Linux Primer

This section is provided for the non-Linux user. It gives a brief overview of the concepts and actions necessary to get around in the EigerStein firewall. Note that this is not by any means a comprehensive 'Getting Started with Linux' tutorial, nor will it help much with a full Linux distribution such as RedHat, Debian, or Slackware. It simply gives you some of the commands and concepts to get through the EigerStein installation and configuration. For more in-depth resources on Linux and networking, see Appendix B - Resources.

The Lrcfg Script

Once EigerStein boots, you will be at the main menu for the lrcfg program. This program automatically loads by default. It is a simple menu-driven user interface to backing up the firewall, and editing the various configuration files. Press a number or letter, then the [Enter] key to select the respective feature or function. This is a good time to check out the Matterhorn FAQ, the Newbie HowTo, and the EigerStein Readme file. They go into some detail in configuring EigerStein through the menu system. There really isn't much Linux knowledge required here in the menus. If you press the [q] key, then [Enter], now you are in the Linux space, and should read on.

File and Directory Attributes

Each file and directory in Linux has a specified set of attributes used for security. Knowing these will help you to track down problems, and understand why a step-by-step instruction guide tells you to use the chmod command (a common command used in Linux).

First, each file and directory belongs to a user, and to a group. These items are determined during the installation, and then when each user creates a file or directory. Every user belongs to a group, and when a user saves a file, Linux stores that users name, and the group to which that user belongs with the file. Consider the following directory entry:

-rwxr-xr-x 1 sh-httpd adm 5985 Aug 20 18:24 index.html

In this entry, the file index.html belongs to a user called sh-httpd. That user belongs to the adm group.

When displaying a files attributes (See Getting Around in the File System below on how to display a files attributes.), you will see a series of characters that take up the first 10 spaces of each file or subdirectory in that directory (see the above directory entry). The first space tells you what kind of entry this is. A dash means that this is a regular file. A 'd' indicates that this is a directory. An 'l' means that this is a link to another file. The next three characters indicate the permissions of the files owner. An 'r' means the owner can read the file. A 'w' means the owner can write (make changes) to the file. The 'x' means the owner can execute or run the file (if it is a binary application or script file). The next three characters describe the permissions for the group to which this file was assigned. The same three letters are used and they have the same meaning. The last three characters describe the permissions of anyone who is not the files owner, and anyone who does not belong to the group to which this file belongs. Again, the same letters are used, and they have the same meaning. A dash is used if a permission is not allowed. From this, and the permissions in the example output above, we can determine the following:

Getting Around in the File System

If you are familiar with working in DOS, this should not be too difficult, after all, DOS was modeled after UNIX, and Linux was modeled after UNIX. There are some differences to be aware of, however. There is a document (listed in Appendix B - Resources) which specifically covers Linux basics for those experienced in DOS.

The cd command is available, and does the same thing as its DOS counterpart. One difference, however, is that the backslash (\)is not used in Linux to separate directories. In Linux, we use the forward slash (/) instead. Also, in DOS it is acceptable to type cd\dos to move from anywhere in the file system to the dos directory off of the root directory. Even if we replace the backslash with a forward slash, this will cause an error in Linux. When using the cd command, there must always be a space between the cd and the directory name. Thus, to move into, for example the /usr directory, we would type:

    cd /usr

In order to see which files are in a directory, DOS users type the dir command. This command is available in most Linux distributions (EigerStein included), but is actually only a shortcut to the real Linux command, ls. Typing ls then [Enter] will display the contents of a directory in a fashion similar to the DOS command dir /w. The number of files on a line is dependent upon how long the longest file name in that directory is. To view detailed information about a file, type ls -l. This will display the files name, owner, group, size, date, and permissions. In the directory entry example above, we see that this is a file, called index.html. It is 5985 bytes, was created on August 20th at 6:24 p.m., and belongs to the sh-httpd user who is a member of the adm group.

Copying, Renaming and Deleting Files and Directories

The procedure for creating and deleting files and directories is similar to DOS, as well, however the commands are named slightly different. Note that during deletions, there is no undelete, or recycle bin. In addition, wildcards may be used as well. This makes deleting files a potentially dangerous activity. Please use caution. The following commands are available:

Action

Command

Syntax / Example

Copy a file

cp

cp [path]<filename> <destination_path>

Examples:

cp index.html /usr/root [Enter]

cp /mnt/stat.sh /usr/bin [Enter]

Delete a file

rm

rm <filename>

Example:

rm index.html [Enter]

Rename a file

mv

mv <currentfilename> <newfilename>

Example:

mv index.html index.htm [Enter]

Create a directory

mkdir

mkdir <newdirectoryname>

Example:

mkdir temp [Enter]

Delete a directory

rmdir

rmdir <directorytodelete>

Example:

rmdir temp [Enter]

Rename a directory

mv

mv <olddirectoryname> <newdirectoryname>

Example:

mv webpages htmldocs [Enter]

Mounting and Unmounting Floppy Disks

To mount a disk means to make that disk available for reading and writing. In DOS, disks are mounted automatically, without user intervention. In Linux, disks must be mounted. This is particularly true with removable media. Likewise, all media (even CD-ROM disks) must be unmounted when you are finished. If you remove a floppy disk from the drive without unmounting it, you run the risk of data corruption. This is because Linux uses disk caching (yes, even on floppies) that may hold data in memory for quite some time before flushing it out to the disk.

One other note about mounting and file systems. In DOS, you have a separate file system on each logical drive in your computer. Think of it this way, if you have a floppy disk in the drive, two hard disks (C: and D:), and a CD-ROM on drive E:, you have four distinct root directories; the root directory on drive A:, C:, D:, and E:. In Linux, there is only one root directory, and one file system. All storage devices are mounted "into" that file system. Typically, we mount the floppy drive into the /mnt directory. That way, if you need to access information on the floppy, you would look for that information in the /mnt directory. This is the standard being used in the examples below.

Mounting a floppy disk:

      1.44Mb disk:  mount -t msdos /dev/fd0 /mnt [Enter]

      1.68Mb disk:  mount -t msdos /dev/fd0u1680 /mnt [Enter]

These commands do the following: first, the call the mount command. They pass the drive type parameter to the mount command (-t msdos) indicating that these disks are formatted in a standard MS-DOS format. Next, mount is instructed which device to mount. All hardware devices are represented in Linux by a file in the /dev directory. In the first example, the default fd0 device is used. This device assumes that the first floppy disk is a 1.44 Mb disk. The second example (the one you must use when you mount the EigerStein disk) says that the first floppy disks will be used, but to force reading and writing in the 1680K or 1.68 Mb (Microsofts .CAB) format. The last parameter tells mount where to put the floppy disk in the file system (in this case, in the /mnt directory). Once the disk is mounted, you can cd to it, copy files, edit files, etc. Just dont forget to unmount it when you are done.

Unmounting a floppy disk:

    unmount /mnt [Enter]

This tells Linux to unmount (and flush any data that may not yet have been written) whatever device was mounted into the /mnt directory. One final word regarding mounting and unmounting disks. You cannot be in the directory into which you are mounting a file system. For example, if you are mounting a floppy disk into the /mnt directory, you cannot be in the /mnt directory. If you arent sure whether or not you are in the /mnt directory, perform a cd / [Enter] to move to the root directory just to be safe.

Setting a Password

As soon as you are ready to place the firewall into the network, you should put a password on the root account. This is very important as without it, potential intruders could get in, and place their own password on the system (thus removing your ability to manage/modify the firewall). In addition, you will not be able to remotely control the firewall using Putty without a password. To do so, follow these steps:

1. If you are not logged in, do so.

2. Exit the lrcfg script by typing [q] then [Enter].

3. Type: passwd [Enter].

4. Follow the prompts to change the password.

Rebooting the Firewall

You can reboot the firewall in one of two ways. The simpler is to do an immediate reboot by typing the reboot command at the command prompt:

    reboot [Enter]

The other way is to use the shutdown command. The syntax of the shutdown command is:

    shutdown <type> <when>

where type is -h to halt the system, or -r to reboot it. The when refers to when to shut the system down. With this, you can schedule a shutdown and restart at a specified time (perhaps during the evening when no one is using the system). For an immediate shutdown using the shutdown command, type

    shutdown -h now [Enter]

Editing Files

In DOS, you have probably used the EDIT.COM program to edit text files. On the EigerStein firewall, the equivalent is called ae. Ae works similar to EDIT. You can simply type ae then [Enter] to load the application. Then, you will be required to explicitly open the file you want to edit. If you are in the same directory as the file you need to edit, you can type:

    ae <filename> [Enter]

This will launch the ae program, and also load the file to be edited. Finally, you can specify the path to the file if you are not in the same directory. For example, you are currently in /usr/bin, and you want to edit network.conf which resides in the /etc directory. You would type:

    ae /etc/network.conf [Enter]

There are a few basic commands you need to get around in ae. These are:

    [Alt]-[w]: write-Begins the process of saving a file. It will always ask for a file name on the top line of the screen prior to saving.
    [Alt]-[q]: quit-Exit ae. It will warn you on the top line of the screen if changes have been made, but not saved.
    [F1]: help-Displays a very informative quick reference of commands for ae

Contents
Anatomy of an EigerStein Firewall
Preparing the PC