m0n0wall Development

For those that know me, and now everyone else, I am a super fan of m0n0wall.  It's been years since I contributed anything to the project, and even then it was mostly the early documentation and some how-to docs on constructing VPNs, which at the time was something I was working on so documenting it was no problem.  Well, it seems I am pushing the envelop in needing some minor tweaks to the project and that takes me back into dorking about in php and FreeBSD kernel work.

 

m0n0wall is developed on FreeBSD, so this meant to get back into it I had to setup a virtual machine (VM) on my laptop.  There are plenty of how-to documents in the world on doing this and I am not going to cover it.  I will, however, cover the few tweaks you need to make to your FreeBSD instance in order to do some basic development work.

Before I get to that, right now I am working on making the dnsmasq daemon perform logging and send its logs to syslog.  I already have a syslog server setup (see my write up on my ReadyNAS-Syslog-er-nator) and I wouldn't recommend doing this on your m0n0wall without a syslog server setup. Also, think long and hard about why you would want this. I am testing malware and want to keep track of DNS lookups made by my hosts, so it's a bit out of the norm to want to do this.  But maybe you just want to keep tabs on what your kids are doing and would like to create a database of all the domains/FQDNs they lookup/goto.  I'll post the php file I update as a new page when I have tested it.

Getting Setup -

All right, so you have setup your VM  and you are chomping at the bit.  First, realize the new beta of m0n0wall runs on FreeBSD 8.3 so if you are developing for that (e.g. wanting to muck about with adding binaries and modding the kernel) you are going to want FreeBSD 8.3.  If you are just wanting to make changes to the php scripts and so forth, really any version since 5.x will work fine. 

Add wget, lynx, and it won't hurt to do a full LAMP install on the FreeBSD box.

Create a few mount points: (Do this as root, life will be easier.)

mkdir /mnt/m0n0

mkdir /mnt/mfsroot

mkdir /mnt/kernel

mkdir /root/devel/

mkdir /root/devel/m0n0wall

Yea for you!  All kinds of new directories to get confused about! 

 

Starting -

Go download (hint, use wget) whatever version / image of m0n0wall you will be working with.  I use the embedded version with serial as I love Soekris Engineering.

Keep in mind that the m0n0wall images are gzipped, and the "gz" extention has been removed from the file name.  So we will correct this by unzipping them.  Also, keep in mind we have to mount virtual nodes on the machine, so some of these commands may be new to you.  Follow the order of create virtual node, then mount it, make changes, unmount it, then close the node.  This will use the file that we backed the node with (the main image and the images inside the main image) so we have a digital copy of the changes.

Now the steps

1.) cd /root/devel/m0n0wall

2.) wget http://m0n0.ch/wall/snapshots/1.8.1/generic-pc-serial-1.8.1b536.img  (replace this URL with the most recent beta... http://m0n0.ch/wall/beta.php will always list them.)

3.) mv imgaefilename.img imgagefilename.img.gz

2.) gzip -d imagefilename.img.gz

3.) mdconfig -a -t vnode -f imagefilename.img  (this will produce standard-out showing you the DEV-name..  and it should  be md0 if you want to specify the md then add "-u #" where the # is the mo# you wish to set.)

4.) mount /dev/md0a /mnt/m0n0

5.) cp /mnt/m0n0/mfsroot.gz . 

6.) gzip -d mfsroot.gz

7.) mdconfig -a -t vnode -f mfsroot (this will produce standard-out showing you the DEV-name... and it should be md1  if you want to specify the md then add "-u #" where the # is the mo# you wish to set.)

8.) mount /dev/md1 /mnt/mfsroot

9.) within /mnt/nfsroot is the entire file structure for m0n0wall.  All php scripts for the UI are in /usr/local/www (which is probably what you wanted this for anyway.)  If you want to modify kernel aspects, do your work with the kernel.gz file instead of the mfsroot.gz - I assume you know what you are doing so I won't bother you with instructions given you are mucking about with the kernel.)

10.) cd /root/devel/m0n0wall

11.) umount /mnt/mfsroot

12.) mdconfig -d -u 1  (This is for mfsroot, if you used another vnode number, swap it with 1)

13.) gzip -9 mfsroot

14.) cp mfsroot.gz /mnt/m0n0

15.) chmod 755 /mnt/m0n0/mfsroot.gz

16.) umount /mnt/m0n0

17.) mdconfig -d -u 0 (this is the main m0n0wall image, if you used another vnode number, swap it with 0)

18.) gzip -9 imagefilename.img 

19.) mv imagefilename.img.gz imagefilename.img

20.) Upload your custom image to your m0n0wall.

20a.) Alternativly you can flash the image to a USB or CF card for use in an embedded pc (Soekris for example) by doing this:  
FreeBSD / OS X - gzcat imagefilename.img | dd of=/dev/rad[n] bs=16k  (Note: rad[n] changes depending on your operating system/hardware.)
Linux - gunzip -c imagefilename.img | dd of=/dev/hd[n] bs=16k  (Note: hd[n] changes depending on your operating system/hardware.)
Windows, go get physdiskwrite from mono.ch.

 

Technorati Tags:Technorati Tags: