Minor Correction

I said earlier that freshclam isn't an init script and I'd have to craft my own. Not required, as there's a script in cron.daily that updates it once a day.

Tweaking the anti-spam setup

1. Had to tweak the SA ruleset for LogWatch, specifically:
   

   header TONNS_LOGWATCH  Subject =~ /^LogWatch for /
   score  TONNS_LOGWATCH  -20.0

   Eventually, it should be a real whitelist entry, but since this is a dry-run, I'll just leave it at this.
   
   
2. The LogWatch amavisd script is out-of-sync with the logs that amavisd generates. This fixed things:
   

   # pwd
   /etc/log.d/scripts
   # diff -u services.orig/amavis services/amavis 
   --- services.orig/amavis        2005-08-22 21:16:47.000000000 -0400
   +++ services/amavis     2006-11-10 11:01:50.000000000 -0500
   @@ -60,7 +60,7 @@
            or ($ThisLine =~ /^cached [a-zA-Z0-9]+ /)
            or ($ThisLine =~ /^starting.  amavisd at/) ) {
           # We don't care about these
   -   } elsif ($ThisLine =~ /^Passed, /) {
   +   } elsif ($ThisLine =~ /^Passed CLEAN, /) {
          $CleanMsgs++;
       } elsif (($FileName, $From) = ( $ThisLine =~ /^BANNED name\/type \(([^\)]+)\)\, \<([^\>]*)\>/ )) {
    
   @@ -82,7 +82,18 @@
            $Viruses{$Virus}{$From}++;
          }; # if
    
   -   } elsif (($Fromspam, $Towards) = ( $ThisLine =~ /^SPAM, [\(\<]([^\>\)]+)[\)\>] -\> [\(\<]([^\>\)]+)[\)\>]/ )) {
   +   } elsif (($Fromspam, $Towards) = ( $ThisLine =~ /^Passed SPAM, \[[\d\.]+\] \[[\d\.]+\] [\(\<]([^\>\)]+)[\)\>] -\> [\(\<]([^\>\)]+)[\)\>]/ )) {
   +      $SpamMsgs++;
   +
   +      if ($Detail >= 5) {
   +        $Spamtypes{$Towards}++;
   +      }; # if
   +
   +      if ($Detail >= 10) {
   +        $Spams{$Towards}{$Fromspam}++;
   +      }; # if
   +
   +   } elsif (($Fromspam, $Towards) = ( $ThisLine =~ /^Passed SPAM, [\(\<]([^\>\)]+)[\)\>] -\> [\(\<]([^\>\)]+)[\)\>]/ )) {
          $SpamMsgs++;
    
          if ($Detail >= 5) {

   
   

Anti-spam setup

Man, setting up an anti-spam toolsuite is a PITA. Spammers suck.

Anyway, I started off with the this HOWOTO from howtoforge.com, skipping all the SQL stuff because I'm not using a virtual setup (for now - maybe the final setup will, I'm not sure yet). Some key
differences in my setup:

In the install:

• The HOWOTO is for Fedora, not CentOS. You need to add "clamd" and "razor-agents" to the install.
  
• There's no "pyzor" package for CentOS. Need to install from source.
  
• I didn't setup razor/pyzor exactly like the HOWTO. I can't recall all the details, but I just su'd to amavis and did it as a "standalone user". But since amavisd does all the SA processing as amavis, it's effectively global. I think I just followed the default documentation.
  
• There's no "freshclam" init script. I still have to write something that crons (or borrow the script from Fedora). I just ran it by hand for now.
  
• Installed "fetchmail". I'm majorly impressed by Horde on this one. IMP was working great and as soon as I installed fetchmail, all the options for remote mail retrival showed up
  

In amavisd.conf:

• $sa_tag_level_deflt = undef; - always print the SA headers
  
• @local_domains_maps = ( [".$mydomain", 'example.com', 'foobar.tld'] ); - if all your domains aren't here, the SA headers won't be added to the messages
  
• $sa_spam_subject_tag = '[SPAM] '; - damn, i hate the asterisks in the subject
  
• Uncomment the 'ClamAV-clamd' section
  
• Make sure you add amavis to the clamd group
  

In clamd.conf

• Add "LocalSocket /var/run/clamav/clamd"
  
• Comment out the TCPSocket and TCPAddr sections
  
• Make sure you add clamd to the amavis group, just to be sure.
  

In Postfix

• Got rid of the home_mailbox directive for Maildirs from yesterday's setup
  
• added "mailbox_command = /usr/bin/procmail"
  
• created /etc/procmailrc with:

  DEFAULT=$HOME/Maildir/
  LOGFILE=/var/log/procmail.log
  LOBABSTRACT=all

  The logging stuff is just temporary.
  
• The reason for the switch to procmail was the Ingo module for horde. It's pretty solid. It will update a user's .procmailrc via the FTP VFS backend, all using the single-signon password. My backend looks like this:

  $backends['procmail'] = array(
      'driver' => 'vfs',
      'preferred' => 'home.tonns.net',
      'hordeauth' => true,
      'params' => array(
          'hostspec' => 'localhost',
          'filename' => '.procmailrc',
          'port' => 21,
          'vfstype' => 'ftp'
      ),
      'script' => 'procmail',
      'scriptparams' => array(
          'path_style' => 'maildir',
          'variables' => array(
              'DEFAULT' => '$HOME/Maildir/',
          )
      )
  );

  That last variable is redundant with the /etc/procmailrc settings, but I don't want the users to try anything crazy.
  
• added to my .procmailrc using Ingo:

  ##### SPAM #####
  :0 
  * ^X-Spam-Status:.*Yes
  "$DEFAULT/.SPAM/"

  Which does as you'd expect. I also added it to /etc/skel/.procmailrc, but horde doesn't read in existing procmail rules, it just knows about the ones it created. I have to look into it - maybe I'll put it in the global procmailrc.
  
• mkdir -p /etc/skel/Maildir/SPAM; mkdir -p /etc/skel/Maildir/.LearnAsSpam; mkdir -p /etc/skel/Maildir/.LearnAsNotSpam - if the Maildir doesn't exist IMP default to mbox in $HOME/mail - which is not what we want, so have them created by default.
  
• Finally, I wrote a shell script that uses archivemail and sa-learn to clean out everyone's LearnAsSpam/NotSpam directories and add them to the global SA bayes filter (which is in the user amavis's home directory)

Well, I think that's about it. I might have tweaked something else... but I'll have to pick it up later.

Finally, I'm gonna have to do a major hardware upgrade - it doesn't look like 256MB is enough to run the OS and apache and php and amavisd and clamd and mysql and vsftpd and postfix - doing absolutely nothing it's swapped out 150MB. Needing more RAM and a new harddrive to replace the failed one... it's getting to the point where it's not worth using this 1Ghz P3 Coppermine system.

Installing horde...

After using the horde file manager for a project at work, I decided to give it a test drive at home. So far, so good. As this is just a dry run for the migration of tonns.com to home (as I don't have the right setup due to hardware failures). I was feeling kind-of lazy about it, so I followed this HOWTO to get postfix/SMTP-AUTH/TLS/dovecot going.

Key points on the install:

• It's all about rpmforge. Dag Wieers really takes the headache out of installing all this with the rpmforge repository. Remember to send him an email thanking him - I did.
  
  
• The list of packages I had to "yum install" is as follows:

  apr apr-util autoconf automake curl curl-devel cyrus-sasl-devel cyrus-sasl-gssapi dovecot e2fsprogs-devel gd httpd httpd-suexec ImageMagick krb5-devel libc-client libidn libidn-devel libtool libtool-libs libxml2-devel mysql mysql-server openssl-devel pam-devel perl-DBD-MySQL perl-DBI perl-HTML-Parser perl-HTML-Tagset perl-libwww-perl perl-URI php php-devel php-domxml php-gd php-imap php-ldap php-mysql php-odbc php-pear php-pear-log php-pear-mail_mime php-pecl-fileinfo php-pecl-memcache php-xmlrpc pkgconfig postgresql-libs rpm-build unixODBC vsftpd zlib-devel

  
  
• PHP and PAM don't play nice together. The pam_auth module for php exists, but damn I couldn't get it to compile as a module and fuck-no, I'm not recompiling PHP.
  
  
• Instead, setup IMP and MIMP before other modules, and use thier auth (i.e. imap auth) as the horde auth using this setup: http://wiki.horde.org/MIMPHowTo adding $conf['auth']['driver'] = 'composite'; as well.
  
  
• Getting the latest PEAR modules to install was also a PITA. IMP requires HTTP_Request and Auth_SASL modules, but to get them installed I had to lock-step upgrade modules to interim versions before everything would update. Specifically:
  

  pear upgrade Archive_Tar
  pear upgrade PEAR-1.3.3
  pear upgrade PEAR
  pear upgrade XML_RPC-1.4.0
  pear upgrade-all
  pear install HTTP_Request
  pear install Auth_SASL

  Which finally left me with:
  

  Installed packages, channel pear.php.net:
  =========================================
  Package        Version State
  Archive_Tar    1.3.1   stable
  Auth_SASL      1.0.2   stable
  Console_Getopt 1.2     stable
  DB             1.7.6   stable
  HTTP           1.4.0   stable
  HTTP_Request   1.4.0   stable
  Log            1.9.9   stable
  Mail           1.1.14  stable
  Mail_Mime      1.3.1   stable
  Net_SMTP       1.2.8   stable
  Net_Socket     1.0.6   stable
  Net_URL        1.0.14  stable
  PEAR           1.4.11  stable
  XML_Parser     1.2.7   stable
  XML_RPC        1.5.1   stable

Other than that, it was mostly following the horde INSTALL files. It's pretty simple.

Today, I'm gonna try to take a look at SpamAssassin, ClamAV, amavisd-new, CRM114, etc. etc. blah. blah.

When technologists chill...

Ye olde datacenter 2 - this time it's enterprise-class gear

Ye olde datacenter

view of my old office datacenter, from the entrance. trying out go.blogger.com. Looks like the photo worked, but the comment didn't. Oh well.

bah, roadrunner

I have a feeling TWC/RoadRunner botched a major upgrade to their network yesterday. My cable modem was offline for close to 12 hours. Two things were learned from this:

1) on OpenWrt, make sure "cache-file=/tmp/ez-ipup" is set in your /etc/ez-ipupdate.conf. A few days before the outage, my DHCP lease time dropped to 1 hour. Without ez-ipupdate caching my DynDNS account, I was temporarily banned. Also, my IP is now on a totally different subnet. Low lease time before outage + New ip after outage + High lease time after outage = they changed some serious shit. With a 12 hr downtime, they obviously thought it was going to go much better, but flubbed it.

2) The MS Update for KB911280 is incompatible with the current Road Runner dialer. I had to bang my head against a half-dozen TWC phone turds before one *finally* handed me off to tech support so I could get dialed in. The real dial-up tech support had this fixed in the time it took to reboot WindowsXP. Of course, it was too-little-too-late to be online for the early-morning maintenance work that I needed to do.

Anyway, I'm back online. It does make me think twice about using "crappy mega-corp" as my upstream, but it's the least of the evils available to me right now.

what time is it?

No time for home tech projects lately... been too busy at work. The only thing of note was a minor perl script that went through my digital picture archives looking for images that accidentally had a timestamp of 01/01/2000 00:00:00. That's the timestamp my Olympus C-3030Zoom gives a pic after battery ran out and it's forgotten the date/time. I didn't actually change the JPEG timestamp that's builtin to the image, just the filesystem mtime. That's a whole other perl script and some fancy perl modules. Here's the meat-n-potatoes of the script:

my ($fmonth,$fday,$num,$ext) = $dirent =~ /P(.)(..)(....)(\.jpg)/i;
if ( ( $fmonth eq "1" && $fday eq "01") && ($month != 1 && $day != 1) ) {
      my $newdirent = sprintf("P%1X%02d%04d%s",$month,$day,$num,$ext);
      print "should rename $dir/$dirent to $dir/$newdirent\n";
      `mv $dir/$dirent $dir/$newdirent`;
      $dirent=$newdirent;
}     
$num += 0;
my $hour = 12 + int($num / 60);
my $min = $num % 60;
my $sec = 0;
my $time = Mktime($year,$month,$day, $hour,$min,$sec);
my $dstring = localtime($time);
my $f = "$dir/$dirent";
print "timestamp '$f' as $dstring\n";
utime $time, $time, $f

here be monsters

my thread on the OpenWrt forums explains the problems of late. CF issues have cropped up again, but only after i ran nvram set lan_ifname=eth0. i can boot off the internal flash and e2fsck the card and it checks out clean. and i see that when it boots, my red led lights showing that the card reader is seen and even the activity light flashes that something is going on, but all that i get from tcpdump is:

# tcpdump -vv -i eth1
tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes
22:24:39.486434 IP (tos 0x0, ttl  64, id 0, offset 0, flags [DF], proto 17, length: 1029) 192.168.1.1.1024 > 192.168.1.0.4919: UDP, length 1001
22:24:39.504939 IP (tos 0x0, ttl  64, id 0, offset 0, flags [DF], proto 17, length: 1029) 192.168.1.1.1024 > 192.168.1.255.4919: UDP, length 1001
22:25:05.436622 IP (tos 0x0, ttl  64, id 0, offset 0, flags [DF], proto 17, length: 1029) 192.168.1.1.1024 > 192.168.1.0.4919: UDP, length 1001
22:25:05.455131 IP (tos 0x0, ttl  64, id 0, offset 0, flags [DF], proto 17, length: 1029) 192.168.1.1.1024 > 192.168.1.255.4919: UDP, length 1001

i.e. diddly for network. the first pair is when it boots off the internal flash, the second pair - i think it happens after it pivot_root's, but i'm not 100% sure yet.

got grub?

found this little gem in my inbox this morning:

This is an automatically generated mail message from mdadm
running on obiwan

A Fail event had been detected on md device /dev/md0.

Faithfully yours, etc.

oh yay! failed drives! luckily obiwan is still the "sandbox system" for now - it was supposed to be turned into my main externally-facing server once i was done with openwrt/dmz setup/etc. so much for good intentions - i'll never get this shit done.

so, i at least had the forethought to mirror the drives - it's dual 60GB ATA100 drives - good ol' hda and hdb. on each drive, i created two partitions - the first partition is /boot and the other is half of md0 - a raid1 device. i then built on md0 some logical volumes with LVM2, i usually name them /dev/linux/root, /dev/centos/usr, /dev/obiwan/home, or something like that. as far as the other partition, i thought i was doing the right thing by performing:

rsync -av --delete /boot /boot2

... to sync the kernel/initrd after a yum update included a kernel update, but that's only 1/2 of it. in today's failed case, it was hda that failed, which brings us to the crux of the problem - where's your bootloader now, eh? basically, nowhere. i'm screwed. so, i broke out the knoppix dvd and get to installing a bootloader on the second drive so i could bring the system up. how could i have prevented this from happening?

well, i think i have it worked out:

1. edit /boot/grub/device.map. make sure there's an entry for the second device there. in my case, it would be:

   (hd1) /dev/hdb

2. since grub-install likes to install in /boot of the grub root (very different from the system root - "/"), i gave it a little symlink hack:

   cd /boot; ln -s . boot

3. clean-up! get rid of all those old kernels that were installed with yum update:

   rpm -e kernel-old-version-blah

4. re-sync everything:

   rsync -av --delete /boot /boot2

5. now install grub on the second drive:

   grub-install --root-directory=/boot2 /dev/hdb

i think that should do it. i'm going to see if there's a way i can test this - maybe i'll pull some of the really 2GB drives out of the closet and get them in the test system to simulate failure.

Update: so much for that... i just got:

This is an automatically generated mail message from mdadm
running on obiwan

A DegradedArray event had been detected on md device /dev/md0.

Faithfully yours, etc.

ding-dong, the system's dead. if i'm gonna be using knoppix so much, maybe i should re-download the latest dvd. sigh

interface layout & nvram cleanup

i'm trying to get the interface information for the WRTSL54GS straightened out so I can start setting up the DMZ. i found network config info in the wiki, including a diagram for my old WRT54Gv2.2, but not one for the new router. i'm in the middle of modifying the diagram to match the new router, but there's a lot of info - none of it too clear. i've posted on the openwrt forums asking for clarification. actually, i'm looking at making 2 diagrams - the "default" as shipped and my config - which will be w/o the bridge interface, with a dmz interface and a openvpn tunnel inteface setup.

in an effort to clarify things, i decided to tidy up my own setup by cleaning up the NVRAM variables (the safe way). so far, so good - after a reboot it's still there. :-)

root@OpenWrt:~# cd /tmp
root@OpenWrt:~# wget http://downloads.openwrt.org/people/kaloz/nvram-clean.sh
Connecting to downloads.openwrt.org[195.56.146.238]:80
nvram-clean.sh  100% |*************************************|  4702  00:00 ETA
root@OpenWrt:~# chmod a+x /tmp/nvram-clean.sh
root@OpenWrt:~# /tmp/nvram-clean.sh
Before: size: 11055 bytes (21713 left)
After: size: 3541 bytes (29227 left)
root@OpenWrt:~# nvram commit

rtg cgis

I posted my RTG CGIs to the rtg mailing list today. It's more of a work-thing as opposed to a home-project-thing, but since they're released under the GPL and it's a giving-back-to-the-community-thing, it figured it was worth mentioning. I'm still a little annoyed that the RTG database desperately needs normalization, but I understand the performance considerations and realize it's a design decision.

renewing certs

note to self: don't misplace the post-it with the passphrases for your CA. i ripped my whole apartment apart looking for it this morning. i need to update my openssl docs on how to renew a cert. back in 2001, i had no idea how to renew a cert. it's really as simple as just re-generating it with the same csr, and letting the serial number be incremented. however, without your CA passphrase, you'd be screwed. luckily, i found it and so i'm back in business. hopefully, the rest of the family using the site didn't notice.

dropbear and dsa keys

hm. i found this page on the openwrt wiki - DropbearPublicKeyAuthenticationHowto. since it's just me taking care of the router, i guess it's okay to auth to root or my non-root user using the same global authorized_keys file. but it just feels wrong. but dropbear has a really small memory footprint. argh, the problems of a sysadmin's conscience.

well, i've set it up on my active WRT54Gv2.2 router and i'll do it as a starting point on my WRTSL54GS next time i boot it.

got another hit yesterday

my where's george bill hit rate is still low compared to others (right now, around 5%), but the comment on this bill is interesting: One Dollar Bill, Serial# B4196---9A Series: 2003A

other significant hits i've gotten:
first cross-coast hit
first international hit
first hit in 'the south'

where's george is an interesting experiment on circulation of currency (read: a strange hobby). it's not like "big brother" is going to be tracking my every cash expense now, as bills trade hands dozens of times before people enter it into wheresgeorge.com.

... and we're back

well, i couldn't get it to boot off the CF anymore, so I just started over. i think the problem was that after i reloaded OpenWrt on the internal flash and installed the usb/storage drivers, it thought the CF filesystem "magically" changed to vfat and it didn't want to mount as root anymore. now i know that i mke2fs'd it. ah well.

so, i altered the swap technique by adding an /etc/fstab, making the swap init.d script S90swap and making it's entire contents "/usr/sbin/swapon -a". the contents of /etc/fstab are:

/dev/scsi/host0/bus0/target0/lun0/part1 / ext3 defaults 1 1
/dev/scsi/host0/bus0/target0/lun2/part1 swap swap defaults 0 0

i think my next step will be to dump dropbear and start running OpenSSH. i once spent entirely too many hours to get DSA keys to work with dropbear, unsuccessfully. i should have enough memory to run a real ssh daemon. besides, i think all the libs are pre-req's for OpenVPN anyway. or maybe remote syslogging. i've been seeing these weird scsi errors in 'dmesg' after it boots. i think it's for the empty slots in the flash memory reader - i believe i'm using sda and sdc (lun0 and lun2). i'm seeing errors for sdb and sdd as follows, but it's only the end of the error dump:

sdd : READ CAPACITY failed.
sdd : status = 1, message = 00, host = 0, driver = 08 
Current sd00:00: sns = 70  2
ASC=3a ASCQ= 0
Raw sense data:0x70 0x00 0x02 0x00 0x00 0x00 0x00 0x0a 0x00 0x00 0x00 0x00 0x3a 0x00 0x00 0x00 0x00 0x00 
sdd : block size assumed to be 512 bytes, disk size 1GB.  
sdd: Write Protect is off
 /dev/scsi/host0/bus0/target0/lun3: I/O error: dev 08:30, sector 0
 I/O error: dev 08:30, sector 0
VFS: Disk change detected on device 08:30
sdd: Unit Not Ready, sense:
Current 00:00: sns = 70  2
ASC=3a ASCQ= 0
Raw sense data:0x70 0x00 0x02 0x00 0x00 0x00 0x00 0x0a 0x00 0x00 0x00 0x00 0x3a 0x00 0x00 0x00 0x00 0x00

oops

hm. something went wrong - it won't complete the boot-up on the CF. i have a feeling it was the swap setup, as that init.d script was before the network init'd. no ping from the lan/bridge interface, the wifi interface doesn't come up (no light) and no dhcp on the wan interface. bleaugh.

luckily, that /sbin/init script from the OpenWrt has a test before it does the pivot_root, so I have it up and running with the internal flash. ahh, failsafes. fun fun fun. damn, this thing need a serial console.

paranoia

Since I don't have the wireless setup yet (specifically WPA and OpenVPN), I've created a failsafe to make sure people aren't peeking:

cd /etc/init.d
echo "ifconfig eth2 down" > S98nowifi; chmod +x S98nowifi

The wiki page on the WRTSL54GS let me know which interface is which.

creating swap

I found a 16MB smartmedia card laying around and figured it would be good for swap. Note that I had to install fdisk from the backports repository. I had previously partitioned the CF card when tooling around, so I didn't need it to mount the CF card as root, just e2fsprogs to reformat it. Anyway, on with the show:

# install fdisk
ipkg install fdisk
#find the partition
fdisk -l
# create the swap partition (partition 1, type 82)
fdisk /dev/scsi/host0/bus0/target0/lun2/disc
# install swap-utils
ipkg install swap-utils
# make it a swap partition
mkswap /dev/scsi/host0/bus0/target0/lun2/part1
# and do it
swapon /dev/scsi/host0/bus0/target0/lun2/part1
swapon -s
# make it persistent
echo "/usr/sbin/swapon /dev/scsi/host0/bus0/target0/lun2/part1" > /etc/init.d/S11swap
chmod 755 /etc/init.d/S11swap

Now I've got more virtual mem to do... something with.

root@OpenWrt:/etc# swapon -s
Filename                        Type            Size    Used    Priority
/dev/scsi/host0/bus0/target0/lun2/part1 partition       15984   0       -2
root@OpenWrt:/etc# cat /proc/meminfo
    total:    used:    free:  shared: buffers:  cached:
Mem:  31289344 12382208 18907136        0   770048  3854336
Swap: 16367616        0 16367616
MemTotal:        30556 kB
MemFree:         18464 kB
MemShared:           0 kB
Buffers:           752 kB
Cached:           3764 kB
SwapCached:          0 kB
Active:           2820 kB
Inactive:         1724 kB
HighTotal:           0 kB
HighFree:            0 kB
LowTotal:        30556 kB
LowFree:         18464 kB
SwapTotal:       15984 kB
SwapFree:        15984 kB

You can also read slightly less verbose instructions on the OpenWrt wiki.

getting the CF to be root

So, the UsbStorageHowto works pretty well. Basically, the steps I used were:

mount /dev/scsi/host0/bus0/target0/lun0/part1 /mnt
mkdir /tmp/root
mount -o bind /rom /tmp/root
cp /tmp/root/* /mnt -a
umount /tmp/root
umount /mnt 
cd /sbin
mv init init.old
vi init
chmod a+x init

and here's my version of init

#!/bin/sh
boot_dev="/dev/scsi/host0/bus0/target0/lun0/part1"
for module in usbcore usb-ohci scsi_mod sd_mod usb-storage jbd ext3; do {
        insmod $module
}; done
sleep 4s
mount "$boot_dev" /mnt
[ -x /mnt/sbin/init ] && {
        mount -o move /proc /mnt/proc &&         pivot_root /mnt /mnt/mnt && {
                mount -o move /mnt/dev /dev
                mount -o move /mnt/tmp /tmp
                mount -o move /mnt/jffs2 /jffs2 2>&-
                mount -o move /mnt/sys /sys 2>&-
        }
}
exec /bin/busybox init

Of course, what's not mentioned is that your system is reset to as if you just installed OpenWrt. So you have to set the root pw, update ipkg.conf, install pkgs, etc. etc. as per my last blog post.

BTW, after it's all said and done, the filesystems show up as follows:

root@OpenWrt:~# df
Filesystem           1k-blocks      Used Available Use% Mounted on
/dev/root                 1024      1024         0 100% /mnt/rom
/dev/mtdblock/4           6272      1304      4968  21% /mnt
none                     15276        36     15240   0% /tmp
/dev/scsi/host0/bus0/target0/lun0/part1   121203      8583    106362   7% /mnt/mnt/disc0_1
/dev/scsi/host0/bus0/target0/lun0/part1   121203      8583    106362   7% /
root@OpenWrt:~#

With 32MB of RAM and 128MB of disk... it's 1990 all over again!

Tony

getting things started

Well, I got off my ass today and started working on getting my WRTSL54GS up and running. So far, the notes I had made previously work like a charm for getting OpenWrt up and mounting the CF card. Next is to get it mounting the CF card as root.

tftp 192.168.1.1
binary
rexmt 1
timeout 60
trace
put openwrt-WR1.0rc5-wrtsl54gs-squashfs.bin

telnet 192.168.1.1
passwd
# logout/login
ssh root@192.168.1.1
wifi down
ifdown wifi
ifconfig eth2 down

Then with some help from the OpenWrt wiki.

cd /etc
rm ipkg.conf
cp /rom/etc/ipkg.conf ipkg.conf
vi /etc/ipkg.conf
#src backports http://downloads.openwrt.org/backports/rc5
ipkg update
ipkg install kmod-usb-core
ipkg install kmod-usb-ohci
ipkg install kmod-usb-storage
ipkg install kmod-usb2
ipkg install kmod-vfat
ipkg install kmod-ext3
ipkg install e2fsprogs
#reboot
fdisk /dev/scsi/host0/bus0/target0/lun0/part1
#reboot
ln -s /proc/mounts /etc/mtab
mke2fs -j /dev/scsi/host0/bus0/target0/lun0/part1