Would you like to be notified when I update my WWW pages or specifically any of my
docs?
All of the e-mail updates sent are based from this ChangesLog WWW page. From the
sent email, you will be notified what was exactly updated.
If you're interested in subscribing to this very low traffic email list, send
an e-mail to dranch at trinityos
period com with a subject of "Add me to your updates list" and
I'll add you to the list!
-PS- If you would put in that request email, please tell me what specifically
you were/are looking for on my WWW page or TrinityOS. I'm always taking new
requests for additions and expanded coverage of topics already on my page.
So don't be shy!
Please note that this file isn't as updated as often as it should.
I do put the Top -10- recent changes on the top of the main WWW page
and I try to rotate the old entries onto this page.
11/22/20 through 05/31/21:
11/21/21: Updates to the Rpi4 doc: Adding support for Raspberry Pi Bullseye OS, clarity on the OS support lifetime of Bullseye vs. Bu
ster, added details on the new Rpi Zero-W2, IPv6 firewall support for the firewall-confirm.sh script, and improvements on the serial console section.
10/29/21: Updates to the Rpi4 doc: Added details for the new Raspberry Pi Zero 2 W, added a new section on adding variable PWM fan control, new section on changing the Rpi's LED behavior, added a new light-sensor and InfraRed (IR) transmitter section, added details for users to use SSH keys instead of passwords, IPTABLES v4 and v6 firewall updates, added points on newer firmware fixes, improved the Postfix email notification section. Updates to HamPacket:: Updated the packet tutorial section a bit, moved and updated the additional packet radio software section.
05/31/21: Updates to the Rpi4 doc: Added a new section on Rpi cases, fans, and temperature control as well as a new section for how to full or partial restores from your SD backup.
05/11/21: Updates to the site: I have enabled HTTPS on this site and I'm updating links to point to HTTPS to avoid mixed HTTP and HTTPS pages to avoid any warnings. Updates to the Rpi4 doc: Added recommendation for users to be more selective on OS updates using "apt-get dist-upgrade --no-install-recommends" to avoid bloat; Added a new section on serial console over Bluetooth; Revamped the legacy OSS Direwold Dead Airtime TX support sub-section; Improvements to the RTC section and troubleshooting I2C connectivity, more improvements and tuning for the shutdown button and watchdog sections; Updates on Signalink sound devices with newer versions having wider isolation transformers and mention of other MODs to make them perform better. Updates to HamPacket:: Updates on Signalink sound devices with newer versions having wider isolation transformers and mention of other MODs to make them perform better. Mention of other APRS clients, more USB to serial adapters and specific FTDI URLs for serial port "bit-banging" support
02/15/21: -- Announcing the new HamDigify Ubuntu document to take my Amateur Radio on Linux to the next stage using Ubuntu 20.04. This is a work in progress. Updated the Rpi4 doc Direwolf building, better understanding it's STDOUT details, and fixed DCD LED pinout labeling; added a note that Raspberry Pi OS now includes PulseAudio by default; New Fi-Pi-like I2S supplier; Updated the ax25-up/down scripts quite a bit; and improvements to the review-rpi-cpu.sh script. Updates to HamPacket:: Mention that this document will be getting deprecated for the new "HamDigify" document focusing on Ubuntu 20.04 moving forward; reorganzied the preface section to better catagorize various Ham applications by technology area; updated the /dev/serial/by-id kissattach warning; updated the D-Rats Python3 URL; Update the FT950 settings area for Fldigi; updated the update-fldigi-code.sh script to build and package Fldigi for .deb based distributions
02/22/20 through 11/22/20:
11/22/20: -- Updated the Rpi4 doc Added improvements to the Fe-Pi sound device but also that it's been EOLed. Added Kenwood D710 support to the ax25-up.new script; added note about predicable /dev/serial/by-id serial device names and kissattach segmentation faults. Updates to HamPacket:: Added a critical note about predicable /dev/serial/by-id serial device names and kissattach segmentation faults
11/04/20: -- Updated the Rpi4 doc to include the Raspberry Pi 400. Updates to HamPacket:: Updated to include other sound devices like the DINAH.
10/29/20: -- Updated the Rpi4 doc Updated to final release of Direwolf 1.6, improvements to the hardware section to include the new Raspberry Pi Compute Module 4 module (CM4 and CM4IO); added mention of other sound devices like the DINAH, DRAWS, Nexus DR-X. Updates to HamPacket:: Updated to final release of Direwolf 1.6
10/20/20: -- Updated the Rpi4 doc Added notes on the new Compute Module 4 and I/O adapter; Updates to HamPacket:: Added a section on enabling debugging programs at compile time
10/11/20: -- Updated the Rpi4 doc Updates to the Direwolf Dead airtime TX / DWC USB issue with new workarounds; added CSD decoder URLs to learn more about you Rpi SD card's internals; added a recommendation to only use one audio channel for soundcard modes to avoid inducted interference; added how to set static IPs; lots of formatting improvements. Updates to HamPacket:: Added a recommendation to only use one audio channel for soundcard modes to avoid inducted interference.
09/07/20: -- Updated the Rpi4 doc Updates to the Direwolf Cpack patch, update to the Rpi SD card imaging script (image-rpi-sdcard-multiformat.sh), mention of the new 8GB Rpi, added troubleshooting for the Fe-Pi "headphone mux" option, mention of other I2S-based soundcards, recommendations on how to pick and choose SD cards for your Pi, and added a section to enable Wifi on your Rpi from the CLI. Updates to HamPacket:: Added a new ISM band protocol section, updated tmd710_tncsetup tool version, and updates to the Chirp section.
04/15/20: -- Updated the Rpi4 doc Update the Direwolf section to resolve the cpack packaging setups. Fixed a typo when enabling the OSS workaround as well as more help on picking Rpi GPIO pins
04/13/20: -- Updated the Rpi4 doc Added the disabling of Wifi or Bluetooth for those who don't need them. Added the disabling of AX.25 KISS CRC checks, updates for the acting as a Wifi AP, mention of OverlayFS, improvements to the Watchdog section, mention about making the AX.25 listen program SUID root, and how to move to SSH-key-only authentication. Updates to HamPacket:: Add the mention about making the AX.25 listen program SUID root, updated the packetrig.sh script to include deeper debugging, added mention of the master Fl-suite compile automation script,
ion to reflect a new version
12/29/19: -- Updates to Rpi3 Doc: Now recommend to build Direwolf from the develop branch which uses the new Cmake system, Updated Lin
pac to 0.27, cleanup in the firewall section, added the analyze-direwolf-packetlog.sh and run-aprs-analysis.sh scripts, updated Rpi hardware spec section with many updates, updated the pishutdown2.py, and a
dded updates to the gps debugging. Updates to HamPacket:: Updated the Xastir section to skip adding support for GDAL, added mention of the Li
npac develop branch being at 0.27.
07/21/19: -- Updates to Rpi3 Doc: Updated the manual-ampr-start.sh script with the new reduced AMPR address; added an extensive note o
n the fact that NFTABLES has become the default firewall technology starting in Rasbian Buster over iptables; updated the DS3231 RTC section about counterfeits; aspell spell check. Updates to HamPacket:: Updated all AMPR details to reflect new/reduced AMPR address space as well as the /usr/local/sbin/manual-ampr-start.sh script
07/14/19: -- Updates to Rpi3 Doc: Added support for the Fe-Pi audio hat, added Direwolf OSS support for USB sound devices, added a RPI hardware summary, updated the mounted external HD for compiling section. Updates to HamPacket:: Updated the Outpost for Packet messaging section to reflect a new version
07/07/19: -- Updates to Rpi3 Doc: Fixed up some external USB drive mounting issues and added a work around for the missing libncurses6w-dev package
07/02/19: -- Updates to Rpi3 Doc: Added Rpi4 hardware details, extensive comparison details to the older Pis, added support for Raspbian Buster (mostly complete for all chapters). Updated the Direwolf section to v1.6C, updated the mounting/unmounting script to add Raspbian Buster support, updated the review-rpi-cpu.sh to provide more details and the firewall section to support IPv6. Updates to HamPacket:: Cleanups to the doc and packetrig.sh script for PACLEN or MTU settings.
06/12/19: -- Updates to HamPacket:: Added a new "Higher Speed" packet section; updated the AX25 build and packaging section to reflect the newest VE7FET repo with one required patch and changes to the SPEC files. Enhanced the AX.25 troubleshooting, updated Xastir to 2.1.1-pre-release, Qsstv to 9.2.4, Updates to Rpi3 Doc: Reflects updates and cleanups for the newer VE7FET AX.25 build and packaging sections; Added URLs for other soundcard options.
02/25/19: -- Updates to HamPacket: : Split the Fldigi config section into smaller peices, updates the AMPR section, Cleanups to the update-glibc-ax25-workaround.sh script. Updates to Rpi3 Doc:quick /tmp RAM drive expansion for compiling, Updated the linpac section to build from the Git develop branch, added a new special topic on building new kernels, added a link on USB soundcard enumeration, updates to the manual-ampr-start.sh script and added the new manual-ampr-stop.sh script.
09/10/18 through 12/03/18:
12/03/18: -- Updates to HamPacket: : Updated the ARDOP and ARIM sections and added a new ARDOP-GUI section; added the update-ar
dop.sh script for easier updates. Added a new 'extra features' area to the Linpac section.
11/23/18: -- Updates to HamPacket: : Updated the section on picking a radio soundcard solution. Rpi3 Doc:Updated review-rpi-cpu.sh script, Watchdog section, Direwolf compiling, significant improvements to the ax25-up.new script including AX.25 window sizes, and added notes o
n the new Raspberry Pi 3A+.
10/25/18: -- Updates to Rpi3 Doc:Minor updates to the audio card packet level section; >Packet Mheard: New document detailing HF/VHF/UHF PACKET and ARDOP stations heard and worked from QTH CM97ai
10/21/18: -- Updates to HamPacket: : Updated to mention the newly updated VE7FET AX.25 repo needs to be added to this doc as th
e RPM spec files will be broken; Rpi3 Doc:Updated to reflect the new VE7FET AX.25 repo, fixes to the ax25-up.new / ax25-up.new2 scripts, etc.
10/20/18: -- Rpi3 Doc:Major updates to the libax25 / ax25-apps / ax25-tools sections dealing with new versions and changes to their co
nfig installation
10/18/18: -- Updates to HamPacket: : Updated the ARDOP v1 version from 1.0.2.5l to 1.0.4.1b; updated Direwolf to 1.5 release; a
dded a new section on renewing expiring LOTW certificates; Rpi3 Doc:Update to Direwolf 1.5 final release; Updated the optional USB HDD mount script s
ection.
01/05/18 through 09/09/18
09/09/18: -- Updates to HamPacket: : Added an rtl-airband section, updated the version of ARiM with ARDOP; updated the Outpost
Packet Manager. Rpi3 Doc: : Added a note that a .deb force install is now needed for the ax25-tools, added the removal recommendation for the avahi-d
aemon, added initial support for IPv6 firewalls, AX.25 compile updates, several TNC-Pi updates.
04/21/18: -- Updates to HamPacket: : the CLI and GUI PAT Winlink client is now working with packet, ARDOP, and Internet. Updat
ed Direwolf to v1.5beta2. Rpi3 Doc: : Added a note about enabling Wifi and/or SSH when creating a new SD card for easier setup. Also updated the ipt
ables-ulog section to include any missing package installs and fixed some typos.
04/03/18: -- Updates to HamPacket: : Updated ARIM and Hamlib. Also noted a new D-RATS fork.
03/29/18: -- Updates to HamPacket: : Added new sections covering the ARDOP HF modem and the ARIM communications program that us
es ARDOP. ARIM supports live chat, logins to BBSes and Winlink stations, file transfers, automated responses like FSQ and D-RATS, etc. Updated the Qsstv section for a new version which requires Qt5; and a
quick update to the Hamlib section. Rpi3 Doc: : Updated the Direwolf section for the new 1.5Beta2; Updated the update-glibc-ax25-workaround.sh scri
pt and section. More updates to the Raspberry Pi hardware section.
03/17/18: -- Rpi3 Doc: : Added dual/simultaneous wifi client AP access and AP mode; added nodes on the new Rpi 3B+; updated the update
-glibc-ax25-workaround.sh script, updated the Packet on Kenwood D74 over Bluetooth section. Updates to HamPacket: : Updated the Chirp section
to use the Python-Serial module; Updated the fltk section to 1.3.4.2 for Fldigi/Flrig; Added an example Svxilnk test connection; few changes to the ax25spyd section; Noted a PTT hang workaround for the CP2
10x based USB to serial adapters
02/01/18: -- Rpi3 Doc: : Added some links for more Opto-isolated PTT circuits, noted that the Official SD Formatter tool is now available for Mac users, and updated the Doc's index a bit. I also have minor updates to HamPacket: : Fixed a broken link to point to the renamed update-glibc-ax25-workaround.sh script. Also updated the index a bit.
01/05/18: -- Rpi3 Doc: : Significally enhanced the Bluetooth section, added example support for the Kenwood D74 with BT, and added the bt-kiss-bringup.sh script. Added some details about how Debian Buster is starting to break the VE7FET AX.25 repo but the Official AX.25 repo has fixes. Moved to recommend to DELETE the "pi" user as well as other OS hardening steps. Added details on Raspberry Pi and power brownouts and how to test for it. Added a workaround for DNSMasq to start up in the presence of the wlan0 interface. Enhanced the hardware differences section. Made clearer mention that installing of Raspbian Stretch over Jessie or Wheezy is HIGHLY recommended. Added recommendations of Raspbian Lite over Pixel. Also have updates to HamPacket: : Updated the URL for the ax25spyd patch.
06/04/17 through 12/16/17
12/16/17: -- Rpi3 Doc: : Added new appendix section for a 20x4 LCD display to show date, time, Internet health check, heard AX25
packets, and CPU load. Also added an appendix for a DS3231 RTC clock to set the Rpi on boot and a new version of Linpac which lowers CPU load and other cleanups. Updates to HamPacket: : Updated the version of Linpac and Outpost. Added mention of CP2102 adapters having issues; SDR-Angel in the todo list.
11/18/17: -- Added some direct links to my various hardware TNC cheatsheets on the HAM page
11/05/17: -- Rpi3 Doc: : Added a set of critical AX.25 fix recommendation for Debian9 due to toxicity in the distro. Added a fix for
hostapd not coming up due to changes in Raspbian. There is also a new Linpac feature branch on linpac.sf.net for some idle CPU load reductions. Give it a try.
10/18/17: -- Rpi3 Doc: : Added critical "HOLD" commands to keep the various AX.25 and Linpac packages from getting overwritten with ne
wly released .deb packages that are known toxic. Also added a patch to Linpac to avoid segfaults on brand new Debian 9 installs.
10/17/17: -- Rpi3 Doc: : Changed out to a different shutdown script to avoid false failures (now uses a three second button holddown),
additional fixes for avoiding automation updates, and improved required packages for some builds. Updates to HamPacket: : Updated the Java J
RE, enhancements to the serial port troubleshooting section, and some DRM section cleanups.
09/05/17: -- Rpi3 Doc: : Updates are complete support Raspbian Stretch as well as general improvements across all sections. See the E
rrata section of the document for all the details.
09/01/17: -- Rpi3 Doc: : Signficant updates to support Raspbian Streth but I'm only about 70% complete. Also includes improvded detai
ls, formatting, better detailed index, etc.
08/27/17: -- Rpi3 Doc: : Noted that I will be updating this doc to support Raspbian Stretch in the future. Added section on enabling
APRS-IS RX-only Igate and MSG only TX-Igate functionality; interactive testing APRS-IS filters with TELNET; improvements and a repaired Direwolf-1.4-patch; updated /usr/local/sbin/mount-usb-hd.sh script; so
me improvements to unix groups, mailx email notices, etc. Updates to HamPacket: Added clarifying points on SUID for Xastir; Updated the Kerne
l update section to mention that the ElRepo kernels now support the AX.25 kernel modules; Updated the FreeDV section to reflect that this package is now in the EPEL repo and TrustedQSL section to reflect th
at binary RPMs are now available via EPEL
08/06/17: -- Rpi3 Doc: : Extensive updates to the Wifi (deprecating the legacy rtl8192 detail) and Linpac sections; added more tips and tricks (rpi temp monitoring, etc), and expanded on the intro section. Updates to HamPacket: Updated the mheardd section
08/14/16 through 06/04/17
06/03/17: -- HamPacket: : Enhanced the AMPR 44.x.x.x section, improved alsa soundlevel restores, updated to Direwolf v1.4. Rpi3 Doc: : Added ampr-ripd 2.2 and mapping location support
05/09/17: -- Intro to Packet: : Updated the doc to reflect changes in Direwolf 1.4 for connected session support
02/21/17: -- HamPacket: : Updated to the ElRepo 4.8 ML kernel w/ ALSA mixer changes, Gpredict updates, notes about closed source Mirics drivers for SDRPlay; ArcSeconds on Svxlink. Also changes to Rpi3 Doc: add Direwolf 1.4 with libgps-dev support, Added RPI HW watchdog support, Ulogd2 kernel firewall log support, better logging for the physical button shutdown method
01/30/17: -- BayCon 2017 YSF Update : What's new on the BayNet YSF/Wires-X repeater and technical technology
11/07/16: -- Rpi3 Doc: : Added Rpi v3 Wifi and BT coverage, re-added GPSd support, tmpfs ramdrive sizing, more unix groups, added a TNC-Pi support section, ax.25 testing steps, Updates to HamPacket: Updated Gqrx to v2.6, updated the Ax25spy section, and updates to the kernel building section
09/08/16: -- Rpi2 Setup: : Updates to the RPi doc for RPI3 wifi support and AX.25 TXDELAY tuning. Updates to HamPacket: for AX.25 TXDELAY tuning
02/17/16 through 08/14/16
08/26/16:Updates to Rpi2 Setup for added diag permissions and HamPacket for updated Xastir GIT builds and new SDR HW thoughts
08/14/16:Rpi2 Setup: : Major updates to the RPi2 ax25 scripts that had been orphaned before
08/13/16:HamPacket: : Updated Xastir w/ new online maps, Gqrx for improved performance
08/07/16:Rpi2 Setup: : Major updates to the RPI2 APRS / Packet document
07/30/16:HamPacket: : More USB cables, notes on sampling rates, lots of Xastir updates
07/08/16:HamPacket: : Updated Xastir to use Git now
07/07/16:HamPacket: : Major updated to the libax25/ax25apps/ax25tools section to use Git, etc
07/04/16:HamPacket: : Updated GnuRadio, gr-osmosdr, Gqrx, and everything about the Airspy R2
07/01/16:HamPacket: : Updated the QSSTV and Xastir versions
08/06/16 through 02/16/16
05/13/16:HamPacket: Added a new section: UI-Chat, updated the PSK-Mail section a little
05/06/16:HamPacket: Updated the Direwolf and "Initial AX.25 setup system settings" sections
04/27/16:HamPacket: New Fldigi TCP-KISS method, Updated Qsstv and resizing script, updated URONode
04/01/16:HamPacket: more updates for the Airspy SDR, updated Gqrx to 2.5.3, added the start of the Pat / Wk2k-go project for ev
entual Ardop support
02/08/16:HamPacket: Added support for the AirSpy R2 + Spyverter, noticed that SDR-Play support is at a standstill due to the bi
naryy-only drivers not supporting Centos6.7
02/06/16:HamPacket: Added support for the SDR Play, updated Gqrx, gr-osmosdr, and the update-glibc-ax25-workaround.sh script
02/16/16 through 11/20/15
11/20/15:HamPacket: More alternative packet modem implimentations, updated version of Linpac and contrib scripts, updated Xastir details
10/01/15:HamPacket: New Qsstv version, updated Svxlink portforwarding section, new URL for VE7FET's AX.25 tools, new URL for Direwolf
07/25/15:HamPacket: updated the Chirp, Qsstv, Soundmodem, and a few other minor index updates
06/21/15:Fixed a missing link to point the Rpi/APRS documentation to the overview movie FIRST and then the detailed docs second
06/03/15:Updated the Raspberry Pi docs, update to the Xastir, APRS messaging, Linpac, and fldigi dependency section
05/10/15:Major update to use Svxlink Maint/GIT, new Aprx release, and new picture resize scripts for Qsstv / TRXAMADRM.
02/09/14 to 02/15/15
02/15/15:Important fixes for Qsstv with the FT950 and the US Interface (Timewave) Navigator in keying up the radio w/o a locked up CW PTT tone. Updated the usinterface-commands.sh script and US Interface Navigator docs for better troubleshooting, mention the Udev determinisitc serial port naming, etc.
02/01/15:Added a new presentation on Yaesu System Fusion (YSF) and C4FM. Updates in HamPacket for Fldigi KISS mode, proper Adobe repo priorities, ABRTd settings, more advanced APRS, a new QSSTV version, and more screen captures
12/15/14:HamPacket: New sections for Fldigi support interfacing to Linux's AX.25 stack, FreeDV. Also updated the Raspberry Pi document for the newer UDR-Tracker
10/26/14:HamPacket: Updates to Linpac, GnuRadio to get GRC workink, Linpac, and PSKMail. Added a new Raspberry Pi build document supporting F6BVP's image and UDRTracker
08/03/14: HamPacket: Updates to Linpac, Aprx, and QSSTV
06/28/13 to 02/08/14
02/08/14: HamPacket: Major updates to Gqrx, QSSTV, and the kernel section
12/15/13: HamPacket: Updated the entire SDR sw stack for the new Gqrx
12/01/13: HamPacket: Significant updates to Svxlink, TrustedQSL, and Xastir
10/29/13: HamPacket: Updated various sections
10/12/13: HAM: Added my Pacificon 2013 presentation: Linux and Amateur Radio - Opening Doors without Windows"
08/31/13: HamPacket: Completed the the Ldsped section for AGW API support
08/28/13: HamPacket: Updated the WSPR section, more updates (but still incomplete) for
Ldsped, Updated the soundmodem section to add more details for Direwolf, added a Soundmodem
DCD patch, Updated the Winlink APRS messaging section, etc.
08/04/13: HamPacket: Updates to getting/compiling new AX.25 stack software from
SVN, added a new email to APRS section
10/26/12 to 06/27/13
06/27/13: HamPacket: Updates to the Linpac section on enabling various commands,
updated the AMPR section a bit
06/16/13: More updates to the Linpac messages notification script, updated
the Wine / Outpost section which now works nicely.
05/26/13: Added a email notification script for Linpac messages, added
a new SDR section including RTL dongles with GnuRadio, Gqrx, and Linrad software. Also
update the Gpredict section to include Centos6
03/28/13: Added recommendations on Chirp programming, better breakouts
on Distro pre-setups for repos, udev rules, and updates on better soundcard only
TNC daemons
06/27/13 back to 10/26/12
02/24/13: Added a new APRX section to the Hampacket docs
01/31/13: Some updates to the VoIP Linking for Amateur Radio preso
01/27/13: Added a presentation on VoIP Linking for Amateur Radio and
updated the HamPacket documentation a bit
10/30/12: Hampacket: Important updates to the Svxlink documentation
to minimize uncontrolled PTT, permission issues, etc.
10/15/12: HamPacket: Added the longest section yet on Svxlink and
Qtel which is an Echolink and full blown repeater package for linux. Deterministic
AlSA sound device enumeration, and more.
09/14/12: HamPacket: Updated the RX and TXAMADRM sections
09/13/12: HamPacket: Updated the QSSTV section
09/08/12: HamPacket: lots of updates to the doc
10/26/12 back to 02/12/12:
08/24/12: Whoami: Updated the very old Whoami page
08/17/12: HamPacket: added a section on Dstar, Drats, using
Echolink and IRLP. and more packet ax.25 optimizations
06/28/12: Updated the AX.25 package recommendations, how to
compile them, as well as updated the Udev section to be clearer and added more
USB examples, added how to compile Unode with required patches, and added a
filter script to sift through AX.25 listen logs.
06/02/12: Added various ax25 packages including AXIP tunneling support and more Linpac updates
05/16/12: Updated the Xastir and GPSd section to support Centos6
04/07/12: Significant updates to support Udev devices, updates to the hamrig.sh script to support soundmodem-based 300baud HF packed, new updated details for RXAMADRM for DRM-based digital SSTV, includes major cleanups of the Centos HamPacket documentation, added a new Norcal / Nevada GoogleEarth KMZ file, etc.
02/12/12: Months in the making, I've made major updates to the Centos documentation to support Centos 6.2. This includes major cleanups, etc. The index is a MESS but that will be cleaned up soon
08/17/12 back to 11/24/10:
12/22/11: Added a quick review on the ARRL TravelPlus for Repeaters software. More updates on the Centos doc
08/24/11: Added a MFJ-969 repair page and updated the HamPacket docs
05/01/11: Added Flrig, Flwkey, and other updates to the HamPacket docs
02/12/11: HTMLized the HamPacket documentation, more updates to it, etc.
11/24/10: More updates to the HAM pages, a few great links, etc.
09/29/10 back to 07/07/10:
09/29/10: Lots of updates to the hampacket amateur radio docs, California Hands-Free Amateur Radio exclusions, etc.
08/10/10: So it's been all quiet on my side and the kids have beaten me into submission. Right? Well, not entirely right. I've switched gears a little bit and found a new challege. HAM or
Amateur radio and Linux! Very interesting and complicated stuff with major learning curves on many fronts! New learning curves is something I've long been missing and I dig it! I've written a lot of new Linux-focused HAM docs and more are coming.
07/07/10: My Alma Mater, California State University, Chicohas decided that to save money, they will remove all Alumni accounts by August, 2010. I personally think this is a major mis
take on Chico's part as Alumni accounts drive traffic to their servers, promotes the CSU Chico brand, etc. Regardless, they made their decision so I'm moving the site over to it's own domain... TrinityOS.c
om!
07/07/10
04/02/09: Dear god, almost 2yrs since an update?! Can you say website 'ne
glect'?! I'm still here but obviously just not updating the pages. Email me if y
ou have questions on anything. Anyway, fixed a broken Dilbert URL. At least that
's a start.
04/20/07: Updated the common cables doc
01/06/07: Eek.. this site needs some attention. Planning a whole new
site layout, color scheme, etc. but for now, making some minor updates
(removing the bumpy background on most pages, etc).
01/17/06: Fixed broken links pointing to the individual IPMASQ
firewall rulesets
01/06/06: Updated the Linux Encoding pages to include how to use an
Apple iPod with Linux; Updated the Grip-setup document to talk about
copy protected CDs
11/29/05: Updated the Common Cables doc
11/13/05: Updated the IPMASQ howto
10/16/05: Posted the IPMI on Linux FC3 document
05/22/05: Updated the TrinityOS and IPMASQ documents
05/03/05: Updated the IPMASQ howto
04/30/05: Updated the IPMASQ howto
10/16/05
Rolled the following from the Top-Ten
03/21/04: Updated the TrinityOS doc
11/09/03: Updated the IPMASQ howto
11/08/03: Updated TrinityOS and the common cables guide under Hardware
08/30/03: Updated TrinityOS to remove the now-defunked SPEWS list
07/09/03: Updated TrinityOS
06/22/03: More updates to the IPMASQ howto
05/26/03: Big update to the IPMASQ howto
04/08/03: Updated TrinityOS, the IPMASQ howto, and send an update
10/20/02: Updated TrinityOS and the IPMASQ howto; sent an Update
05/03/02: Updated TrinityOS, the main page, and sent an Update
01/26/03
Rolled the following from the Top-Ten
05/19/02: Updated the IPMASQ howto and sent an Update
01/05/02: Updated the IPMASQ howto and sent an Update
12/29/01: Updated function.s and sent an Update
01/10/03
Rolled the following from the Top-Ten
12/22/01: Updated TrinityOS and sent an Update
11/18/01: Updated the IPMASQ Howto * Update Sent!
10/04/01: Updated TrinityOS * Update Sent!
11/01/02
Rolled the following from the Top-Ten
09/18/01: Updated the IPMASQ howto..
09/13/01: Updated the IPMASQ howto
09/09/01: Updated the IPMASQ howto
08/26/01: Updated both TrinityOS and the IPMASQ howto
08/13/01: Updated the IPMASQ HOWTO *beta* to 2.00.0813
01/05/02
Rolled the following from the Top-Ten
06/10/01: Updated the IPMASQ HOWTO *beta* to 2.00.0610
06/10/01: Updated the TrinityOS docs to 06/10/01
12/22/01
Rolled the following from the Top-Ten
05/21/01: Updated the IPMASQ HOWTO *beta* to version 2.00.21
05/14/01: Updated the IPMASQ HOWTO to beta version 2.00.01
10/04/01
Rolled the following from the Top-Ten
03/09/01: Updated the TrinityOS docs to 03/09/01
03/07/01: Updated the TrinityOS suite to 03/07/01
02/10/01: Updated the TrinityOS suite to 02/10/01
09/09/01
Rolled the following from the Top-Ten
11/14/00: Posted v1.95 of the IP Masquerading HOWTO for Linux
10/15/00: Updated the TrinityOS suite (minor but important IPCHAINS ruleset change)
10/13/00: Updated the TrinityOS suite
06/10/01
Rolled off the following from the Top-Ten
07/14/00: Updated the TrinityOS docs to 07/14/00
07/12/00: Updated the IP Masquerade HOWTO to v1.90
06/25/00: Added a URL to the Linux MASQ section referring to an
article I wrote on "How IP Masq works" for Linux Magazine.
Rolled off the following from the Top-TEN:
05/29/00: Updated the IP Masq HOWTO to v1.85
04/25/00: Did some cleanup to the TrinityOS SGML but there is more work to be done.
04/24/00: TrinityOS is finally converted to SGML! Woohoo! You can now get TriinityOS formats like HTML, PDF, PS, etc!
Sent out an "Update" to the people on the Updates email list.
01/06/01
Rolled off the following from the Top-TEN:
04/09/00: Made some signification changes to TrinityOS and the TrinityO archive
Sent out an "Update" to the people on the Updates email list.
03/27/00: Updated TrinityOS and the TrinityOS archive with important DHCPcd and root exploit info!
Sent out an "Update" to the people on the Updates email list.
10/15/00
Rolled off the following from the Top-TEN:
03/19/00: Updated TrinityOS and the TrinityOS archive
03/18/00: Updated TrinityOS and the TrinityOS archive
03/18/00: Updated the Internet retailers URL on the CD-R page
02/21/00: Updated TrinityOS, including new firewall rulesets, archive, etc
06/25/00
Rolled off the following from the top-ten
02/21/00: Updated the IP Masq HOWTO to v1.82
01/24/00: Updated TrinityOS, posted a 01/03/00 TrinityOS port to .doc and .pdf, and updated function.s
05/29/00
Rolled off the following from the top-ten:
01/17/00: Updated TrinityOS and the TrinityOS-security archive as well
Updated the CD Writer page to add clarifications of CD writer formats and issues
with different colored blank CD media.
04/09/00
Rolled off the following from the main page's Top 10 list:
Updated TrinityOS and the archive as well - 01/02/00
3/26/00
Rolled off the following from the Main page's Top 10 list:
Added PS, PDF, and a TGZ archive of the IP-Masq HOWTO v1.80 - 01/02/00
03/18/00
Rolled off the following from the Main page's Top 10 list:
Added a Link under the Security section for the Tripwire Exploits Poster - 12/26/99
Added a link under the Linux page for people who are interested in my new Linux Security book from SANS - 12/26/99
Updated the "Who Am I" page since it was pretty out of date - 12/26/99
12/26/99
Updated the IP Masq HOWTO to v1.80. Check out its last section for changes
12/23/99
Updated the TrinityOS firewall ruleset, archive, and added a section on file system
recovery.
8/28/99
Added the MyComputer.com WWW counter. Yeah.. I know, I need to impliment
my own but until then, this is a nice solution. Check it out.
http://www.superstats.com
05/06/99 - Added "common-cables.txt" to the hardware page for NULL serial, NULL
parallel, 10/100Mb/s ethernet (strait and crossed).
http://www.trinityos.com/HARDWARE/performance.html
05/02/99 - I really haven't been updating this page as much as I should but
most of my time has been spent on TrinityOS so all changes there
are noted in TrinityOS [Section 100]. Anyway..
- I've added a simple navigation toolbar to the TOP/BOTTOM
of all WWW pages. Should be much easier to move around now.
- Added a little section on how to evaluate hard drives in
terms of performance.
- Updated TrinityOS
3/10/99 - Lots of changes to TrinityOS. I'm not going to put them here since
it would be a waste of bandwidth. Check out the ChangeLog at the
end of the TrinityOS for full details. I appologize for all this
but once its converted to SGML, this won't be an issue.
http://www.trinityos.com/LINUX/index-linux.html
02/11/98 - [Notified the Updates email list]
02/11/99 Placed short header names in each [Section]
*Sent name. Makes topicseasier to find.
Update* [Section 2]
Added the note that there is now a description
of how packet and statefully inspected firewalls
work.
[Section 3]
Changed the "Future Features" section to group
similar taskes. ie. Networking, hardware, etc.
Also added a future feature to do more GUI help.
[Section 3]
Added a backup URL for IPCHAIN's IPmasqadm
since Juanjo's main ML.ORG site is now 404.
[Section 5]
Indented all the Security URLs, added L0pht,
Rootshell, etc URLs.
[Section 5]
Updated the "How firewalls work" flow diagram
to include the FORWARDING rule.
[Section 10]
Added a little blurb on what are the differences
between packet and statefully inspected firewalls
work.
[Section 10]
Doh! The explict OUTPUT firewall ruleset was
matching the wrong ports for the MASQ and
NON-MASQ strong ruleset! This isn't a
super huge issue but it IS sloppy!!!
For example:
From:
#secure1.host.com
/sbin/ipfwadm -O -a accept -W $extif -P tcp -S $extip/32 -D $securehost/32 ftp ftp-data ssh pop-3 $unprivports
To:
#secure1.host.com
/sbin/ipfwadm -O -a accept -W $extif -P tcp -S $extip/32 ftp ftp-data ssh -D $securehost/32 $unprivports
[Section 10]
Fixed the DHCP rules to reflect the port
names of "bootps" and "bootpc" vs. ports 67
and 68. Makes things more readible.
[Section 10]
Made sure the /etc/services file has:
--
bootps 67/udp # bootp server
bootpc 68/udp # bootp client
--
[Section 27]
Recently found out on the BRU mailing list
that when you use BRU's software compression
or your tape drive's hardware compression,
you should set the tape drive's capacity setting
to "0"!
[Section 29]
Added a little section on how to test Bru's
tape backups * VERY IMPORTANT*
[Section 29]
Under the RPM testing section, added another
RPM test with a double -vv to really look
at a given RPM.
[Section 50]
Made Lynx permissions recommentations for
Lynx users running older versions than 2.8.1.
[Section 50]
Noted that though not included in Slackware
or Redhat, the ProFTPd daemon included with
Debian Linux is vunerable to the same FTP root
exploit that Wu-ftpd is vunerable.
[Section 50]
02/10/99 Updated the Feature Sets to reflect the support
of multiple Internet domains on one box for
DNS and EMAIL
[Section 3]
Changed the default permissions on Redhat's
/bin/rpm from 755 to 700. Normal endusers
shouldn't have access to something like this.
[Section 7]
Clarified that users should ADD the specific
lines to the /etc/syslog.conf file and not
replace the exitsting file.
[Section 9]
Added both a Slackware and Redhat version of
the /root/logit script
[Section 9]
Cleaned up the "supporting more than one
Internet DNS Domain" section and fixed some
formatting issues.
[Section 24]
Cleaned up the "supporting more than one
Internet Email Domain" section and fixed
some formatting issues.
[Section 25]
Moved the RPM installation pre-installation
tests to [Section 50] since you should
follow these simple recommendations EVERY
TIME before you install an RPM
[Section 25]
Upgrade the "run-rpmwatch" script to v1.1.
This added "rm -f rh-errata.txt" to the
end of the script to clean up the lose
tmp files.
[Section 43]
Moved from [Section 25] a pre-RPM TEST list
to make sure that the user is aware of any
files that will be overwritten/DELETED, etc.
[Section 50]
Installed an RPM to fix security:
wu-ftpd-2.4.2b18-2.1.i386.rpm
[Section 50]
02/09/99 Added a few Future Feature sets:
- Mail Backup: Setup MX email backup
- IPv6: Configure and setup IPv6 and possibly
setup a IPv6 tunnel via the 6Bone
- Dial Backup: Add analog modem dial backup
when the ADSL/Cablemodem goes down
- CODA: Replace NFS support with CODA
- Implement a new 2.2.x kernel
[Section 3]
Added a very detailed description and diagram
of how any TCP/IP packet firewall (including
IPFWADM and IPCHAINS) operates.
[Section 10]
Cleaned up area between the MASQ vs. NON-MASQ
rc.firewall rulesets
[Section 10]
Updated the MASQ and NON-MASQ rc.firewall to v2.90
- Changed the default policy for
INPUT/OUTPUT/FORWARD from DENY to REJECT.
This is actually just a symantic issue
since I was REJECTing all non-allowed
packets at the end of each INPUT, OUTPUT,
and FORWARD section.
[Section 10]
Detailed out how to support muliple Internet domain
names from one DNS server. Simple!
[Section 24]
Added a note that if you are going to support
email for multiple Internet domains on this one
box, you need to add those domain names to the
/etc/sendmail.cw file.
[Section 25]
Added a rough tape drive benchmark output in the
/usr/local/sbin/bru-fullbackup file.
[Section 29]
Moved a bunch of old Updates to the old Updates
URL given at the top of this section.
[Section 100]
02/08/99 Updated the "ssh" profile to include the -C and
-P options to enable Compression and to disable
rsh (tcp ports > 1024) support. This would
break the ability to SSH out of the rc.firewall
ruleset.
[Section 30]
02/07/99 Updated the MASQ and NON-MASQ rc.firewall to
v2.80
- Clarified the input/output rules for
HTTP to use the -W interface option
and added a #ed out rule for allowing
HTTP traffic directly to the Linux
box from the Internet.
[Section 10]
02/04/99 Fixed a typo from /var/adm/log.to.ttys to
/var/log/log.to.ttys
[Section 9]
--
=====================================================
02/09/99 - Lots of changes to the TrinityOS doc. See the TrinityOS changelog
at the bottom of the document for full details.
- Cleaned up the Who-Am-I section a little
- Changed the layout of the main ~dranch WWW page
=====================================================
01/08/99 - [Notified the Updates email list]
=====================================================
01/08/99 Fixed some spelling issues
[Section 1]
Added the Future Feature to move /var/log/sendlogs to /usr/local/sbin
Fixed some spelling issues and added the fact in the Future Features
section that I think I'm going to implement a SWAN / IPSEC VPN instead
of a SSH/PPPd VPN.
[Section 2]
Added IPCHAINS URLs
Added SWAN / IPSEC URLs
[Section 5]
Documented the fact that most Linuxs truncate all passwords
after 8 characters and how its critical to make good passwords.
Fixed a anonymous FTP file name typo. Should have been
/etc/ftpaccess.
[Section 8]
Changed the perms on /etc/syslog.conf to 600
[Section 9]
Added the pointer to check out [Section 40] for specific NFS
IPFWADM exceptions.
[Section 10]
Added a little text intro on how Linux Alpha and Beta kernels
are numbered and what it means to be an "even numbered" kernel.
[Section 12]
Documeneted the rational to always run/not-run Sendmail and
noted a few critical things for users that are NOT always running
sendmail but do want to send mail from their Linux box.
[Section 25]
Did some cleanup to the NFS section, added "635/udp mountd"
to /etc/services {Why isn't there now?}.
Added specific exceptions to the IPFWADM ruleset to allow NFS traffic
to specific hosts on the internet.
[Section 40]
Did some clean-up to the IPCHAINS section and added a pointer
about 2.1.x / 2.2.x kernels to the Kernel section.
[Section 44]
Added the use of the pwck and grpck commands to check for hacked
/etc/passwd and /etc/group files.
Added the use of the "last | more" command to check when users
last logged in.
[Section 46]
* Lots of thanks to Andy Barclay for his editorial eye on these
* fixes.
01/06/99 Moved all changelogs prior to 12/22/98 to
the URL above. (64 changes/additions)
[Section 100]
01/05/99 Changed the System backup section name to reflect minimum
and quick backups to floppy
[Section 2 and 3]
Added the LDP's Security HOWTO URL
[Section 8]
Changed the /var/log file perms from 700 to 600
Changed the cron daily's execution order to
correct lost log issues from the "rotatelogs"
executing.
[Section 9]
Change the section name to "Backing up your box (minimum files to
floppy and full backup to tape with BRU)"
Added minimum critical files to backup to floppy in addition to
backing up the whole system to tape or CD. Lots of good stuff
in here!
[Section 29]
Added the "ssh" alias to use the BlowFish codec for outgoing
Linux SSH connections
[Section 30]
Added the "So you think you are being hacked.. Confirm it!" section
[Section 46]
12/29/98 Added the NMAP portscanner to the feature set
section
[Section 3]
Added the NMAP URL (doh!)
Thanks to Fidor for pointing this out..
[Section 5]
Added NMAP portscanner installation and use instructions
[Section 45]
Added a PAM RPM update
[Section 50]
12/28/98 Added the PPPd/SSH VPN in the future features
[Section 3]
Added the beginnings of the IPCHAINS section
[Section 44]
Fixed the MRU setting in /etc/ppp/options
[Section 22]
Fixed the APCUPSD paging scripts. It turns out that you CANNOT setup
the /etc/apcupsd.conf file with something like:
RETCMD /usr/local/sbin/apcupsd-page retcmd
Each file must be unique. So, the fix is to configure and create
individual scripts
RETCMD /usr/local/sbin/apcupsd-retcmd
[Section 36]
Added the "Dial-in terminal / PPP access via a modem" section for OOB (Out of
Band) access to your linux box if you screw up your IPFWADM rulesets, your Inet
connection is down, etc. There are also specific notes on working around
answering machines, etc.
[Section 42]
Changed the MASQ UDP timeouts to 2 hrs to stop ICQ users from "flapping".
[Section 10]
Renamed the SYSLOG monitor from "logit" to "log.to.ttys" and moved its execution
from the crontab to the execution of "sendlogs" to fix any possible race conditions.
[Section 9]
http://www.trinityos.com/LINUX/index-linux.html
12/22/98 - [Notified the Updates email list]
Updated the Table of Contents to reflect Secondary support
[Section 2]
Updated the Feature list to reflect that TrinityOS documents SECONDARY servers.
[Section 3]
Fixed a typo in the shadow conversion where I was refering to /etc/pam.d/password
instead of /etc/pam.d/passwd . Clarified the shadow file conversion between crypt and
MD5
[Section 8]
Cleaned up the tty logging stuff to reload after each day.
[Section 9]
Added how to configure a SECONDARY (SLAVE) DNS server
Fixed a typo for the name of the SECONDARY dns server in /var/named/acme123.com.db
[Section 24]
Updated the SSH section to reflect the useage SecureCRT v2.3.1 and the BLOWFISH
cipher (from 3DES), the use of SSH compression, and the change of the scrollable buffer.
[Section 30]
http://www.trinityos.com/LINUX/index-linux.html
12/17/98 -
Updated the standalone and MASQ IPFWADM rulesets to reflect the usage of using
PPPd's enviroment variables
[Section 10]
Added paging support to the feature set
[Section 3]
Added the clarifications on the SCSI controller setup to enable DISCONNECT
[Section 4]
Found a failure in the /var/named/root-hints-update script where one of the
root servers would be contacted but NOT report any of the ROOT-SERVERS. Thus..
DNS would then break. I have added another test condition to stop this from
happening again. The DNS-HOWTO maintainer has been notified.
Moved the /var/log/root-hints-update script to /var/named/root-hints-update
Also added version notes to the script
[Section 24]
Updated the APCUPSD configs to be more specific
Added the features to have APCUPSD log notices to SYSLOG and optionally
PAGE you when something happens.
[Section 36]
Disabled RZ and SZ for normal users due to a permissions issue. Hopefully a
patch will be released soon.
[Section 50]
Added a clarification for the optimization notice to PPPD for users who are having
slow WWW browsing issues to specific sites.
Donald Spoon
[Section 22]
http://www.trinityos.com/LINUX/index-linux.html
11/27/98 -
Updated the intro
[Section 1]
Re-organized the Features section
[Section 3]
Updated the Distribution intros a little
[Section 6]
Moved the console TTY syslog logging to /dev/tty8
[Section 9]
Expanded the LILO section to understand multiple NIC cards, deal with RAM size
recognition, and fixing typical LILO booting problems.
[Section 15]
Updated the BRU exclude files to not compress RAR files
[Section 29]
Cleaned up the Intro page a little more
[Section 1]
Added the NFS section to the Index
[Section 2]
Added the NFS section to the Feature list
[Section 3]
Updated the hardware section to reflect the removal of a old 540MB IDE disk
and a failing of a 1GB SCSI disk. Replaced both with a 10GB 7200RPM disk. Updated
the CMOS and FDISK details to reflect the new hardware.
Updated the mount list to show the addition of two more HDs to the RAID0 setup
[Section 4]
Updated the distrobution section to reflect the changes found in Redhat 5.2 and
Slackware 3.6.
[Section 6]
Updated the RAID section to now stripe 4 drives
Fixed a typo when we were supposed to format the array. I had "e2fsck" when it
should have been "mke2fs". Doh!
[Section 31]
Added a whole new section on adding NFS to Linux.
This section includes setting up botht the NFS server and client. This section also
goes into detail about Linux NFS performance and security concerns.
[Section 40]
Removed the initial module loading for the MASQ IRC and Quake modules. IRC has
been recently used as a vehicle for Back Orofice exploits. But.. if you use IRC and
Quake a lot, you need to un-# out these lines in the simple, ANAL, and NON-MASQ
IPFWADM rulesets.
[Section 10]
Last night, the "root-hints-update" file for DNS failed for some reason. Because
of this, the script then replaced a good /var/named/root-hints.db file with a bad one.
I have updated the script to check for the "SERVFAIL" attribute and if it is present,
the script will NOT not hose a good hints file.
[Section 24]
Added the domain name to the /etc/mail/sendmail.cw file for NON-MASQ but mail
authoritative servers
[Section 25]
Re-arranged the Feature sets to group types of features together.
Moved the Xwindows feature to the TO-DO section since I haven't done it and added
the feature set to impliment the WindowMaker window manager.
[Section 3]
Re-layed out the Hardware info section
[Section 4]
Updated the Redhtat 5.0 & 5.1 RPM Patches list
Interestingly enough.. there are patches in the Redhat 5.1 area that are NOT in the
5.0 area. This sucks!
Installed (14) new RPMs
[Section 50]
Added my SCSI IDs to the doc.
[Section 4]
Added the BRU manual URL
Changed the BRU buffer size from 20K to 16K to fix some buffer underruns.
Added Bru log file renaming and compression to safe file space
Added a URL to a Boot/Root/Util rescue diskette utility for Linux and BRU. Once
I get some time, I will document how to use this util.
[Section 29]
Corrected a mistake and added a address for the external broadcast address in the
search/replace section
[Section 7]
Added the "securehost" line in the TCP wrappers /etc/hosts.allow file to be
consistent with the IPFWADM rulesets
[Section 8]
Updated the MASQ IPFWADM ruleset to reflect the usage ports 1024-65535 since SSH
sometimes creates connections at port 1023. Lame.
Updateded the MASQ IPFWADM ruleset to include a variable for the external broadcast
address $EXTBROAD.
Added TCP DHCP support for the MASQ firewall.
Deleted out the header comments from the MASQ firewall to now properly reflect the
setup for for the single-host firewall ruleset.
DNS outgoing rules for the single-server firewall rulesets should have the Source
instead of Destination port 53 for outgoing DNS. DOH!
Added #ed out IPFWADM statements to both the MASQ and single server rulesets to
-NOT- log stray BOOTP traffic (port 67,68), Samba traffic, (ports 137,138), RIP traffic
(port 520), and SNMP (port 161)
[Section 10]
Added instructions to be able to upload HTML files directly into the /home/httpd/html
directory.
[Section 37]
Delete the DNS v4.9.x config feature
Added the to-do CACHING ONLY config for DNS 8.1.x
[Section 3]
Clarified the use of the "extif" variable for dynamic PPP users
Made recommendations for PPP users to load the /etc/rc.d/rc.firewall script
from the /etc/ppp/ip-up script.
[Section 9]
Updated a few of the comments in the DNS 8.1.x configs DELETED the 4.9.x DNS
configs
Thanks for the recommendations from Eddie_Atherton@ibm.net
[Section 24]
Added the addition of the sticky bit to /tmp
[Section 8]
Added a SUID search for files that are group or other writable.
[Section 8]
Added the automatic execution of the rc.firewall ruleset in the /etc/ppp/ip-up
file for PPP users.
[Section 22]
Added a great LINUX FAQ for DHCPCD, etc
[Section 35]
Made two mistakes on the dynamic IP script used for PPP users. It was EXTNIC
instead of EXTIP and I needed "Execute" marks instead of apostrophes. Thanks to
MikeS@bn.com for this one.
[Section 10]
Made a few downloading clarifications for the IPPORTFW code
[Section 11]
Wow.. (2) MONTHS without a public update! Well, I promise I wasn't idle!
I have completely revamped the TrinityOS doc and added several MAJOR chapters.
I'll just list some of the more MAJOR points here and let you read about all the
little changes in [Section 100] of the doc:
- Added the WWW functionality to the feature list
- Added an additional strong IPFWADM ruleset for single-NIC non-masquerading servers
- Added Section 38 for Tripwire monitoring
- Added the beginnings of backing the machine up to a CD-R
- Added the APCUPSD configuration
* Added a search/replace section for endusers to
do a search/replace on a downloaded copy of TrinityOS
to customly change the doc to reflect their enviroment.
I honestly beleive this will help people setup their
Linux boxes faster.
- Removed FTP guest access
- Added MD5 hashing to the shadow password setup
- Added the cracklib.so module to the passwd system
- Added monitoring /var/log/maillog on tty9
- Added IPPORTFW compiling and rulesets be sure you read the notes section in there
- Changes the Firewall to REJECT outgoing PPTP, Remote Winsock, NFS, PcAnywhere,
and Xwindows highports.
- Added a little intro blurb on how Redhat start/stops daemons from the various
/etc/rc.d dirs.
- Completely OVERHAULED the IPFWADM firewall rulesets. To be honest.. the old
ones SUCKED!
- Fixed the FTPd defaults so that Redhat will properly work with a patched version
of Tar (supports Bzip2) and properly support "compress" compression on the fly!
- Disabled anonymous FTP -- VERY IMPORTANT!!!!
- Fixed the permissions in the rc.cdrom file so people can READ the files.
Evidently, though the permissions don't correctly show up in a "ls -la",
they DO work!
Added a Linux mail archive link to the Linux page. This WWW link is
a great of researching a problem that you are having with Linux and
none of the MAN pages, HOWTOs, FAQs, etc help.
http://www.trinityos.com/LINUX/index-linux.html
Added a new header section to the Updates section. This now clearly shows
how many Redhat RPMs are available, installed on TrinityOS, and when it was
last updated.
[Section 34]
Added (12) RPM patches
[Section 34]
Added the chmod stuff for dumpreg
[Section 34]
Added the addition of a CD-ROM changer
[Section 30]
Made some changes to the intro and shifted the table of contents.
[Section 2]
Updated the RAS page to fix the broken RFC links! I hate it when that
happens!
Added a link to IndyRamp's MASQ page for more EQL info.
Added the ISDN, ADSL, and cableomodem cost and performance comparison
chart to the ISDN and ISDN Cost pages for easier navigation. This is
proof that my WWW page REALLY needs to be re-designed!!!
http://www.trinityos.com/ISDN/isdn.html
Made some formatting changes, added a few more GIFs to make things prettier,
fixed some broken links, etc
I didn't realize that SSH out of the box does NOT observe the
/etc/hosts.deny and allow TCP wrapper files!! So.. I updated the
SSH section to use wrappers. VERY IMPORTANT!!! [Section 28]
http://www.trinityos.com/LINUX/TrinityOS.wri
Added the Linux Applications and Utilities page URL
Made some significant additions to the TrinityOS doc:
Updated the SSH section to reflect upgrading to v1.2.25
to avoid a new SSH exploit.
Section 28 and 34
Clarified the POP3 setup
Section 26
Added some DNS (Bind) descriptions and security enhancements using the Bind v8.1.x
"allow-transfer" and "xfernets" parameter. Also added a few other updates for my
enviroment.
Section 22
Changed over NTP clients to something a little more robust and added the URL to
the main NTP site for people to find a local NTP server. Also updated the NTP stuff
for both updating at 15mins or 60mins and now have instructions for both Slackware
and Redhat users.
Section 24
Updated the distro descriptions and how Slackware, to Redhat, to Debian are
different. The more I play with Redhat, the more I realize that it ISN'T a
straitforward UNIX. I also added a few fixes for Redhat users on quirks I've
noticed in v5.0.
Section 6
Fixed a few things in the /etc/bruxpat file. Multi-volume ARJ files that start
with EITHER a "A" or "a" (such as myfile.a01 and myfile.A01) are now not compressed.
Section 27
Changed the DHCPd setup to reflect giving out DHCP addresses to (2) more machines.
Section 25
Noted that I need to merge my existing Masq-PPP and Masq-Diald-PPP docs into TrinityOS.
Section 3 and 20
Added more things to the "Future Features" section including:
Adding a CD-ROM changer, installing (2) HDs and (1) tape drive, impliment MD0spanning or
software-based RAID-5, setup SPLIT-DNS, impliment automatic weekly incremental tape
backups, and move this doc over to HTML format.
Section 3
Made a bunch of minor layout changes
06/10/98
Added SYSLOG (syslog, messages, kernel, maillog, etc date parsing, filtering,
and mailing. This is good for when you'd like to know if any strange things are
happening to your Linux box (processes failing, hacker attempts, etc). This script
also optionally monitors how many times your modem line came online (or failed due to
busies,etc) and report what speeds it connected at in a nice summarized table.
The logs are then mailed to a specified mail address once a day. Nice!
Added the installation of Netwatch
Updated the doc to reflect the new 2.0.34 kernel and the new v1.16
3c509.c driver
Updated the TrinityOS doc to install Redhat RPMs in bulk and how to work around
some of the lame things that the RPM exe file does and how Redhat documents their
errata.
http://www.trinityos.com/LINUX/TrinityOS.wri
Added the LinuxConf WWW page. This new GUI configuration tools looks
like both a newbie and power-user's ultimate configuration tool. Check it
out.. Redhat v5.1 just adopted it!
http://www.trinityos.com/LINUX/index-linux.html