B    A    L    L    A    N    T    A    I    N  

  Top | Map
Thanks to Geoffrey Lane for correcting mistakes and grammar.
 

Project Ballantain v1.0.0

IP masquerade on a floppy.

Powered by Linux.

(C) 1998 1999 by Serge V. Storozhevykh

UPDATED: 17-05-99

  • What has been updated?
  1.  Fixed the annoying bug with autodetection of 3COM509
  2. Added migration to hard disk - use move2hdd.bat
  3. Added support for multiple ISP telephone numbers.
  4. Fixed the problem with empty answers in configuring ISP chat
  5. Added support for leased line.

NOTE: This is the last, final and fixed version of Ballantain. At this point project Ballantain is closed (except fixing errors support). Look at the next project - FREESCO, router for networks with static routing, up to 3 ethernet, up to 2 modems.

  • What is it?
  • A. Ballantain is a way to connect a small (home?) network to the internet through one modem and give to all users of this network transparent access to the Internet. Ideal for small MS Windows networks.

 

  • Q. Tell me more?
  • It's linux on a single 1.44 floppy disk, made to be a router. Optional DHCP server.
    Short Answer: Linux + IP masquerade + diald + dhcpd + telnetd

 

  • Wow! Sounds very interesting. What do I need to use it?
  • First, a local net :), then a computer equipped with a modem and an ethernet card.
    Computer - not worse than a 386/8+M ram/1.44 fdd/(the rest doesn't matter). For setting up the router you will need a monitor and a keyboard, after that you will have a working system you can disconnect the monitor and keyboard, sell them and send me the money :)
    Network adapter - ideals are ISA 3com509 or PCI 3com905, these card are recognised automatically and don't require any settings. These cards also work 3com501(not tested), 3com505(not tested), 3com507(not tested), 3com515(not tested), ne2000 PCI(tested), cards based on the Realtec 8139 chipset(tested). Intel EtherExpress Pro 10/100 may work. Works fine (with defined I/O address and IRQ) cards ne2000, and most cards based on Realtec chip, and some Intel EtherExpress cards.
    Modem - I hope you know what it is. It's just a funny small box with few colour LEDS on front panel. Criterion to choose is the number of colour LEDs :)
    HINT: If you have an old computer it's very possible you do not have FIFO'ed com ports or even low speed, in such case the best choice willbe an internal modem.

 

  • How does it work?
  • Well, packets from the client computer going to the internet come to Ballantain. Ballantain realises it and starts to make a call to the Internet Service Provider(ISP), it makes a connection and then changes the source IP address of these packets on its own and sends out the packets. With reply packets Ballantain does the reverse conversion and sends the results to the client. After a given time (defined in config) passes after the last packet, Ballantain will disconnect link and stays in waiting state. This way you local network looks to the world like one very active computer - Ballantain. And nobody has direct access to your local computers, so your client computers are protected.

 

  • Hey, what about Ballantain?
  • Don't worry, Ballantain is linux and linux is a much more stable and much more protected system then MS Windows.

 

  • You said DHCP server. Is it better then our Novell NetWare file server?
  • Just a little. If your network consists of MS windows clients its 99% probable that you use NetBEUI or IPS/SPX protocol, but for the internet you need the TCP/IP protocol. The DHCP server will help you by dynamically assigning IP addresses to the client computers. All that you need in MS windows is just to add TCP/IP protocol and ... and... that's all. The DHCP server will do the rest.

 

  • Ok. I've got the file ipmasq.vXX (ipmasqf.vXX or ipmasq.zip), what now?
  • If it's in a zip archive unzip it first. Using rawrite.exe (under DOS, MS Windows) write file ipmasq.vXX onto the floppy disk, under linux use dd if=ipmasq.vXX of=/dev/fd0
    Boot from this disk, at the prompt enter setup and press ENTER. Since you are reading this manual there is no reason to type eng.

 

Setting up system.

After boot you will see this menu:

  1. modem settings
  2. ISP settings
  3. Miscellaneous settings
  4. <bring up link> rules
  5. network settings

    0.     exit

There are 3 categories of questions:
green - a must questions;
yellow - you can skip this questions and use default settings;
red - you better not touch it if you're not sure what you are doing.

1. Setting up the modem.

You will see the old modem settings, then setup will try to find modem(s) and determine the correct com port/modem communication speed. You will see a list of found modem(s), if the list is empty you have a problem with the modem. Probably you are using plug`n`play modem - which is a bad idea. Using jumpers is better, set it on a fixed com port and irq. Or you are probably using winmodem - kill the person who invented these winmodems, after you get out of jail buy a normal modem.

These settings looks like -

Previous settings:
==================
# Modem part of diald.cong for Ballantain
#
# com1 - cua0, com2 - cua3 etc.
device /dev/cua0
speed 115200
#
# Modem initialisation string for connect
# Yes. It's commented, but we really use it
#MDMINI="ATZ"
===================

Modem(s) found on:
/dev/cua3 at 0x2e8 (irq = 3) is a 16550A (spd_vhi)

Modem connected to /dev/cuaX. 0, 1, 2, 3. [3]?

Mostly your modem will be recognised and you will need to only press ENTER to confirm the port and speed.

Max baud rate of this port. 115200, 57600, 38400, etc. [115200]?

NOTE: if you have a low speed modem (<=14400) you better use low speed 19200 or 38400.

Modem init string. Usually ATZ or AT&F. [ATZ]?

Hope you you know what it is.

2. ISP settings.

Again you will see the old setting except passwords of course :)

Previous settings:
==================
# network part of diald.conf for Ballantain
#
dynamic                              # if your ISP supplies us with dynamic IP, then:
local 127.0.0.2                    # fake local side ppp IP addr
remote 127.0.0.3                # fake remote side ppp IP addr
==================

Previous settings:
==================
# ISP related stuff
#
PHONUM="T4004444 D5005333"
DNS="194.170.1.6"             # usually your ISP's DNS address
LOGIN=script                      # login type: script, pap, chap
==================

Does your ISP supply you with dynamic IP addr [y]?

Mostly you must just press ENTER here. !!! This setting is also used in case of leased line router.

Dialing method and ISP phone number [T4004444]?

T - stands for tone dialing, D - for pulse dialing. You can use as many ISP phone numbers as you need, just separate them with SPACES.

DNS address [194.170.1.6]?

ISP Domain_Name_Server address.

Login type. PAP, CHAP, script. [script]?

Type of authentication. If it's a script then you must describe the chat sequence. Let's take as an example the chat with my ISP

**** Emirates Internet ****
Username: AHMED
Password: xxxxxxx
emirates-twb> ppp

Script must be:

Wait for "name:" - reply "AHMED"
Wait for "assword:" - reply "PASSWORD"
Wait for ">" - reply "ppp"

after it ppp daemon will start on provider side.

!!! There is no default answer and pressing ENTER will result in an empty string.

For a better understanding you must read the linux man pages for the chat program. You can use the minicom program to make a call to your provider and see what it wants and what you must answer. If you see some garbage it probably means the ppp daemon starts automatically  and you must use PAP or CHAP authentication. In such cases you will answer only two questions:

Login name. []?

Password. []?

3. Miscellaneous settings.

The only one - screen saver time:

Previous settings:
==================
# Misc system wide settings.
#
BLANK=0                   # Turn off screen after 0-60 min. 0 - never.
==================

By default 0, it means don't use a screen saver.

4. ISP call rules..

Previous settings:
==================
# Rules part of diald.conf for Ballantain
#
accept any 600 any                 # bring up the link for any packets for xxx sec
#include /etc/filter.cfg            # or use customisable filter
==================

Bring up link for 0-xxx sec. 0 - use filter.cfg. [600]?

There are 2 and millions of variants at the same time. By default Ballantain will bring up a link for every packet that goes out and keep a link after the last packet for 600 seconds. Sometimes it isn't good and you can use a filter. You may want to edit the filter file a:\etc\filter.cfg Read linux diald manual before you try to do this.

!!! By the way, NEVER EDIT ANY Ballantain config files from DOS or MS WINDOWS, edit them from running Ballantain using the edit command or from linux if you have it.

Also it will be good idea to set NetBEUI or IPX/SPX as the main protocol in windows computers and use TCP/IP only for internet.

5. Network settings.

Previous settings:

==================
# Network configuration. Ethernet part.
#
NE_IO="io=0x300"             # Ethernet card I/O port addr
NE_IRQ="irq=11"              # Ethernet card IRQ
NETWORK=10.0.0.0
NETMASK=255.0.0.0
MASKBIT=8
BRCAST=10.255.255.255
IPADDR=10.10.10.1
DHCPD=y
RTRTYPE=dialup                 # dialup or leased line router
==================

Network. 10.0.0.0, 172.22.0.0, 192.168.0.0 [10.0.0.0]?

Subnet mask. [255.0.0.0]?

Subnet mask bits. [8]?

IP address of this computer on local network. [10.10.10.1]?

NOTE: This address will be your gateway to internet for client's computers.

Ethernet card I/O port address. [0x300]?

Ethernet card IRQ line. [11]?

Do you want DHCP server y/n [y]?

Do you want dialup or leased line router. [dialup]?

I'm not going to explain all these settings here, if you don't understand it then you must learn TCP/IP before you try this. All I can say - the default settings are suitable for most cases.

0. Save and exit.

Save settings and restart your router.

After rebooting, the system will be ready for use (of course if you are lucky guy :). Boot Ballantain and watch out for warning messages about network setting and "ethernet card not found", etc. No messages? Wow! You are really lucky man.
Let's check the connection to your provider. Login and type command -

ping www.YOUR_ISP.com

You can see a dialing process in the 5th console, just press <Alt F5>,

<Alt F1> to switch back, <Alt F2> second console.

Assume that you are lucky again and a connection was established and pings are going. Try to telnet to somewhere. Works? Great, my congratulations. Most of the work has been done.

Now let's set up the clients (MS windows 95/98). If you enabled DHCP server, everything will be easy. Open the control panel, open network neighbourhood, and add TCP/IP protocol, restart windows. Run winipcfg and make sure your windows computer got an IP address for its ethernet adapter from the DHCP server. Now open an MS DOS prompt and ping Ballantain:

ping 10.10.10.1 (or whatever its address is)

Then ping www.YOUR_ISP.com and make sure it works.

NOTE: If you are using the DHCP server it will be a good idea never switch off Ballantain like other servers.

Manual setting of windows and other clients will be your homework :)

 

Now you can start Internet Explorer/Netscape Navigator and try to open any site. If Ballantain was connected it will open quickly otherwise Ballantain must first make a connection, and probably your first try will be unsuccessful, don't worry just type the URL again and press ENTER.
You can control diald (daemon which makes connections) with the command control from a console or through a telnet session. Since there is no DNS in your network telnet connection to Ballantain will take a time, don't worry about it.
IO address and IRQ lines for plug`n`play ethernet cards are ignored so don't worry about them (plug`n`play from point of view of linux).

FAQ.

  • How much, where and how must I pay for Ballantain?
  • It's free, just free.

 

  • What about security?
  • Maximum security from the internet side - not any services, no any holes,  strong rules for forwarding/masquerading packets - nothing for hackers. And symbolic security from intranet - bzip2ed passwords files. You better not give access to the Ballantain computer to everybody, it's a normal rule for all servers. Never give people your copy of Ballantain (your passwords are inside, remember?), always give them a distribution copy. 
    Password are kept in bzip2ed files:

access.cfg - password for access from console and telnet for two users: root and user.
root - of course has full rights, user - restricted to control diald. Pre-set passwords(in distribution) - root and user. You can/must change them with the command passwd

chat.cfg, pap.cfg - bzip2ed password for access to ISP

 

  • Hehehe. I've just found a bug. I have some suggestions. What to do?
  • Write me

 

  • Nice system, but I also want ftp/web/mail server, can you implement it?
  • No, I can't. At the moment the system works hard in 8 MB RAM and fits exactly in 1.44 floppy. It was designed only to be a router and it do it perfectly. If you need something more, take a 40 MB hard disk and install a real linux on it with all the things you need.

 

  • But what if it has a second ethernet interface, it will be just great.
  • Well. Project Ballantain is closed now. Look at new Project - FREESCO, router for networks with static routing. Of course it will be easy, and of course it will be on a single floppy disk and even less hungry for memory - only 6 MB RAM. Supports up to 3 ethernet cards, up to 2 modems, one for dial-in and one for dial-in/dial-out calls. Telnet/console/web administration.

Some technical info.

  1. Kernel - v2.0.35 + IP masquerade + FPP emulation
  2. Filesystems - ext2, msdos
  3. diald - v0.16.5
  4. pppd - v2.3.5
  5. umount - from RedHat 5.1
  6. Utilities - mostly from Slackware '96,'97