Wiki de Confiared

User Tools

Site Tools

Trace: change_for_headless_router

Sidebar

change_for_headless_router
Clean the console and output to serial

Into /etc/inittab:

Comment: 

# TERMINALS
#x1:12345:respawn:/sbin/agetty 38400 console linux
#c1:12345:respawn:/sbin/agetty 38400 tty1 linux
#c2:2345:respawn:/sbin/agetty 38400 tty2 linux
#c3:2345:respawn:/sbin/agetty 38400 tty3 linux
#c4:2345:respawn:/sbin/agetty 38400 tty4 linux
#c5:2345:respawn:/sbin/agetty 38400 tty5 linux
#c6:2345:respawn:/sbin/agetty 38400 tty6 linux

And set: 

s0:12345:respawn:/sbin/agetty -L 115200 ttymxc0 linux
Other files
  • Set the correct entry into /etc/fstab with /dev/mmcblk0pX in case of uSD
  • Set your password into /etc/shadow
  • Add your ssh key
  • /etc/ssh/sshd_config put:
    • Banner none
    • AllowUsers root
    • #AcceptEnv LANG LC_*
    • AllowAgentForwarding no
    • AllowTcpForwarding no
    • GatewayPorts no
    • X11Forwarding no
    • PermitRootLogin yes
    • StrictModes yes
    • RhostsRSAAuthentication no
    • HostbasedAuthentication no
    • AuthorizedKeysFile .ssh/authorized_keys
  • Edit and set your network configuration
  • /etc/resolv.conf

nameserver 8.8.8.8 

options timeout:1
  • Into /etc/portage/make.conf put:
CHOST="armv7a-hardfloat-linux-gnueabi"
CFLAGS="-O2 -pipe -mfpu=vfpv4 -mfloat-abi=hard -march=native -mtune=native"
CXXFLAGS="${CFLAGS}"
MAKEOPTS="-j2"
PORTAGE_IONICE_COMMAND="ionice -c 3 -p \${PID}"
PORTAGE_NICENESS="19"
FEATURES="parallel-fetch sandbox fail-clean noman noinfo nodoc"
PORTAGE_RSYNC_EXTRA_OPTS="-z --compress-level=9 -4 --exclude=/metadata/md5-cache --
exclude=/metadata/cache"
LC_MESSAGES=C

CURL_SSL="openssl"
PYTHON_SINGLE_TARGET="python2_7"
PYTHON_TARGETS="python3_4 python2_7"
U_DEVICES="custom-cflags custom-cxxflags"
U_SYSTEM="ipv6 hardened glibc-omitfp cxx minimal nptl zlib threads lzma xz xtpax xattr openrc inotify openmp"
USE="-* ${U_DEVICES} ${U_SYSTEM}"
INPUT_DEVICES="keyboard"
PAX_MARKINGS="XT"
  • echo 'en_US.UTF-8 UTF-8' > /etc/locale.gen
  • Content of /etc/portage/package.use:
app-editors/nano -minimal
app-shells/bash readline
dev-lang/python xml ssl
net-analyzer/wireshark netlink pcap
net-dns/dnsmasq -dhcp -id -inotify
net-misc/wget ipv6 zlib ssl
sys-apps/openrc netifrc
sys-apps/net-tools arp hostname
sys-apps/iproute2 -minimal
sys-apps/kmod tools
sys-apps/hwids udev pci net usb
sys-fs/cryptsetup kernel
sys-process/procps ncurses
System packages
  • emerge –sync
  • emerge -DaNuv world
  • emerge -av hdparm parted iptables dnsmasq ethtool app-misc/screen gentoolkit u-boot-tools net-analyzer/nmap net-misc/bridge-utils net-misc/dhcp net-misc/dibbler net-misc/iperf net-misc/quagga net-misc/radvd net-misc/telnet-bsd sys-power/cpupower sys-process/vixie-cron net-misc/ntp syslog-ng
  • Set the hostname
  • /etc/conf.d/ip* SAVE_ON_STOP=“no”
  • rc-update del keymaps boot;rc-update del netmount;rc-update del termencoding boot
  • rc-update add iptables boot default;rc-update add ip6tables boot default
  • cp /usr/share/zoneinfo/America/La_Paz /etc/localtime
Firewall

iot-gate-imx7-iptables.txt iot-gate-imx7-ip6tables.txt

/etc/sysctl.conf
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.icmp_echo_ignore_broadcasts = 1
kernel.panic = 3
net.ipv6.conf.all.accept_ra=0
net.ipv4.ip_forward = 1
net.ipv6.conf.all.autoconf=0
net.ipv6.conf.default.autoconf=0
net.ipv6.conf.all.accept_ra_defrtr = 0
net.ipv6.conf.default.accept_ra_defrtr = 0
net.ipv6.conf.all.accept_ra = 0
net.ipv6.conf.default.accept_ra = 0
net.ipv4.conf.all.accept_source_route=0
net.ipv4.conf.default.accept_source_route=0
net.ipv4.conf.all.accept_redirects=0
net.ipv4.conf.default.accept_redirects=0
net.ipv4.conf.all.secure_redirects=0
net.ipv4.conf.default.secure_redirects=0

Into the /etc/fstab 

none            /tmp                                            tmpfs   defaults,nosuid,size=32M,mode=1777
none            /var/tmp                                        tmpfs   defaults,nosuid,size=128M,mode=1777
none            /var/lib/ntp                                    tmpfs   defaults,nosuid,size=32M,mode=755,uid=123,gid=123
none            /var/spool/cron/lastrun                         tmpfs   defaults,nosuid,size=1M,mode=750
Tweak

/etc/local.d/baselayout1.start 

echo -e "\033[9;0]" >/dev/console
echo 5 > /proc/sys/vm/laptop_mode
echo 10 > /proc/sys/vm/swappiness
/usr/bin/cpupower frequency-set -g ondemand
change_for_headless_router.txt · Last modified: 2017/12/01 02:14 by admin

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki