Archive

Posts Tagged ‘comixwall’

ComixWall项目结束了,真是可惜

December 13th, 2009 admin No comments

After 7 releases and 4500+ downloads, this project will close its doors on the new year’s eve. If you are looking for a project which will survive beyond December 31st, please move on, this is not it. I once again would like to thank all the people who have shown interest, all the seeders of the torrent files, and the translators. Everybody is welcome to download the source code or the iso files until I unplug this server. So long, goodbye.

 

官方网站:http://comixwall.org/index.php

ComixWall项目将于2009年12月8号(土耳其时间)结束,刚支持中文,重新改写了之前的web界面,就宣布不再发布新的release。真是可惜!

Categories: OpenBSD Tags: ,

ComixWall 4.6发布了,增加了中文支持

December 13th, 2009 admin 2 comments

ComixWall 4.6发布了,增加了中文支持,安装比之前的版本,简单多了!

官方 InstallationGuide.txt

ComixWall installation is very intuitive and easy, just follow the instructions on the screen and answer the questions asked. You are advised to accept the default answers to all the questions. In fact, the installation can be completed by accepting default answers all the way from the first question until the last. The only obvious exceptions are network configuration and password setup.

Auto allocator will provide a partition layout recommended for your disk. Suggested partitioning should be suitable for most installations, simply accept it.

Make sure you configure two network interfaces. You will be asked to choose internal and external interfaces later on.

All of the install sets and software packages are selected by default, simply accept the selections. If you are upgrading, you will notice that a few packages are deselected. However, you are advised to include them among the selections by hitting ENTER a couple of times.

If the installation script finds an already existing file which needs to be updated, it saves the old file as <filename>.orig. To update all such files, accept the default ‘a’ answer when asked.

Installation logs can be found under the /root directory.

You can access the web administration interface using the IP address of the system’s internal interface you have selected during installation. You can log in to the system over ssh from internal network.

Web interface user names are admin and user. Both are set to the same password you have provided during installation.

References:
[1] See http://openbsd.org/amd64.html and http://openbsd.org/i386.html for supported hardware.
[2] See http://openbsd.org/faq/faq4.html for OpenBSD installation instructions.

$ComixWall: InstallationGuide.txt,v 1.10 2009/12/04 08:58:10 soner Exp $

1

 

 

官方是以BT的形式下载的,下面附件共享不方便BT 的朋友!

附件:

comixwall46_20091208_i386.iso

MD5 (comixwall46_20091208_i386.iso) = 1b6514d23eecd4f15c571c83c99deba9

comixwall46_20091208_amd64.iso

MD5 (comixwall46_20091208_amd64.iso) = 09f1cbe02e2f4801b433ba9fab728903

Categories: OpenBSD Tags: , ,

comixwall4.5 Installation Guide

September 17th, 2009 admin No comments

 1 Installation

 1.1 Prerequisites
ComixWall Installation CD, the iso image of which you can download using the torrent file on the downloads section of the project web site.

Since ComixWall is developed on OpenBSD i386 and amd64 architectures, you will need a 32-bit or 64-bit COTS computer. You may want to see http://openbsd.org/i386.html or http://openbsd.org/amd64.html for supported hardware.

 1.2 Installation Steps
 1.2.1 OpenBSD installation
The first phase is the usual OpenBSD installation. During OpenBSD installation, make sure you have selected all install sets listed, including siteXX.tgz.

ComixWall uses the install script in bsd.rd. There is no point replicating the nice descriptions in OpenBSD guides, so please read http://openbsd.org/faq/faq4.html and follow the instructions there.

ComixWall 4.5 installation CD supports upgrading from version 4.4. Therefore, if you already have ComixWall 4.4 installed on your system, you can choose upgrade mode at the beginning of OpenBSD installation.

It is advised that you create the following partitions (s/wd0/sd0 if you have a SCSI harddisk):

/dev/wd0a /
/dev/wd0d /tmp
/dev/wd0e /usr
/dev/wd0f /var
/dev/wd0g /home

ComixWall installation consumes about 650MB harddisk space after first install, which is very minimal considering harddisk sizes available today. Sample disk usages after first install are:

/dev/wd0a 181M /
/dev/wd0g 2.0K /home
/dev/wd0d 10.0K /tmp
/dev/wd0e 235M /usr
/dev/wd0f 230M /var

/var partition will contain logs, so keep it as large as you wish.

Also, do not omit the network configuration phase and enable the DNS during OpenBSD installation, because the network may be used to set the clock via a time server.

 1.2.2 ComixWall installation

ComixWall web interface users are ‘admin’ and ‘user’. Both passwords are ‘wwwcomix’.

When OpenBSD installation is complete, installation jumps to ComixWall install.site or upgrade.site script, depending on the method you have chosen at the beginning of OpenBSD installation. Installation scripts in ComixWall are heavily modified versions of the scripts in bsd.rd (especially install.sub), but the basic operation and principles are the same.

The first thing you will see is (s/install/upgrade if you have chosen upgrade mode during OpenBSD installation):

Welcome to the ComixWall install program.

This program will help you install ComixWall. Default answers are shown
in []’s and are selected by pressing RETURN. At any time you can exit this
program by pressing Control-C, but exiting during an install can leave
your system in an inconsistent state.

IS YOUR DATA BACKED UP? As with anything that modifies disk contents, this
program can cause SIGNIFICANT data loss.

Proceed with install? [no]

Hit ‘y’ to continue with installation.

The following are the first couple of lines you will see:

After install completes, full logs can be found at:
/root/comixwall45_i386_install.log

Do you want to sync datetime with a Time Server? [no]

If you are sure the hardware clock is correct, just hit ENTER here, but it is wise to set the clock during installation to avoid hops in time in normal operation.

If you enter ‘y’, you will have an option to choose the time server:

Time Server? [utcnist.colorado.edu]

If you hit ENTER, the default time server will be used (as shown), if not you can type in your preference, and the time will be set in the background. You will see the following message:

Setting time in the background using <time server url>

Next you will be asked where the installation packages are located. Supported locations are listed as shown, but the default is the installation cd:

Let’s install the packages!
Location of packages? (cd disk ftp http nfs or ‘done’) [cd]

If you have copied packages to a supported location, you can of course choose accordingly, but if not, just hit ENTER here.

Available CD-ROMs are: cd0.
Which one contains the install media? (or ‘done’) [cd0]

Just hit ENTER again to choose the installation CD (if you have multiple CD drives, you will need to choose the correct one here.)

Pathname to the packages? (or ‘done’) [packages]

Just hit ENTER again, and you will be presented with the list of packages available on the installation CD:

Select packages by entering a package file name (shown in parentheses),
a file name pattern or ‘all’. De-select packages by prepending
a ‘-’ to the package name, file name pattern or ‘all’. Selected
packages are labelled ‘[X]‘.

        [X] SpamAssassin SPAM Scanner -> (p5-Mail-SpamAssassin-3.2.5p1.tgz)
        [X] ClamAV Virus Scanner -> (clamav-0.95.2.tgz)
        [X] P3Scan POP3 Proxy -> (p3scan-2.3.2.tgz)
        [X] Smtp-gated SMTP Proxy -> (smtp-gated-1.4.16.2.tgz)
        [X] Snort IDS -> (snort-2.8.4.1.tgz)
        [X] Snort IPS -> (snortips-4.5.tgz)
        [X] Oinkmaster snort rule base updater -> (oinkmaster-2.0.tgz)
        [X] Squid HTTP Proxy -> (squid-2.7.STABLE6.tgz)
        [X] DansGuardian Web Filter -> (dansguardian-2.10.1.1-clamd.tgz)
        [X] IMSpector IM Proxy -> (imspector-0.8.tgz)
        [X] Dante SOCKS Proxy -> (dante-1.1.19p0.tgz)
        [X] PHP -> (php5-core-5.2.8p0.tgz)
        [X] Symon system monitoring software -> (symon-2.79p0.tgz)
        [X] Webalizer web server logs analyzer -> (webalizer-2.01.10p7.tgz)
        [X] Pmacct network analyzer -> (pmacct-0.11.6.tgz)
        [X] OpenVPN virtual private networking -> (openvpn-2.1rc18.tgz)
        [X] ComixWall web interface -> (comixwall45_webif.tar.gz)
        [X] ComixWall configuration files -> (comixwall45_config.tar.gz)
        [X] ClamAV signature database -> (clamavdb.tar.gz)
        [X] Categorized lists for web filter -> (bigblacklist_comixwall.tar.gz)
        [X] Snort IDS rules -> (snortrules-snapshot-CURRENT.tar.gz)
Package name? (or ‘done’) [done]

In most cases you want to hit ENTER here to start automatic installation of all the available packages. Otherwise, you can de-select  packages you don’t want installed.[1]

 1.2.3 ComixWall upgrade
Upgrading version 4.4 to 4.5 is not too different from an installation as described above. But since there are already customized configuration files in your system, the upgrade script will not have selected configuration specific install packages by default:

        [X] SpamAssassin SPAM Scanner -> (p5-Mail-SpamAssassin-3.2.5p1.tgz)
        [X] ClamAV Virus Scanner -> (clamav-0.95.2.tgz)
        [X] P3Scan POP3 Proxy -> (p3scan-2.3.2.tgz)
        [X] Smtp-gated SMTP Proxy -> (smtp-gated-1.4.16.2.tgz)
        [X] Snort IDS -> (snort-2.8.4.1.tgz)
        [X] Snort IPS -> (snortips-4.5.tgz)
        [X] Oinkmaster snort rule base updater -> (oinkmaster-2.0.tgz)
        [X] Squid HTTP Proxy -> (squid-2.7.STABLE6.tgz)
        [X] DansGuardian Web Filter -> (dansguardian-2.10.1.1-clamd.tgz)
        [X] IMSpector IM Proxy -> (imspector-0.8.tgz)
        [X] Dante SOCKS Proxy -> (dante-1.1.19p0.tgz)
        [X] PHP -> (php5-core-5.2.8p0.tgz)
        [X] Symon system monitoring software -> (symon-2.79p0.tgz)
        [X] Webalizer web server logs analyzer -> (webalizer-2.01.10p7.tgz)
        [X] Pmacct network analyzer -> (pmacct-0.11.6.tgz)
        [X] OpenVPN virtual private networking -> (openvpn-2.1rc18.tgz)
        [X] ComixWall web interface -> (comixwall45_webif.tar.gz)
        [ ] ComixWall configuration files -> (comixwall45_config.tar.gz)
        [ ] ClamAV signature database -> (clamavdb.tar.gz)
        [ ] Categorized lists for web filter -> (bigblacklist_comixwall.tar.gz)
        [ ] Snort IDS rules -> (snortrules-snapshot-CURRENT.tar.gz)
Package name? (or ‘done’) [comixwall45_config.tar.gz]

However, you are strongly advised to select all the packages at this point (by entering 鈥渁ll鈥?here). If not, you will need to manually upgrade your configuration files, and this may be a harder task than letting this configuration script install the new configuration files.

When the installation script finds an already existing file, it will ask whether to replace it:

Replace existing file: <filename> ? (y/n/a) [no]

If you hit ENTER here, thus choose no, the new configuration file will be copied to your system with .new extension, as follows <filename>.new. If you enter yes, the old file will be renamed as <filename>.orig, and the new file will be installed. When the system resumes normal operations, you will need to compare the original and new files and merge your custom changes as necessary. If you enter all, yes reponse will be assumed for the rest of the files.

 1.2.4 ComixWall configuration
At this point, all the software needed are installed, but many modules need settings specific to your installation and hardware. Therefore, if you did not forget to select siteXX.tgz install set during OpenBSD installation, the installation script will jump to the configuration script now:

Running post-install script…

********************************
* COMIXWALL CONFIGURATION
********************************
If this is the first run of this script during ComixWall installation,
you should let the script complete the system configuration,
at least the first Interactive phase.
First install

********************************
* HOSTNAME
********************************

Current value: <hostname>

Press enter to continue

<hostname>

Hostname? [<hostname>]

If you entered the correct hostname you want to use for ComixWall during OpenBSD installation phase, then just hit ENTER, or type in a new one.[2]

Shall I really apply the change(s)? (y/n/done) [n]

If you typed in a new name, you should enter ‘y’ here, otherwise automatic configuration will not give you a second chance until the Interactive phase. If you do hit ‘y’, you will see:

SUCCESS: Configuration changed

Current config:
<hostname>

The same rules apply for the system gateway configuration (10.0.0.2 is just an example):

********************************
* SYSTEM GATEWAY
********************************

Current value: 10.0.0.2

Press enter to continue

10.0.0.2

System Gateway? [10.0.0.2]
Shall I really apply the change(s)? (y/n/done) [n]

Configuration NOT changed

Current config:
10.0.0.2

If your system gateway is assigned by DHCP, this stage will be skipped, so you will just see:

********************************
* SYSTEM GATEWAY
********************************
Cannot find mygate file: Assuming DHCP assigned gateway

Next you have an option to change interface configuration which you should have already completed during OpenBSD installation phase.

********************************
* PHYSICAL INTERFACES
********************************
Options:
1) fxp0
2) nfe0

Type ‘done’ to exit
Selection? (#/done) [1]
Done

If you don’t want to change anything, just type ‘done’.

The final two steps of the manual phase of the first install configuration are instructing ComixWall to use which interface as LAN or WAN.

********************************
* INTERFACE NAMES
********************************
Which is LAN interface?
Options:
1) fxp0
2) nfe0

Type ‘done’ to exit
Selection? (#/done) [1]

You should select the correct physical interface name for LAN among the options (fxp0 and nfe0 here are just sample names).

Which is WAN interface?
Options:
1) fxp0
2) nfe0

Type ‘done’ to exit
Selection? (#/done) [1]

And select the WAN interface too.

At this point manual part of the first install automatic configuration is done, and you will see many lines scrolling by on your screen.

Finally:

Configuration complete!
You can restart or type ‘done’ to exit.

Choose configuration method:
Options:
1) Automatic
2) Interactive

Type ‘done’ to exit
Selection? (#/done) [1]

If you think you want to change some settings, you can go back to the beginning of the manual configuration steps.

ComixWall configuration script tries to guess the DHCP server IP range using the LAN network address. For example, if your LAN network is 192.168.1.0/24, the configuration script chooses 192.168.1.1 鈥?192.168.1.254 as the IP range. You can modify this range on the web interface.

If you just type in ‘done’, you will see the following final remarks:

Done
Configuration complete!

/var/www/htdocs/comixwall/symon/rrds/localhost/cpu0.rrd created
Creating pmacct rrd files…

CONGRATULATIONS! Your ComixWall install has been successfully completed!

At the command line type ‘halt’ as instructed, remove the installation CD from the drive. Hitting a key will reboot the system for normal operation.

[1] Since there are dependencies between some packages, you are strongly advised to install all available packages. If not, you may need to manually change some configuration.
[2] You can name your system as you wish, but you are advised to use an FQDN.

Categories: OpenBSD Tags: ,