Anatomy of an EigerStein Firewall

This section describes the design of an EigerStein disk, as well as the Linux operating system it creates after booting. This knowledge is essential for a good understanding of how to configure and modify the firewall.

The EigerStein Disk

Notice, that there is more than 1.44 Mb of information on the disk. That is because this disk is formatted to 1.68 Mb (using the same format as the Microsoft .CAB file disk). Notice also, that even though we are dealing with the Linux operating system, the format of the EigerStein floppy disk appears to be in MS-DOS format. This means that you can use Microsoft Windows to add and delete files to and from the disk, as well as modify the SYSLINUX.CFG file.

On the disk, there are the following files: <anyfile>.LRP (files ending in .LRP are packages that load into Linux after the Linux kernel boots up), LINUX (the kernel), SYSLINUX.CFG (the disk configuration file), SYSLINUX.DPY (the firewall boot-up screen), and readme.txt. Of particular interest to you is the SYSLINUX.CFG file. This file dictates which packages get loaded when the system is booted. Depending upon which application you use to edit this file, its text may appear on one line, or up to 6 lines. If you locate the part of this file that begins with LRP=, you will see the names of packages which load at boot time. You can insert, or delete different package entries from this line to make certain packages load, or keep others from loading. The thing to remember is that there should be no spaces in between the commas and package names, and that the package names are identical to the file names, without the ".LRP".

The Booted Operating System

Once booted, the floppy disk can be removed (though this would be a bad idea - consider if there were a power outage, and the firewall tried to restart after the power came back on with no boot disk). It is not accessed during the normal operation of the firewall. The contents of most files on the disk are copied into memory into a ramdisk. This ramdisk is a section of memory that appears to be a disk drive, but is actually just memory. Once the ramdisk is created, a file system is placed on it (rather like formatting a disk). This is the MINIX file system. There is very low overhead associated with the MINIX file system, making it ideal for the LRP project. Using the MINIX file system means that you can only access the booted file system by sitting at the firewall, or through a text-based terminal session (with Putty). The file system is laid out in the following manner:

[root] - root directory of the file system
   bin - binary files; these are general Linux applications
   lib - libraries; files required to execute software, or control hardware devices
      modules - files required to operate the network card, and forward some types of traffic
   root - home directory of the root user
   sbin - system administration commands
   usr - commands that are typically used by either the administrator or users
      adm - this is a link to the /var/adm directory.
      bin - more general Linux applications
      sbin - more commands used by the administrator, or users
   var
      adm - log files
      log - log files
      sh-www - the top-level directory for the sh-httpd web server
   dev - files which represent hardware devices on the PC
   etc - this directory is used for boot scripts and configuration files
      init.d - mostly scripts that run to bring the firewall up
      rcS.d - scripts that are run at boot time which call the scripts in /etc/init.d in the proper order
      ssh - files required for secure shell, including the key file
      seawall - configuration files for Seattle Firewall
   tmp - a directory to hold temporary files (typically empty)
   mnt - a location to mount other devices (like the floppy disk).
   proc - a directory with files that represent processes running on the system

Again, (and I cant stress this enough), although this is a file system, it exists only in memory, on a ram disk. As soon as the PC loses power, this file system disappears. Make sure that when you make changes to files, you back up the changes using lrcfg.

Contents
Applications Used
Linux Primer