Rock64-wall image - Printable Version +- PINE64 (https://forum.pine64.org) +-- Forum: ROCK64 (https://forum.pine64.org/forumdisplay.php?fid=85) +--- Forum: Linux on Rock64 (https://forum.pine64.org/forumdisplay.php?fid=88) +--- Thread: Rock64-wall image (/showthread.php?tid=5248) Pages:
1
2
|
RE: Rock64-wall image - Noobie7 - 03-12-2018 (10-14-2017, 04:32 AM)stuartiannaylor Wrote: Rock64-wall-snort-shorewall Thank you for the hard work. I'm going to try this image. I was actually starting one from scratch and saw you had all this done. Did you try suricata yet? If so, and if it is better, would you mind posting the image with it? I am trying to use a USB 3.0 Gig ethernet with the AX88179 chipset, but have not yet been able to get it working. I've tried a bunch of things like updating everything, installing drivers, etc. It works fine with the community Debian Stretch Mate image. Any ideas? RE: Rock64-wall image - Noobie7 - 03-15-2018 (03-12-2018, 08:44 PM)Noobie7 Wrote:(10-14-2017, 04:32 AM)stuartiannaylor Wrote: Rock64-wall-snort-shorewall Well, I figured that one out. Don't miss type the mac address when setting up eth1. I have everything up and running and checked it. I then updated everything through webmin, which I must say was very easy. Before updating, snort seemed to have a memory leak. The update fixed it, and the one core that snort was holding at 100% is now throttled down to almost nothing. So, I am assuming someone made some improvements in snort. Any one that is going to make a Rockwall needs to understand that you do need to read back through these posts, and make sure the configuration files are all setup for your environment. The images that are here are a great starting point, but not plug and play. The fun part - streaming HD video through the Rockwall with no issues. Still running strong month later. I was so happy with the result I made a 2nd one for a friend. This is really similar to pfsense. Wish more people would make them, so here's some easy directions: user name: rock64 pw: rock64 All you really need to do to the final image to make this work is: 1. After loading the image and such things to your sd card download image from: https://sourceforge.net/projects/rock64-wall/files/118/snort%2Bshorewall/rock64-wall-snort-shorewall.img.zip/download use the pine64 installer to load the image to your sd card... when choosing the os make sure you know where you saved the image you will have to navigate to it. It will not be on the drop down menue boot the board up with the sd card in it etc. 2. (Direct control a hdmi capable screen and usb keyboard) or use putty and SSH into the board through the boards Ethernet connector . You need to be on a local network so that a router gives it an IP address. You also need to know the IP address. I use my tablet and an app to search the network for all connected devices. 2. Plug in your usb3 to Ethernet adapter to the boards usb3. I used an amazon basics one. 3. Type in: ip addr show and get junk like this: nx00e04c534458: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fas t state DOWN group default qlen 1000 link/ether 00:e0:4c:53:44:58 brd ff:ff:ff:ff:ff:ff 4. note the mac address of the usb3 Ethernet adapter and write it down. For Stu it was mid way down, 00:e0:4c:53:44:58 5. Type in: sudo nano /etc/udev/rules.d/70-persistent-net.rules (hit enter) 6. change the mac address and when done hit ctrl+o to save it and then ctrl+z to exit nano (nano is just a simple text editor) 7. update everything type the following if you are connected to the internet through the boards Ethernet connector: sudo apt-get update (hit enter) sudo apt-get upgrade (hit enter) sudo apt autoremove (hit enter) sudo reboot (hit enter) 8. Swap your Ethernet connection from your local network to the usb3 connector, the boards Ethernet connector is meant to be toward the outside world. You will not be able to ssh into it from that side now. You can manage the firewall from: Webmin https://rock64.rock.lan:10000/?dashboard BASE http://rock64.rock.lan:10001/base_main.php Good Luck |