The device that contains the configuration file (config.xml) could not be found. m0n0wall cannot continue booting.
Here's how to install the latest build of the excellent m0n0wall firewall on a Neoware EON 4000 thin client. These machines make excellent firewalls for home users and small businesses because they are cheap, compact, sturdy, and powerful enough to run a several megabit connection. The hardware is available in a variety of configurations, with CPUs roughly equivalent to a 150-200Mhz Pentium. Before embarking on this little journey, you should be aware of a few caveats:
- Some Neoware boxes come with a 32-pin Disk-on-Chip module in a socket on the motherboard. m0n0wall does not ship with the required driver to run this module. Therefore, on these systems you will need a hard drive, compact flash to IDE adapter, or similar device to boot from. You may also be able to netboot your firewall (this is supported on the built-in network device), though I do not cover that in this tutorial.
- The motherboard accepts both PC133 DIMMs or SO-DIMMs. It will use both at the same time. However, when using a DIMM, be sure it is less than 1.1" (28mm) tall, or you will not be able to install a second network card.
- There are many different revisions of the NeoLinux operating system and not all include the necessary software to complete this tutorial.
- You may need to purchase several EON 4000s to get suitable software and hardware.
- These instructions were based on NeoLinux 2.4-100802, with kernel 2.2.20. Your particular configuration may vary slightly.
There are three main steps to be completed to get m0n0wall running on your EON. First, you will need to get single-user access to the NeoLinux installation. Next, you need to enable networking and fetch and install m0n0wall. Third, you need to configure it to fit your requirements. I will address the first two of these, as adequate resources exist to help with the latter.
To begin, you will need:
- One or more Neoware EONs with disk-on-chip modules that plug into the IDE header
- Access to the internet from your EON (or to a web server on a LAN)
- A supported PCI network card. Common Intel or 3Com cards work fine.
- At least 64MB of suitable memory. Some EONs ship with SO-DIMMs, others with DIMMs. These should be short enough to accomodate a PCI network card.
- See the m0n0wall supported hardware page for more information.
Step ONE: Get single-user access to the NeoLinux distribution.
- Power on the EON and hold the left shift key down until you are shown a boot prompt
- The boot prompt may vary, but pressing tab should display either 'Software' or 'Eon_Software'.
- Enter, as appropriate, either Software -s ramdisk=12000orEon_Software -s ramdisk=12000and press enter.
- As the OS boots, press alt-F2 (possibly more than once) until you are greeted with a bash prompt.
Step TWO: Fetch and install m0n0wall.
- Check that your installation has the necessary software: bash# ls /usr/bin/wget. If NeoLinux reports that it is not found, you will have to try a different EON. Keep this hardware however: a single working EON can program m0n0wall onto several disk-on-chip modules, even those without the proper software. More on this later.
- Plug the EON into a network which provides DHCP information and enable the ethernet connection: bash# cp /etc/sysconfig/network-scripts/ifcfg-eth0.default /etc/sysconfig/network-scripts/ifcfg-eth0
bash# ifup eth0 - Create a ramdisk on which to place temporary files during the installation:bash# mkfs.ext2 /dev/ram0
bash# mount /dev/ram0 /mnt/usbcdrom
bash# cd /mnt/usbcdrom
bash# /usr/bin/wget http://hostname/path/to/m0n0wall
bash# cp /bin/gunzip .
bash# cp /bin/dd . - Now you're ready. You have created a ramdisk with the two utilities you will need to rewrite IDE disk-on-chip modules with m0n0wall. At this point, if you have modules containing copies of NeoLinux without wget, you should try using them first. That way if something goes wrong you can repeat these steps later. With the machine running, remove the IDE DOC that you booted from and replace it with the one you want to reprogram.
- Then, gunzip -c m0n0wall-file-name.img | dd of=/dev/hda bs=16kIgnore the warning about trailing garbage.
That's it! At this point you can remove the DOC and replace it with another one and repeat the reprogramming step, as many times as needed.
When you next boot the machine, it should load m0n0wall exactly as it would on any other x86-compatible system. Jump right in with the m0n0wall quick-start guide for PC platforms. Chapter 3: Initial Configuration is probably where you will want to start. Good luck!