F    R    E    E    S    C    O  

  Index | Map birthdays today <<   content   >>  

5. Advanced settings and Security

5.1 Advanced settings

Here is the "Advanced settings" menu:

                            ADVANCED SETTINGS MENU

 [ System ]                  [ Services ]      [ #1     Modems    #2 ]
 11. On/Off NAT/Firewall     41. DNS server    50.  Autoconfigure  50.
 12. On/Off Bridging mode    42. DHCP server   51.  COM port       61.
 13. On/Off ppp compression  43. Public HTTP   52.  Port speed     62.
 14. Screen saver            44. Control HTTP  53.  Init string    63.
 15. Swap file               45. Print server  54.  MTU/MRU        64.
 16. "keep up link" rule     46. Time server   55.  IP address     65.


 [ Security ]                [ Networks ]      [ Ethernet cards ]
 21. Int. security           71. Host/Domain   81. 1st card
 22. Ext. security           72. 1st network   82. 2nd card
 23. Remote access           73. 2nd network   83. 3rd card
                             74. 3rd network
 [ Internet ]                75. Gateway
 31. Phone numbers
 32. DNS address                 Your banner could be here!
 33. IP address                       ( just a joke :o)
 34. Login/Password               Reserved for future use.

 [Advanced settings (x - back to main menu)]?

Some of this settings you already know, some of rest I'll describe.

11 Enable IP masquerad y/n [y]?

At the moment only one method of Network Address Translation (NAT) is implemented in FREESCO. It's IP Masquerade. You can read about IP Masquerade at its home page - Linux 2.x Masq Site - http://ipmasq.cjb.net/ 
If you have to connect your local network(s) to the internet and you don't have real IP addresses for all your computers you must enable this option.

12 Enable bridging y/n [n]?

This router can be a bridge while being a router.
If you not a Super Guru (!!!) never enable this option, even forget about it. Unpredictable behavior.
NOTE: Enabling this option will set "211.Trust local nets option to y"

13 Do you have more then 8Mb RAM y/n [n]?

If you have more then 8Mb RAM it's possible to load few additional modules:
ppp compression : bsdcomp.o, ppp_deflate.o
ip tunnel : ipip.o, new_tunnel.o
NOTE: If you have problems with ppp compression just answer n here. You may disable this option when communicating with MS Windows because this compressions and MS compressions aren't compatible.

54x MTU for link on 1st modem (n for default) []?

WARNING!!! Setting MTU/MRU other then default may cause problems.
I've applied MTU/MRU kernel patch since version 0.2, but didn't test it.

5.2 Security

211 Trust local networks y/n/p [p]?

N - for paranoid sysadmins, this will disable cross forwarding between networks and modems, all networks and modems will be able only to communicate with the internet but not between each other.
Y - will enable cross forwarding at whole and switch off IP spoofing check.
P - will enable cross forwarding but apply more firewalling against IP spoofing. Recommended.

212 Trust modem links y/n [y]?

Y - trust modems as we trust local nets.
N - don't trust modems, modem links will not have access to local networks.
If you aren't going to connect to your MS Windows networks it's recommended to set this options to N.

221 Router accepts only ISP's DNS and deny all other y/n [y]?
222 Router accepts only local telnet connection y/n [y]?
223 Print server accepts only local clients y/n [y]?
224 Public HTTP servers accept only local clients y/n [n]?
225 Control HTTP server and Time server
    accept only local clients y/n [y]?

I guess all this things are clear. Default settings will be good for most users. You may need to change it if you use FREESCO as a router between two your local network.

Next few settings concern only dial-in users and regulate allowed login time.

230 Number of rings before answer during LOGIN,NOLOGIN time [1,5]?
Currents setting for nologin time(s):
 1. Mon - 1000-1200
 2. Tue -
 3. Wed -
 4. Thu -
 5. Fri -
 6. Sat -
 7. Sun -

    Enter number of day to change setting or 0 to exit []? 1

    Enter time range in format hhmm-hhmm
    You may specify few ranges separated by space.
    Example: 1000-1100 1405-1450
    system will be closed from 10:00 till 11:00,
    and from 14:05 till 14:50
231 Time range or n to clear [1000-1200]?

5.2 Passwords

Preset passwords are:

Login name

 Status

Password

Comment
root

administrator

root

Change it immediately
admin administrator (via http) admin Change it immediately
up

Disabled, change password and give it to trusted user.

 

down
block
unblock
force
unforce
wuser

trusted user (via http)

user

Change it immediately
ppp modem user ppp Change it immediately