In this document I explain how I changed a setting in Monowall that was
not changeable from the webinterface. When I used the pptp-vpn I noticed
that every now and then the connection was dropped, this proved to be
after being idle 1800 seconds (half an hour). I wanted to change this to
a longer period (86400 seconds) but could not find out how to change it.
First I tried to find it in the FAQ and other documents, later I also
asked in the mailing list. No answer came.
But I did find the "Getting Started: m0n0wall development" from Michael
Iedema and the "custom-m0n0wall-howto.txt" from Jean-Francois Theroux
and that last one gave me enough information.
There were however some things that did not work in my situation as I
did not have FreeBSD 4.10 but version 5.3. It appears that somewhere
along the line vnconfig disappeared and was replaced with mdconfig.
So here is what I did:
First I built myself a new FreeBSD 5.3 machine and downloaded the latest
Monowall generic pc image. Just as Jean-Francois Theroux I did all the
dirty work in a separate working directory.
# cd ~
# mkdir work
# cd ~/work
# mkdir image mfs
In this ~/work directory I placed the downloaded generic-pc-1.2b7.img.
This file is a gzipped image of the harddisk image with some added code
for a digital signature. Gzip does not recognize the file as a
gzip-file so it has to be renamed to generic-pc-1.2b7.img.gz.
# mv generic-pc-1.2b7.img generic-pc-1.2b7.img.gz
# gzip -d generic-pc-1.2b7.img.gz
Ignore the message about garbage, this is the extra signature code. We
now have the bare harddisk image that can be mounted to the image
# mdconfig -a -t vnode -f generic-pc-1.2b7.img -u 10
# mount /dev/md10 image
# cd ~/work/image
# ls -la
Here you see the contents of the harddisk image, just a few files. What
I was interested in was the mfsroot.gz. This again is a gzipped
filesystem so we have to do the same with this file as we did with the
whole image. To work with it I copied it to the ~/work directory and
after decompression mounted it to the mfs directory
# cp ~/work/image/mfsroot.gz ~/work
# cd ~/work
# gzip -d mfsroot.gz
# mdconfig -a -t vnode -f mfsroot -u 11
# mount /dev/md11 mfs
# cd ~/work/mfs
# ls -la
At last, the filestructure that I wanted to see. Here I editted the
etc/inc/vpn.inc file. And then it was just a matter of putting
# vi etc/inc/vpn.inc (or whatever you want to do)
After you are done, umount mfs and recompress it.
# cd ~/work
# umount mfs
# mdconfig -d -u 11
# gzip -9 mfsroot
The modified mfsroot.gz is now ready to be put back in the
# cp ~/work/mfsroot.gz ~/work/image
The new mfsroot.gz replaced the old one so now we are ready to umount
the harddisk image and recompress that one too.
# umount image
# mdconfig -d -u 10
# gzip -9 generic-pc-1.2b7.img
# mv generic-pc-1.2b7.img.gz generic-pc-1.2b7modified.img
Now you are ready to upload this new "firmware" to your monowall. You
will get a message that "This image is not digitally signed.", that is
correct as we did not add the signature code. After the reboot your
monowall now is running "your" adapted code.