Should we include dnsmasq and ipmasq in FoxyRoxy? (done)

Hey, I've got a great idea. If we just ....

Should we include dnsmasq and ipmasq in FoxyRoxy? (done)

Postby saintless » Sat Sep 08, 2012 7:19 pm

Do you think we should include dnsmasq and ipmasq in FoxyRoxy?

They can be useful if someone (like me) likes to share internet connection with second eth card between two computers.

I also see ipmasq is no longer in Debian Squeezy repository and apt-get says it is obsolete or removed. I personally will not have troubles to install them if I need them later, but since FoxyRoxy has many network capabilities maybe those packages will be useful.

What do you think?

Cheers, Toni
User avatar
saintless
 
Posts: 246
Joined: Sat Jul 14, 2012 7:01 am
Location: Bulgaria

Re: Should we include dnsmasq and ipmasq in FoxyRoxy?

Postby jbv » Sat Sep 08, 2012 8:37 pm

Hi Toni,

On more than one occasion, I have given this a little thought.
Each and every time, I always make the same decision. ... No.

My reasoning is that to me, the primary function of FoxyRoxy is to be a slick file and media server. For a home based server, it is going to be managing a huge array of disks. In my instance there will be 15 hard drives and now that 3Tb drives are becoming the norm, this will mean 45Tb of data.

While FoxyRoxy has nice networking capabilities, these are all "open", unlocked, and very easy to get to.
Out of the box, FoxyRoxy makes accessing everything as easy and simple as it possibly can.
In most if not all instances, you don't need to do anything to connect to FoxyRoxy and I really want it to stay that way.

FoxyRoxy has not really been conceived as a Forward Facing machine. It is intended to be used as a home server. This means that instead of trying to hide from other machines on your network, it sits in your network and happily screams to everyone "Here I am, please connect to me".

Unfortunately it can't do that if we start putting in a heap of security stuff.

It is expected that FoxyRoxy is sitting behind your firewall and/or router, and that these devices provide the security and protection from the mean horrible world outside. I do understand that in different parts of the world, things work differently, and some stuff that is relatively low cost here aren't elsewhere. I also understand that in some parts of the world, peoples internet connections and services are different, although I still think there are better ways to do what you are asking about.

For internet connection sharing, there are things like the Linux Router Project. Although when you can buy a complete ADSL2+ modem, firewall/router with 4 Ethernet ports for under $50 from a variety of 1st tier manufacturers, I have to ask why bother?

Whoops, I've just seen that LRP is no more - how sad, although in a way, it proves my point.

If you can get and install what you require, then I suggest/ask you to do that.

Cheers, Brenton
jbv
 
Posts: 600
Joined: Sat Jul 14, 2012 2:02 am
Location: Sydney, Australia

Re: Should we include dnsmasq and ipmasq in FoxyRoxy?

Postby jbv » Sat Sep 08, 2012 8:50 pm

Woo-Hoo ... Have a look at this little gem <Firestarter>

Then open my new best mate (the quick-console in our TaskBar) and type apt-get firestarter
When it has finished installing have a look in [Taskbar Menu] --> [Administration] :)

Instant network connection management with Internet Connection sharing, Firewall management, and a really pretty GUI that matches our look and feel.

It can even be setup so that the GUI minimizes to our Tray when you close it
[Edit] --> [Preferences] --> (Interface) --> Minimize to tray on window close

Extra Bonus points .... It's got documentation <fx:yippee>

Job done. Problem Solved. Item Closed. :lol:

Man, that was the toughest hours work I've done in ages :)

Cheers, Brenton
jbv
 
Posts: 600
Joined: Sat Jul 14, 2012 2:02 am
Location: Sydney, Australia

Re: Should we include dnsmasq and ipmasq in FoxyRoxy?

Postby KazzaMozz » Sat Sep 08, 2012 10:30 pm

Hi Brenton
crap can't wait to get back and try this out ....................most of to-day will be spent packing up and cleaning ho-hum

This will be awesome, I'm going to take a peek at it now.
Cheers
User avatar
KazzaMozz
 
Posts: 332
Joined: Tue Aug 21, 2012 9:59 pm
Location: Australia

Re: Should we include dnsmasq and ipmasq in FoxyRoxy?

Postby jbv » Sat Sep 08, 2012 10:46 pm

Okay, I've just finished the second toughest hours work I've ever done.

Before the support calls start flooding in, this is what you will notice after doing the apt-get ;)

You will see some messages about something not being right during the update-rc.d phase which is the last part of the apt-get install process. Ignore those. I had a quick look and couldn't see anything wrong.

The next thing you will notice is that after doing the install XFE won't start.
This is because something messed up what "flipper" had done. I'll have this sorted soon. For now, just shutdown the desktop, logout (type exit), login again and "flipper" will "flip" everything again and all will be well in the world :)

Now you will need to configure Firestarter.
[TaskBar Menu] --> [Administration] --> [Firestarter]

The Firestarter setup/configuration wizard will run.
Follow it somewhat carefully.
Be very careful to not just click-through.
On the very first screen, make sure you tick the check-box if your machine does get it's IP via DHCP. Note: you can always re-run the wizard later if you need to, it is the first option in the [Firewall] pull-down menu

After you've done the wizard thing,

Open the preferences window on the [Status] tab.
On the Interface page, turn on both options
You should be able to leave the other stuff alone, but have a look and season to taste.

Go to the [Policy] Tab
You need to start opening stuff up, so select "Inbound traffic policy" in the Editing combo-box
Click on the Allow connections from host frame
Click the [Add Rule] button
Enter the IP addresses you are going to allow.

Note: If your internal network has an address of 192.168.0.x and you want every machine in this network to access your FoxyRoxy machine you would enter 192.168.0.1/24 here

Click on the Allow service frame
Click the [Add Rule] button
You now need to add all of the services and/or ports you are going to allow.

If you have Connection Sharing (which I don't) I think you then do the same sort of thing in the Forward Service frame which is grayed out if you don't have ICS enabled.

After this, you should Apply the changes.
If like me, you enabled immediate policy changes in the preferences, you won't see the big Green Tick to Apply changes.

Flip back to the Status tab.
Have a look in your TaskBar. Just to the left of the volume control and our quick-console, you should see a new icon.
This is the "notification" area, and it is possible that this is the first time you have seen anything there.
If you see a Red "stop" Button, it means that Firestarter is "stopped or disabled"
If you see a Blue "play" button, it means that Firestarter is "running or active"
If it is "disabled" you can start it from the button in the programs Ribbon Bar or from the [Firewall] pull-down menu.

If you close the Firestarter font-end by [Firewall]-->[quit] or Ctrl-Q, the notification area icon is also removed.
If you want to leave the icon in the notification area, in addition to enabling it in preferences, you need to close the screen by either clicking icon in the notification area or using the x in the top right corner of the programs window frame.

Important note: If you have a Realtek network card which requires firmware to be loaded during start-up, then FoxyRoxy does this auto-magically. However, some programs such as miniDLNA and it seems Firestarter, get confused by this. What happens is that during initialisation the system thinks everything is fine and dandy and in a way it is. All of the network services and everything are up and running, but your network card is still sorting itself out with it's new firmware. Where this starts to get a little messy is when your network card gets its IP address by DHCP (another machine).

99 times out of 101 this all just works, but some packages (such as miniDLNA and Firestarter) get confused by it all and won't start, so the "Service" will "fail" at startup. The reason for this is that they are expecting that the machine has a valid IP address, because the network startup stuff which has already finished, has told them that everything is fine and ready to rock. Well, it is ... sort of, except we don't have a valid IP address yet ... :o

Being a little smarter than the Average Bear, FoxyRoxy has a fix for this, but you need to make a "tweak" to the startup script that lives in /etc/init.d and starts the packages service. The "tweaked" startup script for Firestarter is below.

The easiest way to replace the standard script is as follows.
Download the file below and unpack it into /tmp
Install Firestarter, go though the setup/configuration etc.
Then save the package with 95-create
Then reload the 95-snap file with 95-load
Then copy /tmp/firestarter into /tmp/sqf-snap/etc/init.d
Then save 95-snap with 95-save

On system restart the new startup script will be in /etc/init.d and the service will not fail.

Side Note:
If you do not have enough RAM to load/save the .sqf's into /tmp, then you should have a native Linux disk partition somewhere.
You can always (read should have) created a working directory for FoxyRoxy on a native Linux disk partition to pack/unpack stuff.
2Gb is more than enough space. Once you have created that directory, you should have run the 99-setdirs script as explained <here>.
The correct technique is to type source 99-setdirs<enter>

Closing Note:
Here endeth the support for Firestarter and/or any other form of Routing/firewalling/InternetConnectionSharing

Can we consider this one as being (done) ? :)

[Edit] As there is now an Addon for Firestarter, the replacement startup script has been removed as it is included in the Addon.
jbv
 
Posts: 600
Joined: Sat Jul 14, 2012 2:02 am
Location: Sydney, Australia

Re: Should we include dnsmasq and ipmasq in FoxyRoxy?

Postby saintless » Sun Sep 09, 2012 6:16 am

Hi, Brenton,
I agree with you, this matter is solved :)
Thanks for the Firestarter pointers. I also apt-got it and it adds 32 Mb to FoxyRoxy. While it has very convenient configuration I prefer to find a way to do this without adding using much hard drive space.
This is what I like to test first and see if it works well for my needs:
http://www.debian-administration.org/articles/23
It is only a script which could be run on boot and do the job.

Cheers, Toni
User avatar
saintless
 
Posts: 246
Joined: Sat Jul 14, 2012 7:01 am
Location: Bulgaria

Firestarter is available in the Addons section of our Forum

Postby jbv » Wed Sep 12, 2012 4:50 am

Firestarter can now be found in the FoxyRoxyLinux - Addons section of our forum.
jbv
 
Posts: 600
Joined: Sat Jul 14, 2012 2:02 am
Location: Sydney, Australia


Return to Could we, Should we ?



Who is online

Users browsing this forum: No registered users and 2 guests

cron