Home

Current Release 4.2

1. Build Machine
2. release.sh Instructions
3. image.sh Instructions
4. Customization
5. Write Image
6. Post Installation
7. Known Issues

Project Status Please note that this project is no longer active. If you are interested in taking over the code base please let me know.

Project Links

• Changes
• Downloads
• Project Goals
• Project License

Description

Greenfrog is set of scripts can be used to create an OpenBSD firewall to protect a private network from the internet.

The Greenfrog scripts will create an OpenBSD bootable disk image suitable for installation on a compact flash card. This image is intended for the low power Soekris devices but should work for any device that will boot OpenBSD.

The build process involves running two shell scripts, release.sh and image.sh.

Why?

Using a compact flash card in a firewall device has the advantage of containing no moving parts to generate heat or fail.

However, compact flash cards do have a limited number of writes before they start to generate errors. When used as a drive in a computer, this limited writes can eventually lead to problems.

This script mounts root as read only and moves any writes to a memory based filesystem.

License, source and credit

The code is release under the BSD license.

The svn repository can be browsed here: http://svn.gordonturner.ca/greenfrog/.

Based on both OpenSoekris and flashdist.

Requirements

• A build machine or VMWare virtual build machine.
• Official OpenBSD CDs.
• A compact flash card, 256MB or greater recommended.
• Soekris device, or other destination device.
• A device capable of reading a serial console.
• Compact flash writer.

Build Machine

A build machine is required to get a current OpenBSD build and create a compact flash boot image. This build machine can be a VMWare virtual machine or a physical machine.

For details about setting up a build machine, see Build Machine.

release.sh

The release.sh script prepares a set of binary packages for installation by either copying them from the published OpenBSD cds or by building them from source updated from cvs.

image.sh

The image.sh script takes the binary packages and uses the host build machine to create a compact flash bootable image.

Customization

The compact flash bootable image will need to be customized to suit the destination network. This can include configuring network cards, setting packet filter firewall rules or turning services on like ntpd.

For details about customization, see Customization.

Write Image

Finally the image must be written to the compact flash card. A low level utility, such as dd, is required to copy the image onto the card.

For details about writting the image, see Write Image.

Start with Build Machine.

Site Map

• 4.1
  • Build Machine (Release 4.1)
  • Customization (Release 4.1)
  • image.sh Instructions (Release 4.1)
  • Known Issues (Release 4.1)
  • Post Installation (Release 4.1)
  • release.sh Instructions (Release 4.1)
  • Write Image (Release 4.1)
• 4.2
  • Build Machine
  • Customization
  • image.sh Instructions
  • Known Issues
  • Post Installation
  • release.sh Instructions
  • Write Image
• Changes
• Downloads
• Notes (Release 4.2)
• Project Goals
• Project License
• Project Management (Release 4.2)