Installation and Setup
I installed LEAF-Bering uClibc 2.1.1 on two separate network firewall systems:
- An old Dell PII 500 with about 128megs of RAM, a built-in 100BaseTX port, and 2 PCI 100BaseTX network cards.
- An even older Compaq P100 with about 56 megs of RAM, 2 PCI 100BaseTX network cards, and 1 ISA 10BaseT network card.
On both systems, the layout is basically the same. One network card (net zone) is connected to a cable modem and provides the Internet connection, a second card (loc zone) is connected to the local network hub or switch, and the third card (dmz zone) is connected with a crossover cable directly to a web server.
Obviously then, our new LBU firewall system's job is to allow local users to access the Internet, forward requests for web pages to the web server, and keep the bad guys out. In addition, I like to run a few other services on my firewall, such as a DHCP server and DNS caching. Fortunately, LBU handles all these requirements (plus a few others) right out of the box.
One of the best things about LBU, and the Shorewall firewall, is the excellent documentation available. Since LEAF-Bering uClibc recently evolved from plain old LEAF-Bering, the documentation is currently made up of the original LEAF-Bering installation and user's guides, and then separate LBU installation and user's guides which outline the new or changed features.
Be sure to read these guides (I printed them out) before getting started, and maybe even join the LEAF user mailing list. It's also a good idea to at least have a look at the extensive Shorewall documentation, especially the quick start guides. Once you boot the LBU floppy disk, you'll be presented with the following text-based configuration utility.
Figure 1: Configuration Menu
In addition to the documentation I mentioned earlier, there's even a brief online help system that you can access through the configuration utility, as shown below.
Figure 2: Packages Help Menu