Linux emulation

Jeff LaCoursiere jeff at jeff.net
Tue Sep 24 14:30:33 BST 2002 

Hi All,

I am trying to get Checkpoint's Firewall-1 management module installed on
FreeBSD 4.5R under Redhat 6.2 emulation.  I am not a Linux user really at
all, and am having some amount of trouble extracting what I need from the
RPM provided.

Checkpoint released a Linux version of their firewall software which is
broken into modules.  The firewall module itself involves a kernel patch,
and I don't expect I will get that working (but I don't need it).  The
management module should not require a kernel patch - it is just a network
interface between the GUI (yet another module) and the firewall
module.  All three can run on the same machine or three seperate machines
(or any combination thereof ;).

The firewall module(s) I want to manage are on dedicated hardware running
an OS called IPSO, which turns out to be stripped down FreeBSD with some
enhancements.  Currently the management module is running on my NT
desktop, as is the GUI.  My desktop dual boots FreeBSD and I use rdesktop
to get to my outlook mail and M$ apps required for office integration, but
I have to boot the damn thing in NT to modify the firewall rules or to use
the logging mechanisms.

So you see why I am incented to make this run on FreeBSD.

So I have this RPM, and if I try to install it I get:

jeffwork% s rpm -i --ignoreos --root /compat/linux --dbpath /var/lib/rpm
CPfw1-41-vpn+des.i386.rpm
error: failed dependencies:
        kernel is needed by CPfw1-41-vpn+des

Fair enough.  I then tried with the --nodeps option:

jeffwork% s rpm -i --ignoreos --root /compat/linux --dbpath /var/lib/rpm
--nodeps CPfw1-41-vpn+des.i386.rpm
jeffwork%

Which completed without errors, but didn't actually do anything (it
finished in less than a second).

I thought that RPM's were actually gzipped tarballs or some such, but
cannot seem to do anything with it with gzip, uncompress, tar, or
cpio.  Anyone know what exactly the file format is?  Or maybe how I could
unpack it and manually take what I need just for the mgmt module?

Frustrating.

Thanks,

j

On Tue, 24 Sep 2002, Neil Ford wrote:

> On 24/9/02 11:43 am, "Duncan Barclay" <dmlb at dmlb.org> wrote:
>=20
> > Hi All,
> >=20
> > I need to put together a box that connects via ISDN. Having never done
> > this, I need a bit of advice. ISDN is the only realistic thing
> > to use out in deepest Cambs.
> >=20
> > I'm looking for an ISP that will give us bonded channels, a static IP a=
nd
> > allow us to use SurfTime without dropping the line every once in a whil=
e.
> >=20
> That may be the single biggest hurdle.
>=20
> Demon offer a Surftime based product but it's single channel only. True 2=
4/7
> no disconnect.
>=20
> PlusNet may offer bonding via there "Connect" services, but at =A3120 pm =
for
> true 24/7 it's very steep.
>=20
> Most of the others (BT Openworld) have too many restrictions (maximum no =
of
> hours a day, disconnects, etc.)
>=20
> Having done a fair bit of investigation into this, I was unable to find
> anyone who provided everything at a sensible cost. If cost is no object t=
hen
> possibly talk to PlusNet or Nildram.
>=20
> > Any other ISDN experiences would be helpful too. Main question is do
> > you really need always on? Is dialing up every few minutes sufficient?
> >
> When I did this at home, I ended up with an Eicon Diva card inside an IPC=
op
> box as this provided the most stress free solution. I did consider an SMC
> Barracuda but as I already had most of the components for a firewall deci=
ded
> against it. I have clients with the SMC boxes and they are very happy wit=
h
> them.
>=20
> Biggest hassle was finding an ISDN card or adapter that was supported by
> anything other than Windows. Ideally you want either a card based on the
> winbond chipset (now very rare) or a TA that uses serial (they all seem t=
o
> be USB these days, except one from Hayes, but that was more expensive tha=
n
> the SMC box). Alternatively look on ebay for someone flogging of a cheap
> ISDN router from Cisco or 3Com (or similar).
>=20
> I have my firewall set to do persistent connections, just makes life easi=
er
> ------ FreeBSD UK Users' Group  -  Mailing List ------
> http://listserver.uk.freebsd.org/mailman/listinfo/freebsd-users
>=20

More information about the Ukfreebsd mailing list