 00:02.0 VGA compatible controller: Intel Corporation Atom Processor D2xxx/N2xxx Integrated Graphics Controller (rev 0b) (prog-if 00 [VGA controller]) Subsystem: Intel Corporation: Unknown device 1999 Flags: bus master, fast devsel, latency 0, IRQ 11 Memory at df900000 (32-bit, non-prefetchable) [size=1M] I/O ports at f0f0 [size=8] Expansion ROM at <unassigned> [disabled] Capabilities: [d0] Power Management version 2 Capabilities: [b0] #09 [0107] Capabilities: [90] Message Signalled Interrupts: 64bit- Queue=0/0 Enable- 00:1b.0 Audio device: Intel Corporation NM10/ICH7 Family High Definition Audio Controller (rev 02) Subsystem: Jetway Information Co., Ltd.: Unknown device a625 Flags: bus master, fast devsel, latency 0, IRQ 10 Memory at dff00000 (64-bit, non-prefetchable) [size=16K] Capabilities: [50] Power Management version 2 Capabilities: [60] Message Signalled Interrupts: 64bit+ Queue=0/0 Enable- Capabilities: [70] #10 [0091] 00:1c.0 PCI bridge: Intel Corporation NM10/ICH7 Family PCI Express Port 1 (rev 02) (prog-if 00 [Normal decode]) Flags: bus master, fast devsel, latency 0 Bus: primary=00, secondary=01, subordinate=01, sec-latency=0 I/O behind bridge: 00001000-00001fff Memory behind bridge: dfe00000-dfefffff Prefetchable memory behind bridge: 0000000080000000-0000000080100000 Capabilities: [40] #10 [0141] Capabilities: [80] Message Signalled Interrupts: 64bit- Queue=0/0 Enable+ Capabilities: [90] #0d [0000] Capabilities: [a0] Power Management version 2 00:1c.1 PCI bridge: Intel Corporation NM10/ICH7 Family PCI Express Port 2 (rev 02) (prog-if 00 [Normal decode]) Flags: bus master, fast devsel, latency 0 Bus: primary=00, secondary=02, subordinate=02, sec-latency=0 I/O behind bridge: 0000e000-0000efff Memory behind bridge: dfd00000-dfdfffff Prefetchable memory behind bridge: 0000000080200000-0000000080300000 Capabilities: [40] #10 [0141] Capabilities: [80] Message Signalled Interrupts: 64bit- Queue=0/0 Enable+ Capabilities: [90] #0d [0000] Capabilities: [a0] Power Management version 2 00:1c.2 PCI bridge: Intel Corporation NM10/ICH7 Family PCI Express Port 3 (rev 02) (prog-if 00 [Normal decode]) Flags: bus master, fast devsel, latency 0 Bus: primary=00, secondary=03, subordinate=03, sec-latency=0 I/O behind bridge: 0000d000-0000dfff Memory behind bridge: dfc00000-dfcfffff Prefetchable memory behind bridge: 0000000080400000-0000000080500000 Capabilities: [40] #10 [0141] Capabilities: [80] Message Signalled Interrupts: 64bit- Queue=0/0 Enable+ Capabilities: [90] #0d [0000] Capabilities: [a0] Power Management version 2 00:1c.3 PCI bridge: Intel Corporation NM10/ICH7 Family PCI Express Port 4 (rev 02) (prog-if 00 [Normal decode]) Flags: bus master, fast devsel, latency 0 Bus: primary=00, secondary=04, subordinate=04, sec-latency=0 I/O behind bridge: 0000c000-0000cfff Memory behind bridge: dfb00000-dfbfffff Prefetchable memory behind bridge: 0000000080600000-0000000080700000 Capabilities: [40] #10 [0141] Capabilities: [80] Message Signalled Interrupts: 64bit- Queue=0/0 Enable+ Capabilities: [90] #0d [0000] Capabilities: [a0] Power Management version 2 00:1d.0 USB controller: Intel Corporation NM10/ICH7 Family USB UHCI Controller #1 (rev 02) (prog-if 00 [UHCI]) Subsystem: Intel Corporation NM10/ICH7 Family USB UHCI Controller #1 Flags: bus master, medium devsel, latency 0, IRQ 23 I/O ports at f080 [size=32] 00:1d.1 USB controller: Intel Corporation NM10/ICH7 Family USB UHCI Controller #2 (rev 02) (prog-if 00 [UHCI]) Subsystem: Intel Corporation NM10/ICH7 Family USB UHCI Controller #2 Flags: bus master, medium devsel, latency 0, IRQ 19 I/O ports at f060 [size=32] 00:1d.2 USB controller: Intel Corporation NM10/ICH7 Family USB UHCI Controller #3 (rev 02) (prog-if 00 [UHCI]) Subsystem: Intel Corporation NM10/ICH7 Family USB UHCI Controller #3 Flags: bus master, medium devsel, latency 0, IRQ 18 I/O ports at f040 [size=32] 00:1d.3 USB controller: Intel Corporation NM10/ICH7 Family USB UHCI Controller #4 (rev 02) (prog-if 00 [UHCI]) Subsystem: Intel Corporation NM10/ICH7 Family USB UHCI Controller #4 Flags: bus master, medium devsel, latency 0, IRQ 16 I/O ports at f020 [size=32] 00:1d.7 USB controller: Intel Corporation NM10/ICH7 Family USB2 EHCI Controller (rev 02) (prog-if 20 [EHCI]) Subsystem: Intel Corporation NM10/ICH7 Family USB2 EHCI Controller Flags: bus master, medium devsel, latency 0, IRQ 23 Memory at dff05000 (32-bit, non-prefetchable) [size=1K] Capabilities: [50] Power Management version 2 Capabilities: [58] #0a [20a0] 00:1e.0 PCI bridge: Intel Corporation 82801 Mobile PCI Bridge (rev e2) (prog-if 01 [Subtractive decode]) Flags: bus master, fast devsel, latency 0 Bus: primary=00, secondary=05, subordinate=05, sec-latency=32 I/O behind bridge: 0000b000-0000bfff Memory behind bridge: dfa00000-dfafffff Capabilities: [50] #0d [0000] 00:1f.0 ISA bridge: Intel Corporation NM10 Family LPC Controller (rev 02) Subsystem: Intel Corporation NM10 Family LPC Controller Flags: bus master, medium devsel, latency 0 Capabilities: [e0] #09 [100c] 00:1f.2 IDE interface: Intel Corporation NM10/ICH7 Family SATA Controller [IDE mode] (rev 02) (prog-if 8f [Master SecP SecO PriP PriO]) Subsystem: Intel Corporation NM10/ICH7 Family SATA Controller [IDE mode] Flags: bus master, 66Mhz, medium devsel, latency 0, IRQ 19 I/O ports at f0e0 [size=8] I/O ports at f0d0 [size=4] I/O ports at f0c0 [size=8] I/O ports at f0b0 [size=4] I/O ports at f0a0 [size=16] Memory at dff04000 (32-bit, non-prefetchable) [size=1K] Capabilities: [70] Power Management version 2 00:1f.3 SMBus: Intel Corporation NM10/ICH7 Family SMBus Controller (rev 02) Subsystem: Intel Corporation NM10/ICH7 Family SMBus Controller Flags: medium devsel, IRQ 19 I/O ports at f000 [size=32] 01:00.0 Network controller: Qualcomm Atheros AR9285 Wireless Network Adapter (PCI-Express) (rev 01) Subsystem: AzureWave AW-NE785 / AW-NE785H 802.11bgn Wireless Full or Half-size Mini PCIe Card Flags: bus master, fast devsel, latency 0, IRQ 16 Memory at dfe00000 (64-bit, non-prefetchable) [size=64K] Capabilities: [40] Power Management version 3 Capabilities: [50] Message Signalled Interrupts: 64bit- Queue=0/0 Enable- Capabilities: [60] #10 [0012] 02:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 06) Subsystem: Realtek Semiconductor Co., Ltd. RTL8111/8168 PCI Express Gigabit Ethernet controller Flags: bus master, fast devsel, latency 0, IRQ 45 I/O ports at e000 [size=256] Memory at dfd04000 (64-bit, prefetchable) [size=4K] Memory at dfd00000 (64-bit, prefetchable) [size=16K] Capabilities: [40] Power Management version 3 Capabilities: [50] Message Signalled Interrupts: 64bit+ Queue=0/0 Enable+ Capabilities: [70] #10 [0202] Capabilities: [b0] #11 [0003] Capabilities: [d0] Vital Product Data 03:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 06) Subsystem: Realtek Semiconductor Co., Ltd. RTL8111/8168 PCI Express Gigabit Ethernet controller Flags: bus master, fast devsel, latency 0, IRQ 46 I/O ports at d000 [size=256] Memory at dfc04000 (64-bit, prefetchable) [size=4K] Memory at dfc00000 (64-bit, prefetchable) [size=16K] Capabilities: [40] Power Management version 3 Capabilities: [50] Message Signalled Interrupts: 64bit+ Queue=0/0 Enable+ Capabilities: [70] #10 [0202] Capabilities: [b0] #11 [0003] Capabilities: [d0] Vital Product Data 04:00.0 IDE interface: ASMedia Technology Inc. ASM1061 SATA IDE Controller (rev 01) (prog-if 85 [Master SecO PriO]) Subsystem: ASMedia Technology Inc.: Unknown device 1060 Flags: bus master, fast devsel, latency 0, IRQ 44 I/O ports at c040 [size=8] I/O ports at c030 [size=4] I/O ports at c020 [size=8] I/O ports at c010 [size=4] I/O ports at c000 [size=16] Memory at dfb00000 (32-bit, non-prefetchable) [size=512] Capabilities: [50] Message Signalled Interrupts: 64bit- Queue=0/0 Enable+ Capabilities: [78] Power Management version 3 Capabilities: [80] #10 [0012] 05:04.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8169 PCI Gigabit Ethernet Controller (rev 10) Subsystem: Realtek Semiconductor Co., Ltd. RTL8169/8110 Family PCI Gigabit Ethernet NIC Flags: bus master, 66Mhz, medium devsel, latency 64, IRQ 18 I/O ports at b200 [size=256] Memory at dfa62000 (32-bit, non-prefetchable) [size=256] Expansion ROM at dfa40000 [disabled] [size=128K] Capabilities: [dc] Power Management version 2 05:06.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8169 PCI Gigabit Ethernet Controller (rev 10) Subsystem: Realtek Semiconductor Co., Ltd. RTL8169/8110 Family PCI Gigabit Ethernet NIC Flags: bus master, 66Mhz, medium devsel, latency 64, IRQ 19 I/O ports at b100 [size=256] Memory at dfa61000 (32-bit, non-prefetchable) [size=256] Expansion ROM at dfa20000 [disabled] [size=128K] Capabilities: [dc] Power Management version 2 05:07.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8169 PCI Gigabit Ethernet Controller (rev 10) Subsystem: Realtek Semiconductor Co., Ltd. RTL8169/8110 Family PCI Gigabit Ethernet NIC Flags: bus master, 66Mhz, medium devsel, latency 64, IRQ 16 I/O ports at b000 [size=256] Memory at dfa60000 (32-bit, non-prefetchable) [size=256] Expansion ROM at dfa00000 [disabled] [size=128K] Capabilities: [dc] Power Management version 2
ifconfig
ETH00 Link encap:Ethernet HWaddr 00:30:18:AC:F3:C4
inet6 addr: fe80::230:18ff:feac:f3c4/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:61 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3660 (3.5 Kb) TX bytes:468 (468.0 b)
ETH00:00 Link encap:Ethernet HWaddr 00:30:18:AC:F3:C4
inet addr:192.168.0.75 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
ETH01 Link encap:Ethernet HWaddr 00:30:18:AC:F3:C5
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
ETH02 Link encap:Ethernet HWaddr 00:30:18:AF:C9:20
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
ETH03 Link encap:Ethernet HWaddr 00:30:18:AF:C9:21
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
ETH04 Link encap:Ethernet HWaddr 00:30:18:AF:C9:22
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
VPN99 Link encap:Ethernet HWaddr 0E:05:28:42:D3:B9
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
VPN99:00 Link encap:Ethernet HWaddr 0E:05:28:42:D3:B9
inet addr:192.168.250.254 Bcast:192.168.250.255 Mask:255.255.255.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
dummy1 Link encap:Ethernet HWaddr FE:8C:DC:3B:57:54
inet addr:192.168.142.142 Bcast:192.168.142.255 Mask:255.255.255.255
inet6 addr: fe80::fc8c:dcff:fe3b:5754/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:210 (210.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:2554 errors:0 dropped:0 overruns:0 frame:0
TX packets:2554 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:371746 (363.0 Kb) TX bytes:371746 (363.0 Kb)
iwconfig
wlan0 IEEE 802.11bgn ESSID:off/any
Mode:Managed Access Point: Not-Associated Tx-Power=0 dBm
Retry long limit:7 RTS thr:off Fragment thr:off
Encryption key:off
Power Management:off
