|
October 24, 2003
In Depth look:
Devil-Linux 1.0 - written by
Bruce Smith
Page 1 - Devil-Linux 1.0 introduction and firewall
|
New Release
Devil-Linux
1.0 is scheduled to be released on October 31, 2003.
I think Halloween is the perfect release date for something named "Devil-Linux"! :-)
Introduction
Devil-Linux is a distribution which boots and runs completely from CDROM.
The configuration can be saved to a floppy diskette or a USB pen drive
(new in 1.0).
Devil Linux was originally intended to be a dedicated firewall/router
but now Devil-Linux can also be used as a server for many applications.
Attaching an optional hard drive is easy, and many network services are
included in the distribution.
I started running Devil-Linux about a year ago as my home firewall,
starting with release 0.5. Devil-Linux 0.5 was more difficult to setup
than other Linux firewall distributions I used previously, but the
advantages of Devil-Linux being CD-based (no hard drive required and more
available software than a floppy based distro) made me stick with it until
I got it running.
Installation and Setup
I am very impressed with the new 1.0 version (currently 1.0rc2
as of this writing). The first improvement I noticed immediately
upon boot, when the boot process prompted me through creating a new
floppy to hold my configuration. This also works when storing the
config on a USB flash drive (The diskette had to be created manually
in 0.5 prior to booting Devil-Linux).
The boot also gave me the option to scan for SCSI devices. Do NOT
do this unless you are running a SCSI CDROM drive, I found it can hang
some machines - SCSI hard drive support can be added after boot.
After the boot is complete, simply log on as "root" (no password), and
type "setup". New in 1.0, the "setup" program allows you to configure
Devil-Linux with the same functionality as a hardware based broadband
firewall/router. This includes setting basic values, like hostname,
keyboard, timezone, the "root" password, etc.
There is a screen to select which services should be started upon boot
(i.e. select "SSHD" to allow remote logins).
"setup" can configure up to three network cards and can also
configure Devil-Linux to be a DHCP server for your network.
Best of all (IMO) the "setup" program allows you to install a
default iptables firewall script (there was no default/example firewall
scripts in 0.5). Devil-Linux 1.0 has firewall scripts for both
two-network card and three-network card (DMZ) configurations.
If you want features like port forwarding, you have to manually edit
the firewall script, but there are commented-out examples for common
modifications.
Configuration and other packages
After configuring Devil-Linux, you must save your configuration
to floppy or USB media. Being used to hard drive distributions, I
sometimes forget to save my changes. Since all modifications are done
in a ram disk, all unsaved changes are lost upon reboot. After saving,
the easiest way to activate the new configuration is to reboot. As of
1.0 there is no way to apply changes from the "setup" menus.
There is a surprising amount of other software included with Devil-Linux
1.0 distribution. Most of this software can be selected or unselected to
start in the "setup" program, but the software itself has to be manually
configured to run. I tried three different VPN packages before selecting
my favorite, which I run as a VPN from home to work.
On my home firewall I also run goodies like the NTP daemon (network time)
and a couple clients for my dynamic DNS services (clients for many
popular dynamic DNS services are also included).
| 
