##----------------------------------------------------------------------------- ## base.txt - fli4l configuration parameters 2.0.8 ## ## You can edit/change this file with fliwiz V1.6 or any text editor. ## ## P L E A S E R E A D T H E D O C U M E N T A T I O N , ## S E E R E A D M E . T X T ## ## B I T T E U N B E D I N G T D I E D O K U M E N T A T I O N ## L E S E N , S I E H E R E A D M E . T X T ## ## Creation: 26.06.2001 fm ## Last Update: $Id: base.txt,v 1.20.2.8 2002/12/02 15:21:02 rresch Exp $ ## ## Copyright (c) 2001-2002 Frank Meyer ## ## This program is free software; you can redistribute it and/or modify ## it under the terms of the GNU General Public License as published by ## the Free Software Foundation; either version 2 of the License, or ## (at your option) any later version. ##----------------------------------------------------------------------------- #------------------------------------------------------------------------------ # General settings: #------------------------------------------------------------------------------ HOSTNAME='fli4l' # name of fli4l router PASSWORD='fli4l' # password for telnetd, ftpd and sshd MOUNT_BOOT='rw' # mount boot device (floppy): ro, rw, no RAMSIZE='2048' # size of ramdisk for unzipped opt.tgz # the variables MOUNT_OPT, PART_OPT and UPDATE_MODE will be ignored if # RAMSIZE is not empty. see docu MOUNT_OPT='ro' # mount opt device: ro, rw PART_OPT='hda2' # location of opt-files? ram1 or disk-partition UPDATE_MODE='full' # add, cfg, full, none, see documentation #------------------------------------------------------------------------------ # Ethernet card drivers: # uncomment your ethernet card #------------------------------------------------------------------------------ ETH_DRV_N='1' #Anzahl zu ladender Ethetnet-Treiber, normal 1 ETH_DRV_1='3c59x' #3C905-TX 3COM Etherlink XL 10/100 ETH_DRV_1_OPTION='' #------------------------------------------------------------------------------ # Ether networks used with IP protocol: #------------------------------------------------------------------------------ IP_ETH_N='2' #Anzahl der zu verbindenden Teilnetzwerke IP_ETH_1_NAME='' # IP_ETH_1_IPADDR='192.168.6.1' #IP-Addresse der 1.Router-Ethernet-Karte IP_ETH_1_NETWORK='192.168.6.0' #Netzwerk-ID des 1. Netzwerks IP_ETH_1_NETMASK='255.255.255.0' #Netzwerkmaske des 1. Netzwerks IP_ETH_2_NAME='' # IP_ETH_2_IPADDR='130.20.0.1' #IP-Addresse der 2.Router-Ethernet-Karte IP_ETH_2_NETWORK='130.20.0.0' #Netzwerk-ID des 2. Netzwerks IP_ETH_2_NETMASK='255.255.0.0' #Netzwerkmaske des 2. Netzwerks #------------------------------------------------------------------------------ # Additional routes, optional #------------------------------------------------------------------------------ IP_DEFAULT_GATEWAY='' # normally not used, read documentation! IP_ROUTE_N='0' # number of additional routes IP_ROUTE_1='192.168.7.0 255.255.255.0 192.168.6.99' # network netmask gateway #------------------------------------------------------------------------------ # Masquerading: #------------------------------------------------------------------------------ MASQ_NETWORK='192.168.6.0/24' # networks to masquerade (e.g. our LAN) MASQ_MODULE_N='1' # load n masq modules (default: only ftp) MASQ_MODULE_1='ftp' # ftp MASQ_MODULE_2='h323' # h323 (netmeeting) MASQ_MODULE_3='icq' # icq (use with caution!) MASQ_MODULE_4='irc' # irc MASQ_MODULE_5='raudio' # raudio MASQ_MODULE_6='vdolive' # vdolive MASQ_MODULE_7='quake' # quake MASQ_MODULE_8='cuseeme' # cuseeme MASQ_MODULE_9='mms' # MSN-Filetransfer MASQ_MODULE_10='pptp' # pptp MASQ_MODULE_11='ipsec' # ipsec MASQ_MODULE_12='dplay' # dplay (direct play) MASQ_MODULE_13='msn-0.02' # msn zone (use version 0.01 or 0.02) MASQ_MODULE_14='udp_dloose' # pseudo mod: some internet games need it MASQ_FTP_PORT_N='0' # using ftp masq-module on different ports MASQ_FTP_PORT_1='21' # standard ftp port MASQ_FTP_PORT_2='2021' # additional port #------------------------------------------------------------------------------ # Optional package: PORTFW # # If you set OPT_PORTFW='yes', you can also edit opt/etc/portfw.sh #------------------------------------------------------------------------------ OPT_PORTFW='no' # install port forwarding tools/modules PORTFW_N='0' # how many portforwardings to set up PORTFW_1='8080 192.168.6.15:80 tcp' # sample 1: forward ext. port 8080 to int. # host 192.168.6.15 to port 80 (use tcp) PORTFW_2='3000-3010 192.168.6.15 tcp' # sample 2: forward portrange to int. host # 192.168.5.15 (use tcp) #------------------------------------------------------------------------------ # Routing without masquerading #------------------------------------------------------------------------------ ROUTE_NETWORK='192.168.6.0/24 130.20.0.0/16' #optional: route from/to network, no masq #------------------------------------------------------------------------------ # Routing: internal hosts to deny forwarding #------------------------------------------------------------------------------ FORWARD_DENY_HOST_N='0' # number of denied hosts FORWARD_DENY_HOST_1='192.168.6.5' # optional: 1st denied host FORWARD_DENY_HOST_2='192.168.6.6' # optional: 2nd denied host #------------------------------------------------------------------------------ # Routing: ports to reject/deny forwarding (from inside and outside!) #------------------------------------------------------------------------------ FORWARD_DENY_PORT_N='1' # no. of ports to reject/deny forwarding FORWARD_DENY_PORT_1='137:139 REJECT' # deny/reject forwarding of netbios FORWARD_TRUSTED_NETS='' # but allow forwarding between LANs #------------------------------------------------------------------------------ # Firewall: ports to reject/deny from outside (all served ports) # # here we leave two ports untouched: # # 53 dns # 113 auth #------------------------------------------------------------------------------ FIREWALL_DENY_PORT_N='6' # no. of ports to reject/deny FIREWALL_DENY_PORT_1='0:52 REJECT' # privileged ports: reject or deny FIREWALL_DENY_PORT_2='54:112 REJECT' # privileged ports: reject or deny FIREWALL_DENY_PORT_3='114:1023 REJECT' # privileged ports: reject or deny FIREWALL_DENY_PORT_4='5000:5001 REJECT' # imond/telmond ports: reject or deny FIREWALL_DENY_PORT_5='8000 REJECT' # proxy access: reject or deny FIREWALL_DENY_PORT_6='20012 REJECT' # vbox server access: reject or deny FIREWALL_DENY_ICMP='no' # deny icmp (ping): yes or no FIREWALL_LOG='yes' # log access to rejected/denied ports #------------------------------------------------------------------------------ # Domain configuration: #------------------------------------------------------------------------------ START_DNS='yes' # start dns server: yes or no DNS_FORWARDERS='192.76.144.66' # DNS servers of your provider, e.g. MSN DNS_VERBOSE='no' # log queries in /usr/local/ens/ens.log DOMAIN_NAME='lan.fli4l' # your domain name DNS_FORBIDDEN_N='0' # number of forbidden domains DNS_FORBIDDEN_1='foo.bar' # 1st forbidden domain DNS_FORBIDDEN_2='bar.foo' # 2nd forbidden domain HOSTS_N='4' # number of hosts in your domain HOST_1='192.168.6.1 fli4l' # 1st host: ip and name HOST_2='192.168.6.2 client2' # 2nd host: ip and name HOST_3='192.168.6.3 client3' # 3rd host: ip and name HOST_4='192.168.6.4 client4' # 4th host: ip and name #------------------------------------------------------------------------------ # Special DNS configuration #------------------------------------------------------------------------------ DNS_N='0' # number of special dns servers, normally 0 #DNS_1='firma.de 192.168.1.12' # 1st special dns server for firma.de #DNS_2='lan.firma.de 192.168.2.12' # 2nd special dns server for lan.firma.de #------------------------------------------------------------------------------ # imond configuration: #------------------------------------------------------------------------------ START_IMOND='no' # start imond: yes or no IMOND_PORT='5000' # TCP-Port, see also FIREWALL_DENY_PORT_x! IMOND_PASS='' # imond-password, may be empty IMOND_ADMIN_PASS='' # imond-admin-password, may be empty IMOND_LED='' # tty for led: com1 - com4 or empty IMOND_BEEP='no' # beep if connection going up/down IMOND_LOG='no' # log /var/log/imond.log: yes or no IMOND_LOGDIR='/var/log' # log-directory, e.g. /var/log IMOND_ENABLE='yes' # accept "enable/disable" commands IMOND_DIAL='yes' # accept "dial/hangup" commands IMOND_ROUTE='yes' # accept "route" command IMOND_REBOOT='yes' # accept "reboot" command #------------------------------------------------------------------------------ # Generic circuit configuration: #------------------------------------------------------------------------------ IP_DYN_ADDR='yes' # use dyn. ip addresses (most providers do) DIALMODE='auto' # standard dialmode: auto, manual, or off #------------------------------------------------------------------------------ # optional package: syslogd #------------------------------------------------------------------------------ OPT_SYSLOGD='no' # start syslogd: yes or no SYSLOGD_DEST_N='1' # number of destinations SYSLOGD_DEST_1='*.* /dev/console' # n'th prio & destination of syslog msgs SYSLOGD_DEST_2='*.* @192.168.6.2' # example: loghost 192.168.6.2 SYSLOGD_DEST_3='kern.info /var/log/dial.log' # example: log infos #------------------------------------------------------------------------------ # optional package: klogd #------------------------------------------------------------------------------ OPT_KLOGD='no' # start klogd: yes or no #------------------------------------------------------------------------------ # optional package: y2k correction #------------------------------------------------------------------------------ OPT_Y2K='no' # y2k correction: yes or no Y2K_DAYS='' # correct hardware Y2K-Bug: add x days #------------------------------------------------------------------------------ # Optional package: PNP #------------------------------------------------------------------------------ OPT_PNP='no' # install isapnp tools: yes or no