Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Why Johnny Can't Code

47PHA60 BASIC should be included on every machine (686 comments)

Remember Bill Gates' open letter? The one where he berated people for copying the BASIC port he helped write on a government-funded university computer system? Now think about the past few years, where he has berated the educational system for failing to teach students about technology.

Windows is still the predominant OS in the world. Microsoft could include the classic line entry BASIC with GUI wrapper, with a shortcut on the Desktop of a new installation.

At least 3 of the Linux users I know who have children set up python or perl for their children to learn programming. The problem cited in the article is with the majority of computers today, Linux is a small part of the environment.

about 8 years ago

Submissions

47PHA60 hasn't submitted any stories.

Journals

top

Firewall Appliance pt 5

47PHA60 47PHA60 writes  |  more than 11 years ago

So, the firewall works well. I disconnected the fan, and now it's totally silent. My powermac is loud, but I never realized how noisy the old firewall was.

Now APM and ACPI are kicking me around. The motherboard I bought has 3 onboard RealTek 8139 10/100 ethernet chips; all have the Wake-On-Lan feature. So (and I must admit this is the first time, so why should it work?), I turn the device off, send it the magic packet and...nothing. Hm.

There is no section of the BIOS (Phoenix) specifically to enable WOL, and since the chips are on the board, there is no WOL cable to connect to the motherboard.

So, I search Google for "linux wake on lan onboard ethernet" and turn up 3 pages I cannot read. Either this is a very easy problem to deal with, or I am the only person in the entire world to have taken it on. Somehow I never believe in the second scenario.

Intel has a page on this, but I was too sleepy to read it tonight. I'll have another go at it tomorrow.

Added 25 Feb:

Fanless, the appliance runs at about 37-40C. The BIOS reports that the CPU runs at about 39-42C. That is acceptable. The average power draw is 8 watts. I've used the acpi modules to script a shutdown. When you hit the power button, it boots. Hit it again, and it shuts down cleanly. The machine boots faster if I run the / filesystem read-only and /var lives in ramfs, but there are some issues with metalog now. It needs to get to the /dev/log socket, which cannot be done in read-only. I'll look into devfs to see if that can solve the problem.

top

Firewall Appliance pt 4

47PHA60 47PHA60 writes  |  more than 11 years ago

I put this project down for a long time to work on other stuff (nothing of interest to the slashdot crowd; you'd have to go to the forum site for people who clean out their rain gutters and remove old asbestos from their houses).

When I returned, I used the PXE boot / install method to install Debian Woody 3.0 on the compact flash. This is a vast improvement. I think that the Debian installation and package tools make it much easier to install a minimal system, and the file system errors have disappeared. I think my problem was similar to a RedHat problem I had on another machine, where the fs was not cleanly unmounted by the distro.

I've been building iptables to make it a real gateway, and will post more info in the next week about this.

Of course, I wanted to try OpenBSD, but they do not support PXE booting, so no love there. I read on Openbrick.com that the way to install OBSD is to get a laptop hard disk, install on a laptop, then transfer the disk to your appliance. What is this, the Dark Ages? Also, pf is not quite up to snuff yet. It works well for some projects at work that just need to keep out everything, but some of the advanced features of iptables are not there yet. I will revisit OpenBSD in a few months and see how it's working, the priv separation and systrace jails make it ideal for security.

No disrespect to the OBSD developers, I just think that embedded devices are where it's at. When a shmoe like me can build a better DVD player than Toshiba with cheap hardware and free software, we may soon see imaginative people from outside the consumer electronics field with some great ideas that Sony would not build. As embedded devices become more common it would be good to see security up front (instead of as a clumsily executed afterthought like the rest of the computer industry). Feel free to call me an ungrateful bastard; I am just trying to sum up why the software won't work for me at this point.

So, Linux it is for now. I am looking into security for the device with systrace, or some other sort of process jail to keep the device from being compromised.

Finally, I just got my rebate check for the Viking CF card I bought from amazon. Final cost: 512MB for $149. The price is lower now, see here.

top

Firewall Appliance pt 3

47PHA60 47PHA60 writes  |  more than 11 years ago

Anybody seen this with Compact Flash and Linux? Using either ext2 or ext3 I get some weird errors on the Compact Flash partition that is mounted read-write.

Every so often after and init 6 or init 0 the system needs to fsck'd, saying that there are errors on the filesystem. I switched the /usr filesystem to read-only and the errors stopped. I am working on getting /var into a ramfs, and /tmp -> /var/tmp, which should obviate the need for read-write partitions from the CF.

But, this filesystem corruption is worrisome, as I will have to remount rw to update the software or kernel.

Then again, I seem to remember problems like this on RedHat on my regular old Intel machine, and some sort of fix I put in place to make sure it cleanly unmounted at init 6 or 0. I should learn to keep better docs.

top

Firewall Appliance pt 2

47PHA60 47PHA60 writes  |  more than 11 years ago

I installed RedHat 7.2 on my little firewall, to no avail. GRUB is having some sort of memory addressing breakdown, because I have 512MB RAM and it says "Error 28" implying that it cannot figure out how to fit a linux kernel into RAM.

Well, tonight I will give it a go with LILO and see if that is better.

The problem could also be that I am loading the kernel and / from compact flash. Using the RedHat installer I got the system down to 301 MB (I have a 512 MB CF), but I can whittle away at it later. I will also build he tiniest kernel I can for the installation.

Next experiment is to fit the whole thing into a DiskOnChip module (I bought 32MB, why not have some fun?).

The Realtek LAN is set up in the firmware to boot across the network, since this little guy has no floppy or CD.

Added: Power consumption. It consumes 10 watts of power. According to my meter, it costs .09 USD / day. When powered off, it uses 1 watt. The motherboard claims to have a time on/off capability I can set in the BIOS, and I also want to try wake-on-lan so that internal users can wake it up by connecting to the network.

top

Yow, I have a fan

47PHA60 47PHA60 writes  |  more than 11 years ago How did that happen?

Maybe I should start indicating my Friends here. I probably will not call anyone a Foe, because I like that "you play your cards close to the vest" description of myself that ./ provides.

Also, I don't want to make disagreements here personal, and finally, by announcing myself as someone's Foe, I will possibly alter the behaviour of a user whose antics give me good laughs.

top

Firewall appliance

47PHA60 47PHA60 writes  |  more than 11 years ago Received a cool kit today. It's a Lex Light System. Not mini-itx (instead of 170mm X 170mm, it is more rectangular, but same area), but it's tiny with a via chipset, via eden CPU at 533MHz, and a sleek metal case. Other stuff not found on mini-itx boards: 3 X 10/100 ethernet that can be disabled with jumpers, Compact Flash slot, and DiskOnChip socket. Also, 12V DC power in.

I ordered it from Synertron Technologies, the CA office of Bona Computech from Taiwan. Talk to Eric Lin, or send mail to info@synertrontech.com. Just don't freak out when they say they only take checks; they're legit, and sent me my system quickly once it was in stock.

Plan: Build a firewall for home network, using 32MB diskonchip for boot, 512MB DIMM, and 512 CF for logs and the rest. Maybe I'll use a RAM disk for logs and just gpgmail 'em to myself.

The hope: quiet, low-power like a cable modem, no moving parts, and nobody in the house has to remember to turn it on to get to the Internet.

I'll post progress here as I get the rest of the parts and start to work on it. DiskOnChip 32MB module should be here tomorrow, and RAM should be here today.

The Eden CPU has a fan on it. VIA says that the 533 can run fanless, so I may remove it since I do not plan to overclock or run multimedia on the thing.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>