(03-12-2018, 08:44 PM)Noobie7 Wrote: (10-14-2017, 04:32 AM)stuartiannaylor Wrote: Rock64-wall-snort-shorewall
Rock64 Base + Snort + Barnyard2 + Pulledpork + Basic Analysis and Security Engine (BASE) + Apache + Webmin + Shorewall
https://sourceforge.net/projects/rock64-...shorewall/
rock64-wall-snort-shorewall.img.zip https://sourceforge.net/projects/rock64-...p/download
Webmin https://rock64.rock.lan:10000/?dashboard
BASE http://rock64.rock.lan:10001/base_main.php
Just wasted loads of time trying to fix a barnyard2 problem. For some reason it takes 10 - 20 minutes to get going and then it catches up to current.
I haven't a clue and thought it was broke, so many hours wasted on that one.
If you are giving it a try post results and also the chipset of your USB ethernet adapter I have one that can only manage 5mbs!
I should have delivery of a Plugable USB 3.0 Gig ethernet with the AX88179 chipset that will at least do 600mbs!
Haven't been able to really stress test things and may have to scrap Snort for Suricata as Snort runs in a single thread whilst Suricata is multithreading.
The barnyard delay have just played havoc I will get round to installing openvpn but going to examine suricata and see how that stacks up once that Plugable adapter shows up.
Thank you for the hard work. I'm going to try this image. I was actually starting one from scratch and saw you had all this done. Did you try suricata yet? If so, and if it is better, would you mind posting the image with it?
I am trying to use a USB 3.0 Gig ethernet with the AX88179 chipset, but have not yet been able to get it working. I've tried a bunch of things like updating everything, installing drivers, etc. It works fine with the community Debian Stretch Mate image. Any ideas?
Well, I figured that one out. Don't miss type the mac address when setting up eth1. I have everything up and running and checked it. I then updated everything through webmin, which I must say was very easy. Before updating, snort seemed to have a memory leak. The update fixed it, and the one core that snort was holding at 100% is now throttled down to almost nothing. So, I am assuming someone made some improvements in snort. Any one that is going to make a Rockwall needs to understand that you do need to read back through these posts, and make sure the configuration files are all setup for your environment. The images that are here are a great starting point, but not plug and play.
The fun part - streaming HD video through the Rockwall with no issues.
Still running strong month later. I was so happy with the result I made a 2nd one for a friend. This is really similar to pfsense. Wish more people would make them, so here's some easy directions:
user name: rock64
pw: rock64
All you really need to do to the final image to make this work is:
1. After loading the image and such things to your sd card
download image from:
https://sourceforge.net/projects/rock64-...p/download
use the pine64 installer to load the image to your sd card... when choosing the os make sure you know where you saved the image you will have to navigate to it. It will not be on the drop down menue
boot the board up with the sd card in it etc.
2. (Direct control a hdmi capable screen and usb keyboard) or use putty and SSH into the board through the boards Ethernet connector . You need to be on a local network so that a router gives it an IP address. You also need to know the IP address. I use my tablet and an app to search the network for all connected devices.
2. Plug in your usb3 to Ethernet adapter to the boards usb3. I used an amazon basics one.
3. Type in: ip addr show
and get junk like this:
nx00e04c534458: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fas t state DOWN group default qlen 1000 link/ether 00:e0:4c:53:44:58 brd ff:ff:ff:ff:ff:ff
4. note the mac address of the usb3 Ethernet adapter and write it down. For Stu it was mid way down, 00:e0:4c:53:44:58
5. Type in:
sudo nano /etc/udev/rules.d/70-persistent-net.rules (hit enter)
6. change the mac address and when done hit ctrl+o to save it and then ctrl+z to exit nano (nano is just a simple text editor)
7. update everything type the following if you are connected to the internet through the boards Ethernet connector:
sudo apt-get update (hit enter)
sudo apt-get upgrade (hit enter)
sudo apt autoremove (hit enter)
sudo reboot (hit enter)
8. Swap your Ethernet connection from your local network to the usb3 connector, the boards Ethernet connector is meant to be toward the outside world. You will not be able to ssh into it from that side now. You can manage the firewall from:
Webmin
https://rock64.rock.lan:10000/?dashboard
BASE
http://rock64.rock.lan:10001/base_main.php
Good Luck