Rock64-wall image
#11
(10-14-2017, 04:32 AM)stuartiannaylor Wrote: Rock64-wall-snort-shorewall

Rock64 Base + Snort + Barnyard2 + Pulledpork + Basic Analysis and Security Engine (BASE) + Apache + Webmin + Shorewall

https://sourceforge.net/projects/rock64-...shorewall/

rock64-wall-snort-shorewall.img.zip https://sourceforge.net/projects/rock64-...p/download

Webmin https://rock64.rock.lan:10000/?dashboard

BASE http://rock64.rock.lan:10001/base_main.php

Just wasted loads of time trying to fix a barnyard2 problem. For some reason it takes 10 - 20 minutes to get going and then it catches up to current.
I haven't a clue and thought it was broke, so many hours wasted on that one.

If you are giving it a try post results and also the chipset of your USB ethernet adapter I have one that can only manage 5mbs!
I should have delivery of a Plugable USB 3.0 Gig ethernet with the AX88179 chipset that will at least do 600mbs!

Haven't been able to really stress test things and may have to scrap Snort for Suricata as Snort runs in a single thread whilst Suricata is multithreading.

The barnyard delay have just played havoc I will get round to installing openvpn but going to examine suricata and see how that stacks up once that Plugable adapter shows up.

Thank you for the hard work. I'm going to try this image. I was actually starting one from scratch and saw you had all this done. Did you try suricata yet? If so, and if it is better, would you mind posting the image with it?

I am trying to use a USB 3.0 Gig ethernet with the AX88179 chipset, but have not yet been able to get it working. I've tried a bunch of things like updating everything, installing drivers, etc. It works fine with the community Debian Stretch Mate image. Any ideas?
  Reply
#12
(03-12-2018, 08:44 PM)Noobie7 Wrote:
(10-14-2017, 04:32 AM)stuartiannaylor Wrote: Rock64-wall-snort-shorewall

Rock64 Base + Snort + Barnyard2 + Pulledpork + Basic Analysis and Security Engine (BASE) + Apache + Webmin + Shorewall

https://sourceforge.net/projects/rock64-...shorewall/

rock64-wall-snort-shorewall.img.zip https://sourceforge.net/projects/rock64-...p/download

Webmin https://rock64.rock.lan:10000/?dashboard

BASE http://rock64.rock.lan:10001/base_main.php

Just wasted loads of time trying to fix a barnyard2 problem. For some reason it takes 10 - 20 minutes to get going and then it catches up to current.
I haven't a clue and thought it was broke, so many hours wasted on that one.

If you are giving it a try post results and also the chipset of your USB ethernet adapter I have one that can only manage 5mbs!
I should have delivery of a Plugable USB 3.0 Gig ethernet with the AX88179 chipset that will at least do 600mbs!

Haven't been able to really stress test things and may have to scrap Snort for Suricata as Snort runs in a single thread whilst Suricata is multithreading.

The barnyard delay have just played havoc I will get round to installing openvpn but going to examine suricata and see how that stacks up once that Plugable adapter shows up.

Thank you for the hard work. I'm going to try this image. I was actually starting one from scratch and saw you had all this done. Did you try suricata yet? If so, and if it is better, would you mind posting the image with it?

I am trying to use a USB 3.0 Gig ethernet with the AX88179 chipset, but have not yet been able to get it working. I've tried a bunch of things like updating everything, installing drivers, etc. It works fine with the community Debian Stretch Mate image.  Any ideas?

Well, I figured that one out. Don't miss type the mac address when setting up eth1. I have everything up and running and checked it. I then updated everything through webmin, which I must say was very easy. Before updating, snort seemed to have a memory leak. The update fixed it, and the one core that snort was holding at 100% is now throttled down to almost nothing. So, I am assuming someone made some improvements in snort. Any one that is going to make a Rockwall needs to understand that you do need to read back through these posts, and make sure the configuration files are all setup for your environment. The images that are here are a great starting point, but not plug and play. 

The fun part - streaming HD video through the Rockwall with no issues.  Big Grin

Still running strong month later. I was so happy with the result I made a 2nd one for a friend. This is really similar to pfsense. Wish more people would make them, so here's some easy directions:

user name: rock64
pw: rock64

All you really need to do to the final image to make this work is:
1. After loading the image and such things to your sd card
download image from: https://sourceforge.net/projects/rock64-...p/download
use the pine64 installer to load the image to your sd card... when choosing the os make sure you know where you saved the image you will have to navigate to it. It will not be on the drop down menue
boot the board up with the sd card in it etc.
2. (Direct control a hdmi capable screen and usb keyboard) or use putty and SSH into the board through the boards Ethernet connector . You need to be on a local network so that a router gives it an IP address. You also need to know the IP address. I use my tablet and an app to search the network for all connected devices.
2. Plug in your usb3 to Ethernet adapter to the boards usb3. I used an amazon basics one.
3. Type in: ip addr show
and get junk like this:

nx00e04c534458: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fas t state DOWN group default qlen 1000 link/ether 00:e0:4c:53:44:58 brd ff:ff:ff:ff:ff:ff

4. note the mac address of the usb3 Ethernet adapter and write it down. For Stu it was mid way down, 00:e0:4c:53:44:58
5. Type in:
sudo nano /etc/udev/rules.d/70-persistent-net.rules (hit enter)
6. change the mac address and when done hit ctrl+o to save it and then ctrl+z to exit nano (nano is just a simple text editor)
7. update everything type the following if you are connected to the internet through the boards Ethernet connector:
sudo apt-get update (hit enter)
sudo apt-get upgrade (hit enter)
sudo apt autoremove (hit enter)
sudo reboot (hit enter)
8. Swap your Ethernet connection from your local network to the usb3 connector, the boards Ethernet connector is meant to be toward the outside world. You will not be able to ssh into it from that side now. You can manage the firewall from:
Webmin https://rock64.rock.lan:10000/?dashboard

BASE http://rock64.rock.lan:10001/base_main.php

Good Luck
  Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  irradium (based on crux linux) Rock64 riscv64, aarch64 mara 7 1,009 11-19-2024, 02:54 PM
Last Post: mara
  Upgrading ancient Rock64 timxjr1300 0 56 11-15-2024, 09:50 AM
Last Post: timxjr1300
  arch rock64 does not boot nemnob 1 959 09-20-2024, 11:18 AM
Last Post: AwU2HBg
  DietPi OS for ROCK64 MichaIng 42 43,633 09-01-2024, 06:43 AM
Last Post: RaymondDay
Smile First Lakka image for Rock64! Luke 47 81,061 09-01-2024, 06:05 AM
Last Post: RaymondDay
  Rock64 v2 - did not work song / audio sqw200zu 2 1,864 03-14-2024, 03:09 AM
Last Post: dmitrymyadzelets
  Rock64 won't boot dstallmo 0 636 12-27-2023, 10:34 AM
Last Post: dstallmo
  HDMI doesn't work on rock64 Noung1991 1 1,078 11-21-2023, 08:33 AM
Last Post: as365n4
  Rock64 + Klipper + KlipperScreen Instructions godzilla62 0 1,083 10-22-2023, 01:52 AM
Last Post: godzilla62
  Rock64 Debian 11 (Bullseye) install problem jbize 15 11,235 10-12-2023, 05:14 PM
Last Post: tpaul

Forum Jump:


Users browsing this thread: 2 Guest(s)