[Techtalk] How do I build a Linux Blackbox?
Elizabeth Barham
lizzy at soggytrousers.net
Wed Jul 30 04:09:43 EST 2003
Subba writes:
> Using my original question, if I want to install a Linux firewall
> (iptables), then what are the minimum set of tools/libraries that
> are required to make this type of Linux blackbox? What if iptbales
> has a bug and need needs to be updated then what do you need on this
> box to have the latest security patches?
I did something similar in that my firwall is a 486 with a 120 MB
hard disk drive. Essentially, I used debian and installed a minimum
set of utilities (no gcc, etc); just don't use 'tasksel' which is sort
of an easy install frontend, use dselect.
The install application, apt-get, works very well and its possible
to check for new versions of iptables or any other package on the
system. When it finds a newer version, it simply downloads it and
installs it. But, in my case, since its a firewall I barely ever go
onto it.
One thing I did do was delete most of the documentation, such as
the man pages and files in /usr/share/doc, which freed up a lot of
space. I also compile my kernel on another box and use rcp to move it
onto the firewall. Debian has programs that make generating a kernel
and packaging it easy (make-kpkg).
Elizabeth
More information about the Techtalk
mailing list