The 386SX as a router case
Author: Piter PUNK Translator: Carlos
1 The hardware
- 386SX
- 4MB RAM Memory
- 110MB Hard Disk
- NE2000 ISA network card
- 33600 kbs US-Robotics ISA modem
2 Installing
The GNU/Linux distribution used was Slackware 7.1. It could have been 7.0 also. Generally speaking, it's better to use a 2.0.X kernel. But we are writing about a firewall and there is much more documentation available for _ipchains_ (2.2.X kernels) instead of _ipfwadm_ )2.0.X kernels. If you know how to use ipfwadm, install Slackware 3.3 or 96 and you will get a better result.
The first installation step is to take the hard disk off the 386 and put it into a more powerful computer. Set it as the primary master. Insert the Slackware CD and boot from it.
There's no secret here. The partitions on my HD look like this:
/ /dev/hda1 102Mb
swap /dev/hda2 8Mb
And there is space left on /. So, it is smarter to do it like this:
/ /dev/hda1 90Mb
/tmp /dev/hda2 12Mb
swap /dev/hda3 8Mb
By doing it this way, you can mount the / partition as read only and turn off your computer without the need to "shutdown". But keep in mind that all system logs should be switched off or sent to another machine because everthing is working in read only mode. If you prefer to keep the system logs on the router itself, either mount the root partition as read write (rw) or make a separate /var one.
After repartitioning, start the installation program and follow the instruction as usual. When formating the partition, remember to do it with 1024 bytes per node.
Install the A and N series in menu mode so that you can uncheck everything you will not need. Install only what is needed for the router and firewall to function properly. My installation took 67Mb on the HD. But nothing stops yours from getting smaller. Beware: don't try to detect your network card. Remember that on the 386 it will probably be a diferent card! Reboot your computer after the installation has finished (but don't put the HD back on the 386 yet).
3 Configuration
Now, let's configure the machine. If you followed my partitioning scheme, your /etc/fstab should be like this:
/dev/hda1 / ext2 ro 1 1
/dev/hda2 /tmp ext2 defaults 1 1
/dev/hda3 swap swap defaults 0 0
none /dev/pts devpts gid=5,mode=620 0 0
none /proc proc defaults 0 0
If you don't have separate partitions for /tmp and /, don't make / readonly or you will have problems.
After editing /etc/fstab, it is very important to edit /etc/lilo.conf. Comment ou the lines that read "prompt" and "timeout". Run "lilo". With these changes you guarantee that your machine will not get stuck in the lilo prompt.
The file /etc/rc.d/rc.S must be edited also. The line that reads:
/sbin/mount -w -v -n -o remount /
Should read:
/sbin/mount -r -v -n -o remount /
This is done so that the / file system will not be remounted as read-write, so it stays in readonly mode.
As the machine where this system is going to run is very short in memory, we should reduce the memory usage as much as possible. One way of doing so is to run only one virtual console. To do this, edit the /etc/inittab file. Where you find:
c1:12345:respawn:/sbin/agetty 38400 tty1 linux
c2:12345:respawn:/sbin/agetty 38400 tty2 linux
cn:12345:respawn:/sbin/agetty 38400 ttyn linux
Keep on the first line (c1) and delete all the others. The next step is to remove all unnecessary daemons, editing the /etc/rc.d/rc.inet2. Unfortunatly only you can know what is necessary or not in your computer.
Finally, edit /dec/rc.d/rc.modules and comment out the following lines:
if cat /proc/ksyms | grep "\[parport_pc\]" 1> /dev/null 2> /dev/null; then
echo "parport0 is built-in, not loading module" > /dev/null
else
if [ -r /lib/modules/`uname -r`/misc/parport_pc.o ]; then
# Generic setup example:
/sbin/modprobe parport_pc
# Hardware specific setup example (required for PLIP and better
# performance in general):
#/sbin/modprobe parport_pc io=0x378 irq=7
fi
fi
Comment out or delete all of them. They are responsible for loading the parallel port module, which is a waste of memory. Remove also these lines:
if cat /proc/ksyms | grep "\[lp\]" 1> /dev/null 2> /dev/null ; then
echo "lp support built-in, not loading module" > /dev/null
else
if [ -r /lib/modules/`uname -r`/misc/lp.o ]; then
/sbin/modprobe lp
fi
fi
Still in rc.modules, you must enable suport for your network card. I uncommented this line:
/sbin/modprobe ne io=0x300 irq=7
Make sure that the ppp module is also being loaded. And uncomment the appropriate about the ip_masquerading modules:
/sbin/modprobe ip_masq_irc
/sbin/modprobe ip_masq_ftp
/sbin/modprobe ip_masq_user
These are the ones I use. You should uncomment any other modules depending on what you use over the internet. Now you should run ppp-setup to configure your modem.
Finally, edit your /etc/rc.d/rc.local and insert the following lines:
/sbin/ipchains -A forward -j MASQ
ifconfig eth0 down
ppp-on
ifconfig eth0 up
Pay attention! This only enables routing and masquerading! If you want a descent firewall, read the vast documentation availe on this topic.
Put your hard disk back in the 386 andswitch it on. It will boot Linux automatically and connect to the internet. If you configured / as read-only, you can turn your computer off directly on the power button. otherwise, use CTRL+ALT+DEL to shutdown.
4 Conclusion
Now you have a router and found a (good) use for your old 386. That's the way it is with Linux: There is always some use for your old computer. This is just the first step on a series of articles on how to use old computers. Send sugestions and comments to piterpk@terra.com.br
| 
