Diff for "DebianApImageBugs" - Personal Telco Project

Differences between revisions 48 and 49

This is to help track and resolve bugs with the DebianLinuxAccessPoint and DebianApImage projects. If you think you've found a bug in how the image works please list it here along with all the information I might need to fix it. Thanks -- AdamShand.

Feature Requests

Set it up to sync to an NTP server to keep the time correct (Stylistics don't appear to have good clocks)
- Add 5 * * * * root /etc/init.d/ntpdate start > /dev/null 2>&1 to the /etc/crontab file -- AdamShand
Add egress filter to prevent participating in [http://grc.com/dos/drdos.htm DRDoS] attacks

To Be Fixed Soon

Update kernel image to 2.4.18 and strip down or remove initrd so it'll boot on low ram images.
Update to latest NoCatAuth (or MetaCat)
Install latest HostAp drivers (and sample WDS config)
Install DNS Masq instead of Bind (http://www.thekelleys.org.uk/dnsmasq/doc.html)
Setup so "gateway" always resolves as itself.
Setup stunnel for nocat for SSL start pages to work. stunnel localhost:5281 -> localhost:5280 (change nocat firewall rule)
Setup for as few disk writes as possible so it can be run off CF or CDROM. Remote syslog, all writes to RAM disk etc.
Increase DHCP lease time to reduce wireless traffic and allow detection of inactive connections
Add BillHolmstrom's ptp.ico as ../nocat/htdocs/favicon.ico
Fix default resolv.conf, hosts and hostname files. make sure sudo works.
Configure MTA to be able to send messages and setup alias for root/postmaster to send to ops@lists.ptp.net
Setup cacti to graph total bandwidth usage.
Update glibc, at, sudo wireless-tools
line 15 in ../nocat/htdocs/splash.html needs 'images/' added to it
line 25 in /etc/pcmica/prism2.conf has the manfid for Lucent cards(instead of the D-Link that is says it is), so when you try to use a Lucent card it loads prism2 instead of wvlan_cs
Setup for iw_mode command to set default mode (master/managed/adhoc)
Add notes on how to set power for cards
Test NoCatAuth CaptivePortal mode (once the behind NAT fix is in place make captive mode the default)
Touch screen support. Can this be done without X? non-X-scribble?
- I think this requires X. X will be supported once I get docs from CoryWebb on how to make the pen drivers work and a working XF86Config file.n -- AdamShand
  - You should check with Mark Curran, I think he has added X to your image already --MichaelCodanti
Add documentation on what needs to be setup and what it does
Create setup script to make configuration easier
Setup a Debian Apt repository for PTP packages and configure sources.list to use it.
Figure out command to use grub to install boot sector when image is not the boot device
Move default NoCatAuth log file to /var/log where it will (hopefully) be rotated).

To Be Done "Sometime"

These are as much ideas as anything else. Comments are appreciated.

Is webmin a good idea?
Setting up a default message on telnet/ssh; "you are not logged in via nocat, please goto http://aa.bb.cc.dd/"
- This would be a little tricky to do with telnet and there is no real way to do this with SSH that I can think of (because there is no way to display a banner before login). Actually I just learned something ... this can be done. It still requires some trickery and I'm not sure it's really that important but it would be cool. If you wanna contribute the necessary firewall rules to make it happen please do, the best way I can think of doing this is to redirect port 22 and 23 traffic to anywhere to the stylistic and display a banner there. -- AdamShand
ExtrusionDetection (Snort)
Automatic rules update for ExtrusionDetection
Setup Exim with TLS for mail proxying (warn about earthlink)
- Setup transparent proxy for port 80 and port 25
SSL support on nocat auth page -EricJohanson
- Are you referring to the NoCatAuth bug where https requests don't get proxied to the portal properly or are you wanting the login page to the SSL'd? -- AdamShand
Real time reporting...
- WirelessAntFarm from Vortex looks like a promising start. EricJohanson is also working on something. -- AdamShand

Open Bugs

From AdamShand

Upgrade to latest version of NoCatAuth to fix browser problems.
Upgrade to 2.4.17 and latest HostApMode drives to try and resolve NetStumbler issues

From EricJohanson:

/etc/lilo.conf.install does not point to correct kernel image; (both 2.2.x and 2.4.x)
What does this mean? Any why is it saying it sooooo much? I get 1-2 of these per second. /var/log on my system is over 300 megs.
- I believe this will be fixed with the next update which includes the lastest HostAp drivers. Well see anyway -- AdamShand

From sven.lakemeier@berlin.de:

(i'm using the 20020116 tarball)
/boot/boot.b is a link to a file that doesn't exist
perhaps include lilo, because the lilo on my system was too old so i couldn't write the bootsector
not really a bug but a feature request: i'm using a stylistic 500 with 8 megs of ram and when i'm booting i get a "kernel panic : Out of memory" at "RAMDISK: cramfs filesystem found at block 0" "RAMDISK: Loading 3468 blocks [1 disk] into ram disk..." so what about a short info on system requirements or hints to get a smaller memory footprint?

i think the hardware of the stylistic 500 and 1000 is pretty similar, so it should be possible to get the image running.

Thanks for the report Sven, I thought no one was using this but a couple local guys so this has kinda languished. The memory problem is the initrd file, which currently has all the kernel modules in it. I'll try and rebuilt it to either use a more reasonable subset of modules or I'll just do away with initrd. -- AdamShand

Unable to Duplicate

DNS Server doesn't load upon bootup
DHCP Server doesn't load upon bootup
- I had this problem when i was setting up my own linux ap image, you the hostap driver takes a little while to initialize, longer than a normal one, so i fixed it by bumping dhcp to S99 in /etc/rc2.d/ --ForrestEnglish
Setting up image to work with other devices (EG: SBCs with different PCMCIA bridges)
- I think this should "just work". Can you document any issues? -- AdamShand
Why can't I ping/traceroute out via the NAT?
- interesting ... i'm not sure. the nocat nat implementation must be incomplete, i'll look into it.
  - It works for me --MichaelCodanti

Resolved Bugs

8 Jan 2002

Having lynx installed would help debugging 'net connections
- It has links installed which is a better lynx then lynx I've added a symlink for the uninitiated.
Add the debian package for Wavemon (new in unstable)
Screen doesn't turn off (might be my bios settings)
- This is apparently a BIOS issue. Eric can you provide details of what you did to the BIOS?
AdHoc mode! This would be VERY helpful for SWN folks..... I've heard rumors that we want to use ADHoc for PtP links...
- This was a known issue with the 2.4.16 kernel, please upgrade to 2.4.17. -- AdamShand
warnings loading modules; /var/log/something is readonly on kernel boot
- this is normal, don't worry about it

10 December 2001

Update to 2.4.16 (10 Dec 2001)
Disable -- MARK -- in syslog ("-m 0") (10 Dec 2001)
Add simple batch file or configuration to switch to bridging instead of NAT (see /usr/local/bin/bridge-setup.sh)

[CategoryDocumentation]

-  ← Revision 48 as of 2005-02-24 16:42:52 →
  Size: 8068
  Editor: ppp-203
  Comment:
+  ← Revision 49 as of 2005-02-24 17:30:28 →
  Size: 7669
  Editor: DarrinEden
  Comment:
-Deletions are marked like this.
+Additions are marked like this.
 Line 1:
-!'''[http://0nline-casin0.newmail.ru Online Casino] Win money fast!'''!
+This is to help track and resolve bugs with the DebianLinuxAccessPoint and DebianApImage projects.  If you think you've found a bug in how the image works please list it here along with all the information I might need to fix it.  Thanks -- AdamShand.
 Line 3:
-!'''[http://united-airline.boom.ru/ United Airlines tickets] !'''!
+See also: DebianAp, DebianApImage
 Line 5:
-[http://online-degree.hotmail.ru/ Online degree]
+==== Feature Requests ====

 * Set it up to sync to an NTP server to keep the time correct (Stylistics don't appear to have good clocks) 

  * Add {{{5 * * * * root /etc/init.d/ntpdate start > /dev/null 2>&1}}} to the /etc/crontab file -- AdamShand

 * Add egress filter to prevent participating in [http://grc.com/dos/drdos.htm DRDoS] attacks
-Line 7:
+Line 10:
-[http://online1degree.chat.ru/ Online degree]
+===== To Be Fixed Soon =====

 * Update kernel image to 2.4.18 and strip down or remove initrd so it'll boot on low ram images.

 * Update to latest NoCatAuth (or MetaCat)

 * Install latest HostAp drivers (and sample WDS config)

 * Install DNS Masq instead of Bind (http://www.thekelleys.org.uk/dnsmasq/doc.html)

 * Setup so "gateway" always resolves as itself.

 * Setup stunnel for nocat for SSL start pages to work.  stunnel localhost:5281 -> localhost:5280 (change nocat firewall rule)

 * Setup for as few disk writes as possible so it can be run off CF or CDROM.  Remote syslog, all writes to RAM disk etc.

 * Increase DHCP lease time to reduce wireless traffic and allow detection of inactive connections

 * Add BillHolmstrom's ptp.ico as ../nocat/htdocs/favicon.ico

 * Fix default resolv.conf, hosts and hostname files.  make sure sudo works.

 * Configure MTA to be able to send messages and setup alias for root/postmaster to send to ops@lists.ptp.net

 * Setup cacti to graph total bandwidth usage.

 * Update glibc, at, sudo wireless-tools

 * line 15 in ../nocat/htdocs/splash.html needs 'images/' added to it

 * line 25 in /etc/pcmica/prism2.conf has the manfid for Lucent cards(instead of the D-Link that is says it is), so when you try to use a Lucent card it loads prism2 instead of wvlan_cs

 * Setup for iw_mode command to set default mode (master/managed/adhoc)

 * Add notes on how to set power for cards

 * Test NoCatAuth CaptivePortal mode (once the behind NAT fix is in place make captive mode the default)

 * Touch screen support. :) Can this be done without X? non-X-scribble?

  * I think this requires X.  X will be supported once I get docs from CoryWebb on how to make the pen drivers work and a working X''''''F''''''86Config file.n -- AdamShand

   * You should check with Mark Curran, I think he has added X to your image already --MichaelCodanti

 * Add documentation on what needs to be setup and what it does

 * Create setup script to make configuration easier

 * Setup a Debian Apt repository for PTP packages and configure sources.list to use it.

 * Figure out command to use grub to install boot sector when image is not the boot device

 * Move default NoCatAuth log file to /var/log where it will (hopefully) be rotated).
-Line 9:
+Line 38:
+===== To Be Done "Sometime"  =====

These are as much ideas as anything else.  Comments are appreciated.
-Line 10:
+Line 41:
-[http://chp-cigar.boom.ru/ cheap cigarettes]

[http://disc-cigar.boom.ru/ discount cigarettes]

[http://online-cigaret.hotmail.ru/ online cigarettes]

[http://marlb-cigar.boom.ru/ marlboro cigarettes]

[http://online-cigar.boom.ru/ online cigarettes]

[http://winst-cigar.boom.ru/ winston cigarettes]

[http://camel-cigar.boom.ru/ camel cigarettes]

[http://winst-cigaret.hotmail.ru/ Cheap winston cigarettes]
+ * Is webmin a good idea?

 * Setting up a default message on telnet/ssh; "you are not logged in via nocat, please goto http://aa.bb.cc.dd/"

  * This would be a little tricky to do with telnet and there is no real way to do this with SSH that I can think of (because there is no way to display a banner before login).  Actually I just learned something ... this can be done.  It still requires some trickery and I'm not sure it's really that important but it would be cool.  If you wanna contribute the necessary firewall rules to make it happen please do, the best way I can think of doing this is to redirect port 22 and 23 traffic to anywhere to the stylistic and display a banner there.  -- AdamShand

 * ExtrusionDetection (Snort)

 * Automatic rules update for ExtrusionDetection

 * Setup Exim with TLS for mail proxying (warn about earthlink)

  * Setup transparent proxy for port 80 and port 25

 * SSL support on nocat auth page -SeattleWireless:EricJohanson

  * Are you referring to the NoCatAuth bug where https requests don't get proxied to the portal properly or are you wanting the login page to the SSL'd?  -- AdamShand

 * Real time reporting...

  * WirelessAntFarm from Vortex looks like a promising start.  SeattleWireless:EricJohanson is also working on something. -- AdamShand
-Line 19:
+Line 53:
-[http://sb-web-design.boom.ru/ | small business web design] 

[http://sb-management.boom.ru/ | small business management] 

[http://sb-software.boom.ru/ | small business software] 

[http://sb-resource.boom.ru/ | small business resource] 

[http://sb-grants.boom.ru/ | small business grants] 

[http://sb-opportunity.boom.ru/ | small business opportunity] 

[http://web-hosting-sb.boom.ru/ | web hosting small business] 

[http://sb-information.boom.ru/ | small business information] 

[http://sb-idea.boom.ru/ | small business idea] 

[http://starting-a-sb.boom.ru/ | starting a small business] 

[http://sb-marketing.boom.ru/ | small business marketing] 

[http://sb-services.boom.ru/ | small business services] 

[http://sb-plan.boom.ru/ | small business plan] 

[http://gg-for-sb.boom.ru/ | government grants for small business] 

[http://how-start-sb.boom.ru/ | how to start a small business]
+==== Open Bugs ====

From AdamShand

 * Upgrade to latest version of NoCatAuth to fix browser problems.

 * Upgrade to 2.4.17 and latest HostApMode drives to try and resolve NetStumbler issues
-Line 35:
+Line 58:
+From SeattleWireless:EricJohanson:

 * /etc/lilo.conf.install does not point to correct kernel image; (both 2.2.x and 2.4.x)

 * What does this mean?  Any why is it saying it sooooo much? I get 1-2 of these per second.  /var/log on my system is over 300 megs.

  * I believe this will be fixed with the next update which includes the lastest HostAp drivers.  Well see anyway -- AdamShand
-Line 36:
+Line 63:
-Best links: '''spyware killer'''
+From sven.lakemeier@berlin.de:

 (i'm using the 20020116 tarball)

 * /boot/boot.b is a link to a file that doesn't exist

 * perhaps include lilo, because the lilo on my system was too old so i couldn't write the bootsector

 * not really a bug but a feature request: i'm using a stylistic 500 with 8 megs of ram and when i'm booting i get a "kernel panic : Out of memory" at "RAMDISK: cramfs filesystem found at block 0" "RAMDISK: Loading 3468 blocks [1 disk] into ram disk..." so what about a short info on system requirements or hints to get a smaller memory footprint?

i think the hardware of the stylistic 500 and 1000 is pretty similar, so it should be possible to get the image running.

  * Thanks for the report Sven, I thought no one was using this but a couple local guys so this has kinda languished.  The memory problem is the initrd file, which currently has all the kernel modules in it.  I'll try and rebuilt it to either use a more reasonable subset of modules or I'll just do away with initrd.  -- AdamShand

==== Unable to Duplicate ====

 * DNS Server doesn't load upon bootup

 * DHCP Server doesn't load upon bootup

      I had this problem when i was setting up my own linux ap image, you the hostap driver takes a little while to initialize, longer than a normal one, so i fixed it by bumping dhcp to S99 in /etc/rc2.d/   --ForrestEnglish

 * Setting up image to work with other devices (EG: SBCs with different PCMCIA bridges)

  * I think this should "just work".  Can you document any issues?  -- AdamShand

 * Why can't I ping/traceroute out via the NAT?

  * interesting ... i'm not sure.  the nocat nat implementation must be incomplete, i'll look into it.

   * It works for me --MichaelCodanti

==== Resolved Bugs ====

'''8 Jan 2002'''

 * Having lynx installed would help debugging 'net connections

  * It has links installed which is a better lynx then lynx :-)  I've added a symlink for the uninitiated.

 * Add the debian package for Wavemon (new in unstable)

 * Screen doesn't turn off (might be my bios settings)

  * This is apparently a BIOS issue.  Eric can you provide details of what you did to the BIOS?

 * AdHoc mode!  This would be VERY helpful for SWN folks..... I've heard rumors that we want to use ADHoc for PtP links...

  * This was a known issue with the 2.4.16 kernel, please upgrade to 2.4.17. -- AdamShand

 * warnings loading modules; /var/log/something is readonly on kernel boot

  * this is normal, don't worry about it
-Line 38:
+Line 91:
-[http://spyware-killer.hotmail.ru/ | spyware killer] 





Best links: '''table lamp'''







[http://table-lamp.newmail.ru/ | table lamp] 

[http://table1lamp.chat.ru/ | table lamp] 

[http://table-lamp.boom.ru/ | table lamp] 





Best links: '''tires'''







[http://discount-tire.boom.ru/ | discount tire] 

[http://tire-rack.boom.ru/ | tire rack] 

[http://tire-dealer.boom.ru/ | tire dealer] 

[http://goodyear-tire.boom.ru/ | goodyear tire] 

[http://tire-wheels.boom.ru/ | tire wheels] 

[http://motorcycle-tire.boom.ru/ | motorcycle tire] 

[http://michelin-tire.boom.ru/ | michelin tire] 

[http://atv-tire.boom.ru/ | atv tire] 

[http://tire-rim.boom.ru/ | tire rim] 

[http://truck-tire.boom.ru/ | truck tire] 

[http://car-tire.boom.ru/ | car tire] 

[http://firestone-tire.boom.ru/ | firestone tire] 

[http://tire-plus.boom.ru/ | tire plus] 

[http://goodrich-tire.boom.ru/ | bf goodrich tire] 

[http://bridgestone-tire.boom.ru/ | bridgestone tire] 

[http://dunlop-tire.boom.ru/ | dunlop tire] 

[http://yokohama-tire.boom.ru/ | yokohama tire] 

[http://nitto-tire.boom.ru/ | nitto tire] 

[http://continental-tire.boom.ru/ | continental tire] 

[http://trailer-tire.boom.ru/ | trailer tire] 

[http://tire-wh-package.boom.ru/ | tire and wheel package] 

[http://off-road-tire.boom.ru/ | off road tire] 





Best links: '''titanium'''







[http://titanium-band.boom.ru/ | titanium band] 





Best links: '''titanium band'''







[http://titaniumband.boom.ru/ | titanium band] 

[http://titanium1band.chat.ru/ | titanium band] 

[http://titanium1band.newmail.ru/ | titanium band] 





Best links: '''titanium ring'''







[http://titanium1-ring.boom.ru/ | titanium ring] 





Best links: '''travel'''







[http://travelagent.chat.ru/ | travel agent] 

[http://travel2costarica.chat.ru/ | travel to costa rica] 

[http://cruise1travel.chat.ru/ | cruise travel] 

[http://italytravel.chat.ru/ | italy travel] 

[http://travelnursing.chat.ru/ | travel nursing] 

[http://airlinetravel.chat.ru/ | airline travel] 

[http://lastminutetravel.chat.ru/ | last minute travel] 

[http://cheaptravel.chat.ru/ | cheap travel] 

[http://travelreservatio.chat.ru/ | travel reservation] 

[http://travel1agency.chat.ru/ | travel agency] 

[http://world-travel.boom.ru/ | world travel] 

[http://adventuretravel.boom.ru/ | adventure travel] 

[http://travel-deal.boom.ru/ | travel deal] 

[http://travel-guide.boom.ru/ | travel guide] 

[http://vegas-travel.boom.ru/ | vegas travel] 

[http://tragency.boom.ru/ | travel agency] 

[http://inter-travel.boom.ru/ | international travel] 

[http://travel-hotel.boom.ru/ | travel hotel] 

[http://luxury-travel.boom.ru/ | luxury travel] 

[http://travel-site.boom.ru/ | travel site] 

[http://firstclasstravel.boom.ru/ | first class travel] 

[http://travel-to-alaska.boom.ru/ | travel to alaska] 

[http://travel-services.boom.ru/ | travel services] 

[http://ireland-travel.boom.ru/ | ireland travel] 

[http://travel-package.boom.ru/ | travel package] 

[http://lastminutetrav.boom.ru/ | last minute travel deal] 

[http://travel-francisco.boom.ru/ | travel to san francisco] 

[http://budget-travel.boom.ru/ | budget travel] 

[http://student-travel.boom.ru/ | student travel] 

[http://intertravel.chat.ru/ | international travel] 

[http://world1travel.chat.ru/ | world travel] 

[http://businesstravel.chat.ru/ | business travel] 

[http://discounttravel.chat.ru/ | discount travel] 

[http://budgettravel.chat.ru/ | budget travel] 

[http://traveldeal.chat.ru/ | travel deal] 

[http://caribbeantravel.chat.ru/ | caribbean travel] 

[http://travel2hawaii.chat.ru/ | travel to hawaii] 

[http://traveleurope.chat.ru/ | travel europe] 

[http://studenttravel.chat.ru/ | student travel] 

[http://travelinsurance.chat.ru/ | travel insurance] 

[http://travel2mexico.chat.ru/ | travel to mexico] 





Best links: '''tropical cruise'''







[http://tropicalcruise.chat.ru/ | tropical cruise] 





Best links: '''united airline'''







[http://united-airline.boom.ru/ | united airline] 





Best links: '''united airlines'''







[http://united-airlines.hotmail.ru/ | united airlines] 

[http://united-airlines.boom.ru/ | united airlines] 

[http://united1airlines.chat.ru/ | united airlines] 





Best links: '''vacation'''







[http://hawaiivacation.chat.ru/ | hawaii vacation] 

[http://vacationvegas.chat.ru/ | vacation vegas] 

[http://homevacation.chat.ru/ | home vacation] 

[http://laketahoevac.chat.ru/ | lake rental tahoe vacation] 

[http://orlandovacation.chat.ru/ | orlando vacation] 

[http://mexicovacation.chat.ru/ | mexico vacation] 

[http://beachvacation.chat.ru/ | beach vacation] 

[http://bahamasvacation.chat.ru/ | bahamas vacation] 

[http://ncarolinvacation.chat.ru/ | carolina north vacation] 

[http://cheapvacation.chat.ru/ | cheap vacation] 

[http://arizonavacation.chat.ru/ | arizona vacation] 

[http://canadavacation.chat.ru/ | canada vacation] 

[http://vacationvermont.chat.ru/ | vacation vermont] 

[http://tennesseevac.chat.ru/ | tennessee vacation] 

[http://caribbeanvac.chat.ru/ | caribbean vacation] 

[http://golfvacation.chat.ru/ | golf vacation] 

[http://cruise1vacation.chat.ru/ | cruise vacation] 

[http://jamaicavacation.chat.ru/ | jamaica vacation] 

[http://floridavacation.chat.ru/ | florida vacation] 

[http://disneyvacation.chat.ru/ | disney vacation world] 

[http://spavacation.chat.ru/ | spa vacation] 

[http://tropicalvacation.chat.ru/ | tropical vacation] 

[http://resortvacation.chat.ru/ | resort vacation] 

[http://alaskavacation.chat.ru/ | alaska vacation] 

[http://skivacation.chat.ru/ | ski vacation] 

[http://italyvacation.chat.ru/ | italy vacation] 

[http://vacationpackage.chat.ru/ | package vacation] 

[http://califvacation.chat.ru/ | california vacation] 

[http://coloradovacation.chat.ru/ | colorado vacation] 

[http://disney1vacation.chat.ru/ | disney vacation] 





Best links: '''wholesale bead'''







[http://wholesale-bead.narod.ru/ | wholesale bead] 





Best links: '''wine club'''







[http://wine-club.boom.ru/ | wine club] 

[http://wine-clubs.boom.ru/ | wine clubs] 

[http://wine-gift.boom.ru/ | wine gift] 





Best links: '''wrinkle'''







[http://wrinkle.boom.ru/ | anti wrinkle cream] 





Best links: '''yeast'''







[http://yeast-infection.boom.ru/ | yeast infection] 





Best links: '''Yeast Infection'''







[http://yeast-infection.newmail.ru/ | Yeast Infection]
+'''10 December 2001'''

 * Update to 2.4.16 (10 Dec 2001)

 * Disable -- MARK -- in syslog ("-m 0") (10 Dec 2001)

 * Add simple batch file or configuration to switch to bridging instead of NAT (see /usr/local/bin/bridge-setup.sh)

----

[CategoryDocumentation]