[KLUG Members] Donating time to the open source community.

Bruce Smith members@kalamazoolinux.org
22 May 2003 09:09:50 -0400

Previous message: [KLUG Members] Donating time to the open source community.
Next message: [KLUG Members] Talk
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > > The work I did previously was to add the CIPE VPN package 
> > CIPE is the VPN that now comes standard on Redhat 9.
> > More info about CIPE is available here:
> >   http://sites.inka.de/~bigred/devel/cipe.html
> > And it's very nice to have native support for CIPE
> > on my firewall now.  An easy way to secure wireless!
> 
> How "hackable" is Devil Linux?  For instance if I wanted to add PPTP
> support (which is pretty easy to do on a RH9 box now) 

Devil Linux already supports PPTP (and FreeS/WAN, and a few other 
VPN's that I'm not familiar with)

Go to http://www.devil-linux.com/ and click on "Introduction".
Scroll down, and you'll get a list of what packages are included.

The list includes:
 o PPTP Client
 o PPTP Server

You won't see CIPE listed, along with a whole bunch of other new
packages, because those are in the new release being worked on.

> what general
> process would be involved?  Do they use any package mangement system?  

No package management system.

They do have some developer/hacking instructions in the docs on 
the web site.

Getting started basically involves downloading a base system,
(based on linuxfromscratch.com), downloading the Devil Linux files
from sourceforge CVS, and running a script to download some source
code files from a different FTP server.

Adding a new package involves downloading the source/tar for the
package, creating a script to compile and install it (./configure,
make, make install, ...)  and then running some make commands,
which compiles everything and you end up with a new ISO image.
That's a bit over simplified, but the general idea.  After I've
been at it a little longer, I'll volunteer to give a presentation
on the subject.  (not yet)

If you really intend to go this far, contact me offline, because 
there are a few "got ya's" where the developer docs aren't real
clear on a couple items.  (been there, been burned)

> Adding encrypted PPTP support requires building a kernel module, but not
> actually modifying the running kernel.

Exactly the same for CIPE.  Separate kernel module and a binary.

> I'd love to have something that supports both CIPE and PPTP.

I think a current beta ISO of Devil Linux meets those requirements.

> I've pretty much given up on ipSec - what a cluster *$&@( @#)$(_
> @@#$!!.  Did someone sit down and say, "Hmmm, lets make a really hard to
> use VPN technology that every firewall will hate, will have road
> warriors riping their hair out in fist fulls, and having DNS admins
> looking at the modification requests with a `WTF` expression."?

NO KIDDING!!!

I had FreeS/WAN running on Devil Linux & my laptop (back in Redhat 8.0),
and besides being hard and confusing, it was UNSTABLE.  The VPN kept
going down, requiring manual restarts!

--------------------------------------------
Bruce Smith                bruce@armintl.com
System Administrator / Network Administrator
Armstrong International, Inc.
Three Rivers, Michigan  49093  USA
http://www.armstrong-intl.com/
--------------------------------------------

Previous message: [KLUG Members] Donating time to the open source community.
Next message: [KLUG Members] Talk
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]