##----------------------------------------------------------------------------- ## base.txt - fli4l configuration parameters __FLI4LVER__ ## ## You can edit/change this file with any text editor. ## ## P L E A S E R E A D T H E D O C U M E N T A T I O N , ## S E E R E A D M E . T X T ## ## B I T T E U N B E D I N G T D I E D O K U M E N T A T I O N ## L E S E N , S I E H E R E A D M E . T X T ## ## Creation: 26.06.2001 fm ## Last Update: $Id$ ## ## Copyright (c) 2001-2011 - Frank Meyer, fli4l-Team - team@fli4l.de ## ## This program is free software; you can redistribute it and/or modify ## it under the terms of the GNU General Public License as published by ## the Free Software Foundation; either version 2 of the License, or ## (at your option) any later version. ##----------------------------------------------------------------------------- #------------------------------------------------------------------------------ # General settings: #------------------------------------------------------------------------------ HOSTNAME='fli4l' # name of fli4l router PASSWORD='fli4l' # password for root login (console, sshd, imond) BOOT_TYPE='fd' # boot device: fd, fdx2, dualfd, hd, cd, ls120, # integrated, attached, netboot, pxeboot # (cd, cdemul, hd and ls120 need an # installed opt hd) MOUNT_BOOT='rw' # mount boot device (floppy): ro, rw, no BOOTMENU_TIME='5' # waiting time of bootmenu in seconds # to activate normal boot TIME_INFO='MEZ-1MESZ,M3.5.0,M10.5.0/3' # description of local time zone, # don't touch without reading documentation KERNEL_VERSION='2.6.32.59' # kernel version KERNEL_BOOT_OPTION='' # append option to kernel command line COMP_TYPE_KERNEL='lzma' # compression-type for kernel: # gzip, bzip2, lzma, uncompressed COMP_TYPE_ROOTFS='lzma' # compression-type for rootfs: gzip, bzip2, lzma COMP_TYPE_OPT='lzma' # compression-type for opt: bzip2, lzma IP_CONNTRACK_MAX='' # override maximum limit of connection # tracking entries POWERMANAGEMENT='none' # select pm interface: none, acpi, apm, apm_rm # apm_rm switches to real mode before invoking # apm power off #------------------------------------------------------------------------------ # Localisation #------------------------------------------------------------------------------ LOCALE='de' # defines the default language for several # components, such as httpd #------------------------------------------------------------------------------ # Mount extra floppy drive to /floppy: #------------------------------------------------------------------------------ OPT_MOUNTFLOPPY='no' # mount extra floppy drive: first, second, no #------------------------------------------------------------------------------ # Console settings (serial console, blank time, beep): #------------------------------------------------------------------------------ CONSOLE_BLANK_TIME='' # time in minutes (1-60) to blank # console; '0' = never, '' = system default BEEP='yes' # enable beep after boot and shutdown SER_CONSOLE='no' # use serial interface instead of or as # additional output device and main input device SER_CONSOLE_IF='0' # serial interface to use, 0 for ttyS0 (COM1) SER_CONSOLE_RATE='9600' # baudrate for serial console #------------------------------------------------------------------------------ # Debug Settings: #------------------------------------------------------------------------------ DEBUG_STARTUP='no' # write an execution trace of the boot #------------------------------------------------------------------------------ # Keyboard layout #------------------------------------------------------------------------------ KEYBOARD_LOCALE='auto' # auto: use most common keyboard layout for # the language specified in 'LOCALE' OPT_MAKEKBL='no' # set to 'yes' to make a new local keyboard # layout map on the fli4l-router #------------------------------------------------------------------------------ # Ethernet card drivers: #------------------------------------------------------------------------------ # # please see file base_nic.list in your config-dir or read the documentation # # # If you need a dummy device, use 'dummy' as your NET_DRV # and IP_NET_%_DEV='dummy' as your device # #------------------------------------------------------------------------------ NET_DRV_N='1' # number of ethernet drivers to load, usually 1 NET_DRV_1='ne2k-pci' # 1st driver: name (e.g. NE2000 PCI clone) NET_DRV_1_OPTION='' # 1st driver: additional option NET_DRV_2='ne' # 2nd driver: name (e.g. NE2000 ISA clone) NET_DRV_2_OPTION='io=0x320' # 2nd driver: additional option #------------------------------------------------------------------------------ # Ether networks used with IP protocol: #------------------------------------------------------------------------------ IP_NET_N='1' # number of IP ethernet networks, usually 1 IP_NET_1='192.168.6.1/24' # IP address of your n'th ethernet card and # netmask in CIDR (no. of set bits) IP_NET_1_DEV='eth0' # required: device name like ethX #------------------------------------------------------------------------------ # Additional routes, optional #------------------------------------------------------------------------------ IP_ROUTE_N='0' # number of additional routes IP_ROUTE_1='192.168.7.0/24 192.168.6.99' # network/netmaskbits gateway IP_ROUTE_2='0.0.0.0/0 192.168.6.99' # example for default-route #------------------------------------------------------------------------------ # Packetfilter configuration; there are two styles, old and new - # you have to choose one of them. # # Please see documentation if you want to use the old style and add all needed # config VARS to configuration # # New style packet filter config: #------------------------------------------------------------------------------ PF_NEW_CONFIG='yes' # new style packet filter config PF_INPUT_POLICY='REJECT' # be nice and use reject as policy PF_INPUT_ACCEPT_DEF='yes' # use default rule set PF_INPUT_LOG='no' # don't log anything PF_INPUT_LOG_LIMIT='3/minute:5' # log 3 events per minute; allow a # burst of 5 events PF_INPUT_REJ_LIMIT='1/second:5' # reject 1 connection per second; allow # a burst of 5 events; otherwise # drop packet PF_INPUT_UDP_REJ_LIMIT='1/second:5' # reject 1 udp packet per second; allow # a burst of 5 events; otherwise drop # packet PF_INPUT_N='1' PF_INPUT_1='IP_NET_1 ACCEPT' # allow all hosts in the local # network access to the router PF_INPUT_2='tmpl:samba DROP NOLOG' # drop (or reject) samba access PF_INPUT_2_COMMENT='no samba traffic allowed' # without logging, otherwise # the log file will be filled # with useless entries PF_FORWARD_POLICY='REJECT' # be nice and use reject as policy PF_FORWARD_ACCEPT_DEF='yes' # use default rule set PF_FORWARD_LOG='no' # don't log anything PF_FORWARD_LOG_LIMIT='3/minute:5' # log 3 events per minute; allow a # burst of 5 events PF_FORWARD_REJ_LIMIT='1/second:5' # reject 1 connection per second; allow # a burst of 5 events; otherwise # drop packet PF_FORWARD_UDP_REJ_LIMIT='1/second:5' # reject 1 udp packet per second; # allow a burst of 5 events; # otherwise drop packet PF_FORWARD_N='2' PF_FORWARD_1='tmpl:samba DROP' # drop samba traffic if it tries # to leave the subnet PF_FORWARD_2='IP_NET_1 ACCEPT' # accept everything else PF_POSTROUTING_N='1' PF_POSTROUTING_1='IP_NET_1 MASQUERADE' # masquerade traffic leaving # the subnet PF_PREROUTING_N='0' PF_PREROUTING_1='1.2.3.4 dynamic:22 DNAT:@client2' # forward ssh connections # coming from 1.2.3.4 to client2 PF_USR_CHAIN_N='0' #------------------------------------------------------------------------------ # Simple DMZ setup for dial-up based routers -- see documentation #------------------------------------------------------------------------------ OPT_DMZ='no' #------------------------------------------------------------------------------ # Optional package: PORTFW #------------------------------------------------------------------------------ PORTFW_N='0' # how many portforwardings to set up PORTFW_1_TARGET='8080' # example 1: forward ext. port 8080 PORTFW_1_NEW_TARGET='192.168.6.15:80' # ...to int. host 192.168.6.15 port 80 PORTFW_1_PROTOCOL='tcp' # ...using tcp PORTFW_2_TARGET='3000-3010' # example 2: forward portrange 3000-3010 PORTFW_2_NEW_TARGET='192.168.6.15' # ...to int. host 192.168.6.15 PORTFW_2_PROTOCOL='tcp' # ...using tcp #------------------------------------------------------------------------------ # Masq modules #------------------------------------------------------------------------------ MASQ_MODULE_N='0' # load n masq modules (see documentation) MASQ_MODULE_1='ftp' # ftp MASQ_MODULE_1_OPTION='' # options, see documentation MASQ_MODULE_2='irc' # irc MASQ_MODULE_2_OPTION='' # options, see documentation #------------------------------------------------------------------------------ # Domain configuration: # configuration of DNS, DHCP-Server and HOSTS -> see package DNS_DHCP #------------------------------------------------------------------------------ DOMAIN_NAME='lan.fli4l' # your domain name DNS_FORWARDERS='194.8.57.8' # DNS servers of your provider, # e.g. ns.n-ix.net # optional configuration for the host-entry of the router in /etc/hosts #HOSTNAME_IP='IP_NET_1_IPADDR' # IP to bind to HOSTNAME #HOSTNAME_ALIAS_N='0' # how many ALIAS names for the router #HOSTNAME_ALIAS_1='router.lan.fli4l' # first ALIAS name #HOSTNAME_ALIAS_2='gateway.my.lan' # secound ALIAS name #------------------------------------------------------------------------------ # imond configuration: #------------------------------------------------------------------------------ START_IMOND='no' # start imond: yes or no IMOND_USE_ORIG='yes' # use the original version of imond instead # of the development version: yes or no IMOND_PORT='5000' # port (tcp), don't open it to the outside IMOND_PASS='' # imond-password, may be empty IMOND_ADMIN_PASS='' # imond-admin-password, may be empty IMOND_LED='' # tty for led: com1 - com4 or empty IMOND_BEEP='no' # beep if connection going up/down IMOND_LOG='no' # log /var/log/imond.log: yes or no IMOND_LOGDIR='/var/log' # log-directory, e.g. /var/log IMOND_ENABLE='yes' # accept "enable/disable" commands IMOND_DIAL='yes' # accept "dial/hangup" commands IMOND_ROUTE='yes' # accept "route" command IMOND_REBOOT='yes' # accept "reboot" command #------------------------------------------------------------------------------ # Generic circuit configuration: #------------------------------------------------------------------------------ IP_DYN_ADDR='yes' # use dyn. IP addresses (most providers do) DIALMODE='auto' # standard dialmode: auto, manual, or off #------------------------------------------------------------------------------ # optional package: syslogd #------------------------------------------------------------------------------ OPT_SYSLOGD='no' # start syslogd: yes or no #SYSLOGD_RECEIVER='no' # receive messages from network SYSLOGD_DEST_N='1' # number of destinations SYSLOGD_DEST_1='*.* /dev/console' # n'th prio & destination of syslog msgs SYSLOGD_DEST_2='*.* @192.168.6.2' # example: loghost 192.168.6.2 SYSLOGD_DEST_3='kern.info /var/log/dial.log' # example: log infos to file SYSLOGD_ROTATE='no' # rotate syslog-files once every day SYSLOGD_ROTATE_DIR='/data/syslog' # move rotated files to .... #------------------------------------------------------------------------------ # Optional package: klogd #------------------------------------------------------------------------------ OPT_KLOGD='no' # start klogd: yes or no #------------------------------------------------------------------------------ # Optional package: logip #------------------------------------------------------------------------------ OPT_LOGIP='no' # logip: yes or no LOGIP_LOGDIR='/boot' # log-directory, e.g. /boot #------------------------------------------------------------------------------ # Optional package: y2k correction #------------------------------------------------------------------------------ OPT_Y2K='no' # y2k correction: yes or no Y2K_DAYS='0' # correct hardware y2k-bug: add x days #------------------------------------------------------------------------------ # Optional package: PNP #------------------------------------------------------------------------------ OPT_PNP='no' # install isapnp tools: yes or no