[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] HOWTO: Installing Adaptive Firewall (for Qube) on a RaQ 4
- Subject: Re: [cobalt-users] HOWTO: Installing Adaptive Firewall (for Qube) on a RaQ 4
- From: "Richard Donahue" <ebs@xxxxxxxxxxxxxxxx>
- Date: Wed Dec 18 17:56:01 2002
- Organization: EBS
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
----- Original Message -----
From: "Bruce Timberlake" <bruce@xxxxxxxxxx>
To: <cobalt-users@xxxxxxxxxxxxxxx>
Sent: Wednesday, December 18, 2002 7:07 PM
Subject: [cobalt-users] HOWTO: Installing Adaptive Firewall (for Qube) on a
RaQ 4
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> NOTE: This is an UNOFFICIAL and UNSUPPORTED procedure. It works for
> me, but your results may vary. Proceed at your own risk!
>
> NOTE: This _should_ work on any RaQ as well, but I have not tested it
> on anything but a RaQ 4.
>
>
> 1. Shell into your RaQ and become root.
>
> 2. Get the two firewall RPMS from http://www.cobaltfaqs.com/download/
> (the Adaptive Firewall PKG on the Sun download site doesn't seem to
> untar properly, so I'm posting the actual RPMS from within the PKG):
>
> wget http://www.cobaltfaqs.com/download/phoenix-1.7-0.i386.rpm
> wget
> http://www.cobaltfaqs.com/download/phoenix-kmodules-1.0-9.i386.rpm
>
> MD5SUM info:
>
> b51161006b586b77891a03931d5ed958 phoenix-1.7-0.i386.rpm
> bb36c8070d9f48b077ef7724a1ca5448 phoenix-kmodules-1.0-9.i386.rpm
>
> 3. Install the RPMS:
>
> rpm -ivh phoenix*.rpm
>
> Note: if you have the SHP patch installed (RaQ 4), you have an older
> version of the firewall partially installed, and might get some
> messages about conflicts with the older version. Either uninstall
> it, or use
>
> rpm -ivh --force --nodeps phoenix*.rpm
>
> to get the newer version installed. Not sure what the implications to
> the existing SHP install are, but as it's currently a security hole
> and should be uninstalled anyway, it shouldn't be a major problem...
>
> You can verify the RPMs installed by doing:
>
> rpm -qa | grep phoenix
>
> You should see:
>
> phoenix-1.7-0
> phoenix-kmodules-1.0-9
>
> 4. Look in /etc/rc.d/rc3.d and ensure the startup script is there:
>
> ls -alF /etc/rc.d/rc3.d/S*
>
> You should see
>
> S72phoenix
>
> in the list of files.
>
> 5. Start the firewall by doing:
>
> /etc/rc.d/init.d/phoenix start
>
> You'll see this output:
>
> Loading phoenix module...
> Using /lib/modules/phoenix/phoenix-1.6.6-2.2.16C32_III.o
> Symbol version prefix ''
> phoenix-1.6.6-2.2.16C32_III.o successfully loaded.
> Starting pafserver: pafserver
> Starting thttpd-phoenix: thttpd-phoenix
> Starting paflogd: paflogd
> Establishing Default Firewalls
>
> Establishing masquerading configuration
> error opening file
>
> (this 'error opening file' is due to the RPM thinking it's on a Qube,
> which normally has masquerading set up; it's nothing to worry about
> that I can tell on a RaQ 4)
>
> 6. Generate an initial firewall access password:
>
> /etc/phoenix/scripts/initpassphrase
>
> Enter a passphrase twice when prompted (it's a temp password, which
> you'll change in the UI, so just use something like 'test' or
> whatever)
>
> 7. Point your browser at the server, port 8181 (www.domain.com:8181
> or ip.ad.re.ss:8181) and follow the prompts to bring up the Java UI.
>
> Ignore warning messages for some browsers: it was only QA'd with
> Internet Exploder 5.5 and 6.0, and Netscape 4.7x. Other browsers
> should work just fine... I use Konqueror and Mozilla on Linux with no
> issues.
>
> There's a user manual (PDF) link in the firewall UI to explain how it
> works, how to set options, etc.
>
> Output from the firewall is in /var/log/phoenix.log
>
> - --
> Bruce Timberlake
>
Thanks Bruce!
Rich
EBS
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.427 / Virus Database: 240 - Release Date: 12/06/2002