#719411 tasksel: Standard out-of-the-box configuration as a router

#719411#5
Date:
2013-08-11 12:59:16 UTC
From:
To:
Dear Maintainer,
*** Please consider answering these questions, where appropriate ***

   * What led up to the situation?
   * What exactly did you do (or not do) that was effective (or
     ineffective)?
   * What was the outcome of this action?
   * What outcome did you expect instead?

Debian Installer (through tasksel) allows to tune the software for certain
specific use cases, such as Web server, Mail server, Print and SQL server, etc.
It would be very nice to have in this list the "Router" option, which will
install all the relevant packages and configure them accordingly for the
computer to become a router. It should have WiFi support and turn the computer
into an Access Point and it should also support DSL and other modems.
Motivation: there are a lot of small, low-power computers out there which are
intended for 24/7 use (see Utilite, Raspberry Pi, Beaglebone, Olinuxino, etc).
Many of them are actually cheaper and much more powerful than todays DSL-
WiFi/Routers. So if Debian provides an easy way to configure them as
routers/AccessPoints people will get cheap and powerful routers that could be
used for a variety of other cases such as home automation, etc. Web UI/GUI for
configuration might be nice at some point but its lack should not prevent the
feature from being released.

Thank you!

*** End of the template - remove these lines ***

#719411#10
Date:
2013-08-11 13:46:55 UTC
From:
To:
Quoting ST (smntov@gmail.com):

Hello,

The suggestion is interesting, however, it lacks the mention of the
packages you would consider as needed. Please notice that tasksel
itself is only a convenient way to install some related packages, not
really to configure them for specific needs.

So, what it can do is only installing what you would consider as
needed for a "router".

On the other hand, what you're suggesting seems somehow relevant to
the "FreedomBox" idea and may better belong to packages provided
inside this project.

#719411#15
Date:
2013-08-12 12:19:17 UTC
From:
To:
Hi Christian,

thank you for the info on "FreedomBox". I checked the project and I
think that it has a bit more specific agenda, however they are the
people who have relevant experience to implement what I was referring
to.

I think a package "router-conf" should be created and installed through
"tasksel" upon user's selection of "Router" option. It should depend on
all the relevant packages, install and configure them, depending on the
hardware it was able to detect.

I personally lack the knowledge and experience to implement something
like that. And I also do not have such a device yet. Considering the
market potential for such a feature (remember - EVERY Internet user has
some kind of router at home) I think it is worth investing effort in it.
Once implemented and announced through sites like Engadget, Slashdot,
etc. it might bring a lot of new users to Debian. And even not because
of ideological but rather pragmatical reasons - why should one pay
double or triple price for a weak, incapable and locked device when one
can buy a cheap desktop-power-like computer, that can be used for a
variety of other tasks ranging from web of file server up to home
automation.

Christian, if "tasksel" is not the right place for such feature request
- could you please reassign it to the proper category?

Thanks.

#719411#20
Date:
2013-08-13 14:07:18 UTC
From:
To:
Hi,

It seems you have a couple of separate ideas maybe:
* a pre-configured system, a project more like a 'Debian Pure Blend'
* a generic 'tasksel' task of networking utils

The FreedomBox is an example of a more specialised project.  Debian Edu
also preconfigures its servers for NAT.  And there is also
https://wiki.debian.org/DebianLAN

You may want to look at the third-party project LibreWrt which sounds
like it could be optionally built from Debian sources.  (Official builds
are based on Trisquel, a Debian derivative).


FWIW for 7+ years I have used *only* Debian GNU/Linux, Debian
GNU/kFreeBSD, or other *BSDs for routers or access points at home, and
at some other deployments too.  I already know which packages I need, so
as long as the installed system has network access I can get them from a
network mirror later.

If it was viable to create a tasksel task for this, it would be
difficult to decide how many packages is enough, or too many.  Systems
used as routers are often low-powered with very limited space.  It is
desirable to provide everything possibly needed to get a network
connection, then maybe some 'Recommends' on other useful packages.  My
own ideas are:

Wireless:
* iw [not kfreebsd-amd64, kfreebsd-i386]
* wireless-tools [not kfreebsd-amd64, kfreebsd-i386]
* hostapd

Modem:
* ppp [not kfreebsd-amd64, kfreebsd-i386]
* pppoe
* pppoeconf
* usb-modeswitch

Services:
* bind9
* isc-dhcp-client
* isc-dhcp-server
* ntp
* openssh-server

IPv6:
* radvd

Diagnostic:
* dnsutils
* elinks
* inetutils-ping
* inetutils-traceroute
* mtr-tiny
* nmap
* tcpdump
* wget
* whois

Reporting:
* collectd-core
* logwatch

VPN:
* ipsec-tools
* openvpn
* strongswan

Firewall/traffic shaping:
* iptables [not kfreebsd-amd64, kfreebsd-i386]
* iproute [not kfreebsd-amd64, kfreebsd-i386]
* pf [kfreebsd-amd64, kfreebsd-i386]
* denyhosts | fail2ban (for protecting the router itself)

+ more userland tools for managing a firewall (as long as having them
installed doesn't mean they are immediately active/conflicting).
wondershaper, shorewall, ufw...

And offline documentation!

Regards,

#719411#25
Date:
2013-08-14 11:06:41 UTC
From:
To:
Actually I would like to see it both - the set of required utils and
their proper configuration that creates a Router/AP in tasksel within
regular Debian distro and not as a specialized blend. The reason for
this: unlocked, generic hardware became powerful/cheap enough to run
even Gnome (check this - http://utilite-computer.com/web/utilite-models
). So there is no more reason to hack the weak routers in order dump
OpenWrt, risking to brick them, if you can get a real desktop. The idea
is to make it easy for a regular mainstream user to enable this feature
on such hardware (which will bring him real added value) and in the same
time get him acquainted with Debian.

No longer... This feature should be oriented on user (who will buy
powerful hardware) and not on router manufacturers (who try to be
minimalistic in order to keep costs low). Optionally you can have second
package - "router-config-minimal".

yes, and the non-free firmware should also optionally be provided for
the autodetection process.

Could you pack your configurations for all this in a separate package,
and we are done basically?

#719411#30
Date:
2013-08-23 10:48:21 UTC
From:
To:
It is based on Debian:

http://leaf.sourceforge.net/

So maybe integrate into the main Debian?

#719411#35
Date:
2013-08-23 14:11:40 UTC
From:
To:
Looks highly unlikely.  The only proejct there that looks active is
uClibc based, which clearly isn't going to integrate with a glibc based
system very well.

Now maybe some components of it could be packaged and somehow be useful.
No idea.

#719411#40
Date:
2013-08-24 19:13:14 UTC
From:
To:
is IPFire also uClibc based?
#719411#45
Date:
2013-08-26 16:28:55 UTC
From:
To:
It appears to be a regular linux system with glibc and such.