Rock64-wall image
#11
(10-14-2017, 04:32 AM)stuartiannaylor Wrote: Rock64-wall-snort-shorewall

Rock64 Base + Snort + Barnyard2 + Pulledpork + Basic Analysis and Security Engine (BASE) + Apache + Webmin + Shorewall

https://sourceforge.net/projects/rock64-...shorewall/

rock64-wall-snort-shorewall.img.zip https://sourceforge.net/projects/rock64-...p/download

Webmin https://rock64.rock.lan:10000/?dashboard

BASE http://rock64.rock.lan:10001/base_main.php

Just wasted loads of time trying to fix a barnyard2 problem. For some reason it takes 10 - 20 minutes to get going and then it catches up to current.
I haven't a clue and thought it was broke, so many hours wasted on that one.

If you are giving it a try post results and also the chipset of your USB ethernet adapter I have one that can only manage 5mbs!
I should have delivery of a Plugable USB 3.0 Gig ethernet with the AX88179 chipset that will at least do 600mbs!

Haven't been able to really stress test things and may have to scrap Snort for Suricata as Snort runs in a single thread whilst Suricata is multithreading.

The barnyard delay have just played havoc I will get round to installing openvpn but going to examine suricata and see how that stacks up once that Plugable adapter shows up.

Thank you for the hard work. I'm going to try this image. I was actually starting one from scratch and saw you had all this done. Did you try suricata yet? If so, and if it is better, would you mind posting the image with it?

I am trying to use a USB 3.0 Gig ethernet with the AX88179 chipset, but have not yet been able to get it working. I've tried a bunch of things like updating everything, installing drivers, etc. It works fine with the community Debian Stretch Mate image. Any ideas?
  Reply
#12
(03-12-2018, 08:44 PM)Noobie7 Wrote:
(10-14-2017, 04:32 AM)stuartiannaylor Wrote: Rock64-wall-snort-shorewall

Rock64 Base + Snort + Barnyard2 + Pulledpork + Basic Analysis and Security Engine (BASE) + Apache + Webmin + Shorewall

https://sourceforge.net/projects/rock64-...shorewall/

rock64-wall-snort-shorewall.img.zip https://sourceforge.net/projects/rock64-...p/download

Webmin https://rock64.rock.lan:10000/?dashboard

BASE http://rock64.rock.lan:10001/base_main.php

Just wasted loads of time trying to fix a barnyard2 problem. For some reason it takes 10 - 20 minutes to get going and then it catches up to current.
I haven't a clue and thought it was broke, so many hours wasted on that one.

If you are giving it a try post results and also the chipset of your USB ethernet adapter I have one that can only manage 5mbs!
I should have delivery of a Plugable USB 3.0 Gig ethernet with the AX88179 chipset that will at least do 600mbs!

Haven't been able to really stress test things and may have to scrap Snort for Suricata as Snort runs in a single thread whilst Suricata is multithreading.

The barnyard delay have just played havoc I will get round to installing openvpn but going to examine suricata and see how that stacks up once that Plugable adapter shows up.

Thank you for the hard work. I'm going to try this image. I was actually starting one from scratch and saw you had all this done. Did you try suricata yet? If so, and if it is better, would you mind posting the image with it?

I am trying to use a USB 3.0 Gig ethernet with the AX88179 chipset, but have not yet been able to get it working. I've tried a bunch of things like updating everything, installing drivers, etc. It works fine with the community Debian Stretch Mate image.  Any ideas?

Well, I figured that one out. Don't miss type the mac address when setting up eth1. I have everything up and running and checked it. I then updated everything through webmin, which I must say was very easy. Before updating, snort seemed to have a memory leak. The update fixed it, and the one core that snort was holding at 100% is now throttled down to almost nothing. So, I am assuming someone made some improvements in snort. Any one that is going to make a Rockwall needs to understand that you do need to read back through these posts, and make sure the configuration files are all setup for your environment. The images that are here are a great starting point, but not plug and play. 

The fun part - streaming HD video through the Rockwall with no issues.  Big Grin

Still running strong month later. I was so happy with the result I made a 2nd one for a friend. This is really similar to pfsense. Wish more people would make them, so here's some easy directions:

user name: rock64
pw: rock64

All you really need to do to the final image to make this work is:
1. After loading the image and such things to your sd card
download image from: https://sourceforge.net/projects/rock64-...p/download
use the pine64 installer to load the image to your sd card... when choosing the os make sure you know where you saved the image you will have to navigate to it. It will not be on the drop down menue
boot the board up with the sd card in it etc.
2. (Direct control a hdmi capable screen and usb keyboard) or use putty and SSH into the board through the boards Ethernet connector . You need to be on a local network so that a router gives it an IP address. You also need to know the IP address. I use my tablet and an app to search the network for all connected devices.
2. Plug in your usb3 to Ethernet adapter to the boards usb3. I used an amazon basics one.
3. Type in: ip addr show
and get junk like this:

nx00e04c534458: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fas t state DOWN group default qlen 1000 link/ether 00:e0:4c:53:44:58 brd ff:ff:ff:ff:ff:ff

4. note the mac address of the usb3 Ethernet adapter and write it down. For Stu it was mid way down, 00:e0:4c:53:44:58
5. Type in:
sudo nano /etc/udev/rules.d/70-persistent-net.rules (hit enter)
6. change the mac address and when done hit ctrl+o to save it and then ctrl+z to exit nano (nano is just a simple text editor)
7. update everything type the following if you are connected to the internet through the boards Ethernet connector:
sudo apt-get update (hit enter)
sudo apt-get upgrade (hit enter)
sudo apt autoremove (hit enter)
sudo reboot (hit enter)
8. Swap your Ethernet connection from your local network to the usb3 connector, the boards Ethernet connector is meant to be toward the outside world. You will not be able to ssh into it from that side now. You can manage the firewall from:
Webmin https://rock64.rock.lan:10000/?dashboard

BASE http://rock64.rock.lan:10001/base_main.php

Good Luck
  Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  irradium (based on crux linux) Rock64 riscv64, aarch64 mara 0 56 03-24-2024, 01:07 PM
Last Post: mara
  Rock64 v2 - did not work song / audio sqw200zu 2 1,238 03-14-2024, 03:09 AM
Last Post: dmitrymyadzelets
  Rock64 won't boot dstallmo 0 245 12-27-2023, 10:34 AM
Last Post: dstallmo
  HDMI doesn't work on rock64 Noung1991 1 513 11-21-2023, 08:33 AM
Last Post: as365n4
  Rock64 + Klipper + KlipperScreen Instructions godzilla62 0 515 10-22-2023, 01:52 AM
Last Post: godzilla62
  Rock64 Debian 11 (Bullseye) install problem jbize 15 7,977 10-12-2023, 05:14 PM
Last Post: tpaul
  slarm64 (unofficial slackware) Rock64 RK3328 (aarch64) mara 133 186,549 10-09-2023, 03:31 AM
Last Post: mara
  arch rock64 does not boot nemnob 0 513 07-09-2023, 03:28 AM
Last Post: nemnob
  RXDP from Win10 to Armbian on Rock64 Transportsicherung 0 567 05-27-2023, 06:11 AM
Last Post: Transportsicherung
  DietPi OS for ROCK64 MichaIng 41 31,772 12-07-2022, 08:22 PM
Last Post: luminosity7

Forum Jump:


Users browsing this thread: 1 Guest(s)