##----------------------------------------------------------------------------- ## base.txt - fli4l configuration parameters 2.0.8 ## ## ## P L E A S E R E A D T H E D O C U M E N T A T I O N , ## S E E R E A D M E . T X T ## ## B I T T E U N B E D I N G T D I E D O K U M E N T A T I O N ## L E S E N , S I E H E R E A D M E . T X T ## ## Creation: 26.06.2001 fm ## Last Update: $Id: base.txt,v 1.20.2.8 2002/12/02 15:21:02 rresch Exp $ ## ## Copyright (c) 2001-2002 Frank Meyer ## ## This program is free software; you can redistribute it and/or modify ## it under the terms of the GNU General Public License as published by ## the Free Software Foundation; either version 2 of the License, or ## (at your option) any later version. ##----------------------------------------------------------------------------- #------------------------------------------------------------------------------ # General settings: #------------------------------------------------------------------------------ HOSTNAME='fli4l' #name of fli4l router PASSWORD='xyzPasswort' #password for telnetd, ftpd and sshd MOUNT_BOOT='rw' #mount boot device (floppy): ro, rw, no RAMSIZE='' #size of ramdisk for unzipped opt.tgz # the variables MOUNT_OPT, PART_OPT and UPDATE_MODE will be ignored if # RAMSIZE is not empty. see docu MOUNT_OPT='rw' #mount opt device: ro, rw PART_OPT='hda2' #location of opt-files? ram1 or disk-partition UPDATE_MODE='full' #add, cfg, full, none, see documentation #------------------------------------------------------------------------------ # Ethernet card drivers: # uncomment your ethernet card #------------------------------------------------------------------------------ ETH_DRV_N='1' #number of ethernet drivers to load, usually 1 #ETH_DRV_1='3c505' # ISA: 3COM Etherlink Plus (3c505) #ETH_DRV_1='3c507' # ISA: 3COM Etherlink 16 (3c507) #ETH_DRV_1='3c509' # ISA: 3COM EtherLinkIII (3c509) #ETH_DRV_1='3c515' # ISA: 3COM EtherLink XL ISA (3c515) #ETH_DRV_1='3c59x' # PCI: 3COM Vortex/Boomerang 3c59x,3c900,3c905 #ETH_DRV_1='82596' # Apricot Xen-II on board Ethernet #ETH_DRV_1='3c503' # ISA: 3COM EtherLinkII (3c503) #ETH_DRV_1='e2100' # ISA: Cabletron E21xx ISA #ETH_DRV_1='hp' # ISA: HP PCLAN (27245, 27xxx) ISA #ETH_DRV_1='hp-plus' # ISA: HP PCLAN+ (27247B and 27252A) ISA #ETH_DRV_1='ne' # ISA: NE2000 ISA clone (eg. Realtek 8019, # Accton 16xx, NatSemi 8390, UMC 9003/9008) #ETH_DRV_1='ne2k-pci' # PCI: NE2000 PCI clone (eg. Realtek 8029, # Winbond 89c940) #ETH_DRV_1='smc-ultra' # ISA: SMC ULTRA #ETH_DRV_1='smc-ultra32' # EISA: SMC ULTRA32 (NEW) #ETH_DRV_1='wd' # ISA: SMC WD80*3 #ETH_DRV_1='at1700' # ISA: AT1700 (Fujitsu 86965) ISA #ETH_DRV_1='cs89x0' # ISA: IBM Etherjet, cs89x0 based Cards (Option io=0xnnn necessary!) #ETH_DRV_1='de4x5' # PCI/EISA: Digital DE425, DE434, DE435, DE450, DE500 #ETH_DRV_1='depca' # ISA: DEPCA, DE10x, DE200, DE201, DE202, DE422 #ETH_DRV_1='dgrs' # PCI: Digi International RightSwitch PCI/EISA #ETH_DRV_1='dmfe' # PCI: DM9102 compatible PCI cards from Davicom #ETH_DRV_1='lp486e' # ISA: Intel Professional Workstation/panther 82596 #ETH_DRV_1='eepro' # ISA: Intel EtherExpress Pro/10 #ETH_DRV_1='eepro100' # PCI: Intel EtherExpressPro PCI 10+/100B/100+ #ETH_DRV_1='eexpress' # ISA: EtherExpress16 ISA #ETH_DRV_1='epic100' # PCI: SMC EPIC/100 (EtherPower II) PCI #ETH_DRV_1='eth16i' # ISA/EISA: ICL EtherTeam 16i/32 #ETH_DRV_1='ewrk3' # ISA: EtherWORKS 3 ISA (DE203, DE204, DE205) #ETH_DRV_1='fa3xx' # PCI: NETGEAR FA3XX PCI Ethernet Controller #ETH_DRV_1='fealnx' # PCI: ASOUND LAN 8139 card - not RTL8139 (NEW) #ETH_DRV_1='hp100' # ISA/EISA/PCI: HP 10/100VG PCLAN (ISA, EISA, PCI) #ETH_DRV_1='lance' # ISA: AMD LANCE and PCnet (AT1500, NE2100) ISA #ETH_DRV_1='old_tulip' # PCI: Old DECchip Tulip (dc21x4x) PCI #ETH_DRV_1='pcnet32' # PCI: AMD PCI PCnet32 #ETH_DRV_1='rtl8139-orig' # PCI: RealTek 8129/8139 (not 8019/8029!) #ETH_DRV_1='rtl8139' # PCI: RealTek 8129/8139 (not 8019/8029!) (NEW) ETH_DRV_1='8139too' #PCI: RealTek 8139 10/100 MB (NEW) #ETH_DRV_1='sis900' # PCI: SiS 900/7016 #ETH_DRV_1='sundance' # PCI: DFE-550FX or DFE-530TXS (NEW) #ETH_DRV_1='tlan' # PCI: TI ThunderLAN (Compaq Netelligent ...) #ETH_DRV_1='tulip' # PCI: DECchip Tulip (dc21x4x) PCI #ETH_DRV_1='natsemi' # PCI: Nat Semi #ETH_DRV_1='starfire' # PCI: Starfire #ETH_DRV_1='via-rhine' # PCI: VIA Rhine PCI (3043, VT86c100A, dfe-530tx) #ETH_DRV_1='winbond-840' # PCI: Winbond 840 #ETH_DRV_1='lanstreamer' # Token Ring: IBM Auto LANStreamer PCI Adapter #ETH_DRV_1='olympic' # Token Ring: IBM cards (Pit/Pit-Phy/Olympic) #ETH_DRV_1='ibmtr' # Token Ring: IBM 16/4 #ETH_DRV_1='pcnet_cs' # PCMCIA: NS8390-based cards (NE2000, DLINK etc) #ETH_DRV_1='3c574_cs' # PCMCIA: 3Com 574 #ETH_DRV_1='3c575_cb' # PCMCIA: 3Com 575 #ETH_DRV_1='3c589_cs' # PCMCIA: 3Com 589 #ETH_DRV_1='airo' # PCMCIA: Airo 4500 & 4800 series cards #ETH_DRV_1='airo_cs' # PCMCIA: Airo 4500 & 4800 series cards #ETH_DRV_1='eepro100_cb' # PCMCIA: EtherExpress Pro 100 #ETH_DRV_1='epic_cb' # PCMCIA: SMC 83c170 EPIC/100 #ETH_DRV_1='ibmtr_cs' # PCMCIA: IBM Token Ring #ETH_DRV_1='netwave_cs' # PCMCIA: Netwave AirSurfer Wireless LAN #ETH_DRV_1='nmclan_cs' # PCMCIA: New Media Ethernet LAN #ETH_DRV_1='ray_cs' # PCMCIA: Raylink wireless cards #ETH_DRV_1='smc91c92_cs' # PCMCIA: SMC91c92-based cards #ETH_DRV_1='tulip_cb' # PCMCIA: DEC 21040-family cards #ETH_DRV_1='wavelan_cs' # PCMCIA: WaveLAN #ETH_DRV_1='wavelan2_cs' # PCMCIA: WaveLAN2 #ETH_DRV_1='wvlan_cs' # PCMCIA: Lucent WaveLAN/IEEE 802.11 #ETH_DRV_1='xirc2ps_cs' # PCMCIA: Xircom: CE2, CEM28, CEM33, or CE3 #ETH_DRV_1='wl24_cs' # PCMCIA: ELSA Airlancer MC-2 #ETH_DRV_1='cs89x0_cs' # PCMCIA: IBM EtherJet Ethernet Adapter #ETH_DRV_1='orinoco_cs' # PCMCIA: Orinoco Based WLAN Cards (NEW) #ETH_DRV_1='axnet_cs' # PCMCIA: Asix AX88190 Fast Ethernet (NEW) ETH_DRV_1_OPTION='' #------------------------------------------------------------------------------ # Ether networks used with IP protocol: #------------------------------------------------------------------------------ IP_ETH_N='1' #number of ip ethernet networks, usually 1 IP_ETH_1_NAME='' #optional: other device name than ethX IP_ETH_1_IPADDR='192.168.1.1' #IP address of your nth ethernet card IP_ETH_1_NETWORK='192.168.1.0' #network of your LAN IP_ETH_1_NETMASK='255.255.255.0' #netmask of your LAN #------------------------------------------------------------------------------ # Additional routes, optional #------------------------------------------------------------------------------ IP_DEFAULT_GATEWAY='' #normally not used, read documentation! IP_ROUTE_N='0' #number of additional routes IP_ROUTE_1='192.168.7.0 255.255.255.0 192.168.6.99'# network netmask gateway #------------------------------------------------------------------------------ # Masquerading: #------------------------------------------------------------------------------ MASQ_NETWORK='192.168.1.0/24' #networks to masquerade (e.g. our LAN) MASQ_MODULE_N='12' #load n masq modules (default: only ftp) MASQ_MODULE_1='ftp' #ftp MASQ_MODULE_2='icq' #icq (use with caution!) MASQ_MODULE_3='irc' #irc MASQ_MODULE_4='raudio' #raudio MASQ_MODULE_5='vdolive' #vdolive MASQ_MODULE_6='quake' #quake MASQ_MODULE_7='pptp' #pptp MASQ_MODULE_8='ipsec' #ipsec MASQ_MODULE_9='dplay' #dplay (direct play) MASQ_MODULE_10='udp_dloose' #pseudo mod: some internet games need it MASQ_MODULE_11='ipsec' #ipsec MASQ_MODULE_12='dplay' #dplay (direct play) MASQ_FTP_PORT_N='0' #using ftp masq-module on different ports MASQ_FTP_PORT_1='21' #standard ftp port MASQ_FTP_PORT_2='2021' #additional port #------------------------------------------------------------------------------ # Optional package: PORTFW # # If you set OPT_PORTFW='yes', you can also edit opt/etc/portfw.sh #------------------------------------------------------------------------------ OPT_PORTFW='yes' #install port forwarding tools/modules PORTFW_N='3' #how many portforwardings to set up PORTFW_1='21 192.168.1.3:21 tcp' PORTFW_2='80 192.168.1.3:80 tcp' PORTFW_3='443 192.168.1.3:443 tcp' # 192.168.5.15 (use tcp) #------------------------------------------------------------------------------ # Routing without masquerading #------------------------------------------------------------------------------ ROUTE_NETWORK='' #optional: route from/to network, no masq #------------------------------------------------------------------------------ # Routing: internal hosts to deny forwarding #------------------------------------------------------------------------------ FORWARD_DENY_HOST_N='0' #number of denied hosts FORWARD_DENY_HOST_1='192.168.6.5' #optional: 1st denied host FORWARD_DENY_HOST_2='192.168.6.6' #optional: 2nd denied host #------------------------------------------------------------------------------ # Routing: ports to reject/deny forwarding (from inside and outside!) #------------------------------------------------------------------------------ FORWARD_DENY_PORT_N='1' #no. of ports to reject/deny forwarding FORWARD_DENY_PORT_1='137:139 REJECT' #deny/reject forwarding of netbios FORWARD_TRUSTED_NETS='' #but allow forwarding between LANs #------------------------------------------------------------------------------ # Firewall: ports to reject/deny from outside (all served ports) # # here we leave two ports untouched: # # 53 dns # 113 auth #------------------------------------------------------------------------------ FIREWALL_DENY_PORT_N='12' #no. of ports to reject/deny FIREWALL_DENY_PORT_1='0:20 REJECT' FIREWALL_DENY_PORT_2='22:24 REJECT' FIREWALL_DENY_PORT_3='26:52 REJECT' FIREWALL_DENY_PORT_4='54:79 REJECT' FIREWALL_DENY_PORT_5='81:109 REJECT' FIREWALL_DENY_PORT_6='111:112 REJECT' FIREWALL_DENY_PORT_7='114:142 REJECT' FIREWALL_DENY_PORT_8='144:442 REJECT' FIREWALL_DENY_PORT_9='444:1023 REJECT' FIREWALL_DENY_PORT_10='5000:5001 REJECT' #imond/telmond ports: reject or deny FIREWALL_DENY_PORT_11='8000 REJECT' #proxy access: reject or deny FIREWALL_DENY_PORT_12='20012 REJECT' #vbox server access: reject or deny FIREWALL_DENY_ICMP='no' #deny icmp (ping): yes or no FIREWALL_LOG='yes' #log access to rejected/denied ports #------------------------------------------------------------------------------ # Domain configuration: #------------------------------------------------------------------------------ START_DNS='yes' #start dns server: yes or no DNS_FORWARDERS='212.40.0.10' #DNS servers of your provider, e.g. MSN DNS_VERBOSE='no' #log queries in /usr/local/ens/ens.log DOMAIN_NAME='outworld.ch' #your domain name DNS_FORBIDDEN_N='0' #number of forbidden domains DNS_FORBIDDEN_1='foo.bar' #1st forbidden domain DNS_FORBIDDEN_2='bar.foo' #2nd forbidden domain HOSTS_N='3' #number of hosts in your domain HOST_1='192.168.1.1 fli4l' #1st host: ip and name HOST_2='192.168.1.202 rayden' #2nd host: ip and name HOST_3='192.168.1.199 juweli' #3rd host: ip and name HOST_4='192.168.1.4 client4' #4th host: ip and name #------------------------------------------------------------------------------ # Special DNS configuration #------------------------------------------------------------------------------ DNS_N='0' #number of special dns servers, normally 0 #DNS_1='firma.de 192.168.1.12' # 1st special dns server for firma.de #DNS_2='lan.firma.de 192.168.2.12' # 2nd special dns server for lan.firma.de #------------------------------------------------------------------------------ # imond configuration: #------------------------------------------------------------------------------ START_IMOND='yes' #start imond: yes or no IMOND_PORT='5000' #TCP-Port, see also FIREWALL_DENY_PORT_x! IMOND_PASS='' #imond-password, may be empty IMOND_ADMIN_PASS='xyzPasswort' #imond-admin-password, may be empty IMOND_LED='' #tty for led: com1 - com4 or empty IMOND_BEEP='yes' #beep if connection going up/down IMOND_LOG='no' #log /var/log/imond.log: yes or no IMOND_LOGDIR='/var/log' #log-directory, e.g. /var/log IMOND_ENABLE='yes' #accept "enable/disable" commands IMOND_DIAL='yes' #accept "dial/hangup" commands IMOND_ROUTE='yes' #accept "route" command IMOND_REBOOT='yes' #accept "reboot" command #------------------------------------------------------------------------------ # Generic circuit configuration: #------------------------------------------------------------------------------ IP_DYN_ADDR='no' #use dyn. ip addresses (most providers do) DIALMODE='auto' #standard dialmode: auto, manual, or off #------------------------------------------------------------------------------ # optional package: syslogd #------------------------------------------------------------------------------ OPT_SYSLOGD='no' #start syslogd: yes or no SYSLOGD_DEST_N='1' #number of destinations SYSLOGD_DEST_1='*.* /dev/console' #nth prio & destination of syslog msgs SYSLOGD_DEST_2='*.* @192.168.6.2' #example: loghost 192.168.6.2 SYSLOGD_DEST_3='kern.info /var/log/dial.log'# example: log infos #------------------------------------------------------------------------------ # optional package: klogd #------------------------------------------------------------------------------ OPT_KLOGD='no' #start klogd: yes or no #------------------------------------------------------------------------------ # optional package: y2k correction #------------------------------------------------------------------------------ OPT_Y2K='no' #y2k correction: yes or no Y2K_DAYS='' #correct hardware Y2K-Bug: add x days #------------------------------------------------------------------------------ # Optional package: PNP #------------------------------------------------------------------------------ OPT_PNP='no' #install isapnp tools: yes or no