System and Network Configurations
ShellFunctions
Systems
af
dalton
imager
joule
Network Topology
Extant Network
Previous Network
Joule runs Debian Linux with Shorewall and OpenVPN.
dalton is similar to Joule.
Software Packages
Dnsmasq
Shorewall
Capabilities
* imager retrieves mail from the ISP using Oberon Mail via POP3 in a stunnel tunnel.
Configuration files in dalton.
# dalton:/etc/dnsmasq.conf
domain-needed
bogus-priv
except-interface=enp2s8
# Systems subnetted via DHCP.
dhcp-range=172.23.7.2,172.23.7.3
# Temporary link to Carnot for netboot and system installation.
# dhcp-range=172.24.1.5,static
# dhcp-host=08:00:20:0e:84:78,172.24.1.5,infinite
# dhcp-option=option:root-path,/export/172.24.1.5/root/
# dhcp-boot=netbsd
# enable-tftp
# tftp-root=/tftpboot
# dalton:/etc/exim4/passwd.client
# password file used when the local exim is authenticating to a remote
# host as a client.
#
# see exim4_passwd_client(5) for more documentation
#
# Example:
### target.mail.server.example:login:password
mail.easthope.ca:peter@easthope.ca:mySecretPassword
Exim4 configuration
Execute
dpkg-reconfigure exim4-config
set smarthost,
mail.easthope.ca::465
and etc.
Then execute,
update-exim4.conf
service exim4 restart
# dalton:/etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
# systemd generates mount units based on this file, see systemd.mount(5).
# Please run 'systemctl daemon-reload' after making changes here.
#
# <file system> <mount point> <type> <options> <dump> <pass>
# / was on /dev/sda1 during installation
# / was on /dev/sda1 during installation
UUID=6d7e62dd-a3fe-49ac-b0a2-2916d33b9eb7 / ext4 errors=remount-ro 0 1
# /home was on /dev/sda5 during installation
UUID=b1ed1667-2daf-471b-b8a0-9e284cadfe78 /home ext4 defaults 0 2
# swap was on /dev/sda3 during installation
UUID=78803715-10b2-4cc0-aa56-1531bf31f349 none swap sw 0 0
/dev/sr0 /media/cdrom0 udf,iso9660 user,noauto 0 0
# Volume for A2.
# /dev/NY /home/root/NY ext2 defaults,user,users,exec,noauto 0 0
/dev/AY /home/root/AY ext2 defaults,user,users,exec,noauto 0 0
# Kingston usb stick.
/dev/KingstonUSB /home/root/USB vfat noauto,umask=000,user,users 0 0
# dalton:/etc/hosts
127.0.0.1 localhost
127.0.1.1 dalton.invalid dalton
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
# Static addresses at UBC.
142.103.107.137 dalton.invalid dalton
142.103.107.138 carnot.invalid carnot
142.103.107.139 sparc.invalid sparc
# dalton:/etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto enp2s8
allow-hotplug enp2s8
iface enp2s8 inet static
address xxx.yyy.107.137
netmask 255.255.255.128
broadcast xxx.yyy.107.255
gateway xxx.yyy.107.254
# Interface to cantor connected by an Ethernet crossover.
auto LocBel7411cc
allow-hotplug LocBel7411cc
iface LocBel7411cc inet static
address 172.24.1.1
netmask 255.255.255.0
# Interface to Toshiba 4000 Web server connected by an Ethernet crossover.
# Reference http://www.shorewall.net/shorewall_setup_guide.htm .
allow-hotplug DmzACS0713
auto DmzACS0713
iface DmzACS0713 inet static
address 172.25.1.1
netmask 255.255.255.0
# Interface to Sparcstation connected by an Ethernet crossover.
allow-hotplug DmzBel00bb74
auto DmzBel00bb74
iface DmzBel00bb74 inet static
address 172.25.2.1
netmask 255.255.255.0
# dalton:/etc/mgetty/mgetty.config
debug 4
data-only y
issue-file /etc/issue.mgetty
# The modem.
port ttyS0
ringback y
ringback-time 15
speed 38400
init-chat "" AT&F1S0=0&B1&H1&R2&D3&C1 OK
# The null-modem cable.
port ttyS1
direct y
speed 38400
toggle-dtr n
Shorewall configuration files are published under the terms of the
GNU Lesser General Public License
as published by the Free Software Foundation.
# dalton:/etc/default/shorewall
startup=1
# dalton:/etc/shorewall/interfaces
#ZONE INTERFACE BROADCAST OPTIONS
net enp2s8 detect dhcp,tcpflags,routefilter,nosmurfs,logmartians
#net wlan0 detect optional,dhcp,tcpflags,routefilter,nosmurfs,logmartian
#dmz Dmz+ detect tcpflags,nosmurfs,routeback
loc enx+ detect tcpflags,nosmurfs,routeback
loc ppp+ detect tcpflags,nosmurfs,routeback
loc br0 detect routeback,bridge
loc tap0 detect tcpflags,nosmurfs,routeback
# This is for the openvpn tunnel.
vpn tun0
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
# dalton:/etc/shorewall/snat
#ACTION SOURCE DEST PROTO PORT
# Rules generated from masq file /etc/shorewall/masq by Shorewall 5.2.3.2 - Mon
#
MASQUERADE 172.23.0.0/16 enp2s8
#MASQUERADE 10.0.2.1/24 br0
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
# dalton:/etc/shorewall/policy
#SOURCE DEST POLICY LOG LEVEL LIMIT:BURST
net all DROP info
$FW all ACCEPT
loc all ACCEPT
#dmz all ACCEPT
#vpn all ACCEPT
# THE FOLLOWING POLICY MUST BE LAST
all all REJECT info
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE
# dalton:/etc/shorewall/proxyarp
#ADDRESS INTERFACE EXTERNAL HAVEROUTE PERSISTENT
142.103.107.138 DmzACS0713 enp2s8 no yes
142.103.107.139 DmzBel00bb74 enp2s8 no yes
# dalton:/etc/shorewall/rules
#ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ MARK
# PORT PORT(S) DEST LIMIT GROUP
SSH/ACCEPT net $FW
# Drop Ping from the "bad" net zone and prevent your log from being flooded.
Ping/DROP net $FW
Ping(ACCEPT) loc $FW
ACCEPT $FW loc icmp
ACCEPT $FW net icmp
ACCEPT net dmz tcp 80
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
# dalton:/etc/shorewall/shorewall.conf, revision from stock
IP_FORWARDING=On
# dalton:/etc/shorewall/tunnels
#TYPE ZONE GATEWAY GATEWAY
# ZONE
# Joule has a dynamic address. No need to cite a dynamic dns.
openvpn net 0.0.0.0/0
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
# dalton:/etc/shorewall/zones
#ZONE TYPE OPTIONS IN OUT
# OPTIONS OPTIONS
fw firewall
net ipv4
loc ipv4
# This zone is for the servers including Carnot.
dmz ipv4
# The tunnel.
vpn ipv4
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
# dalton:/etc/stunnel/stunnel.conf
[pop3]
client = yes
accept = localhost:110
connect = mail.easthope.ca:995
[smtp]
client = yes
accept = localhost:106
connect = mail.easthope.ca:465
[nntp]
client = yes
accept = localhost:119
connect = news.eternal-september.org:563
# /etc/init.d/stunnel4 restart
# dalton:$HOME/.swaksrc
h-Date: %DATE%
h-From: peter@easthope.ca
server ccx.websitewelcome.com:587
#server localhost:25
tls
auth PLAIN
au peter@easthope.ca
ap ...
timeout 6
data /home/peter/MY/Mail.Out.Text
# dalton:/etc/vsftpd.conf, exceptions from stock file.
listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
use_localtime=YES
connect_from_port_20=YES
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/private/vsftpd.pem
ssl_enable=NO
force_dot_files=YES
# dalton:/etc/udev/rules.d/70-persistent-net.rules
# Contemporary Linux names a network device according to hardware identity.
# For example, enp2s8 refers to ;
# and enx0050b60be9be refers to a USB device with MAC address 00.50.b6.0b.e9.be.
# The old problem from devices renamed after reboot is solved
# without udev rules.
# dalton:/etc/udev/rules.d/10-local.rules
# Persistent names for local devices.
# Use a command such as this to find parameters of device.
# udevadm info -a -p $(udevadm info -q path -n /dev/snd/by-id/usb-0d8c_C-Media_USB_Audio_Device-00)
# "udevadm trigger" will activate new rules.
#
# The Sony mylo. This is treated as a floppy which is not partitioned.
# The size of the device and of the parent are the same.(?)
KERNEL=="sd?1", ATTR{size}=="1752512", SYMLINK+="mylo", \
OWNER="peter", GROUP="floppy"
# The Kingston USB. This is partitioned. Consequently the sizes
# of device and parent differ.
KERNEL=="sd?1", ATTR{size}=="499712", SYMLINK+="KingstonUSB", \
OWNER="peter", GROUP="users"
# The green Nexttech SDHC card.
# KERNEL=="sd?1", ATTR{size}=="7215104", SYMLINK+="GRNSDHC41", \
# K OWNER="peter", GROUP="users"
# Another black Kingston SDHC card, 32 GB.
KERNEL=="sd?3", SUBSYSTEM=="block", ATTR{size}=="60028928", \
SYMLINK+="AY", OWNER="root", GROUP="root", MODE="700"
# The USB audio adapter connected to the speakers.
SUBSYSTEM=="sound", ATTRS{idProduct}=="0008", SYMLINK+="USBspeakers"
# The USB audio adapter connected to the headset.
SUBSYSTEM=="sound", ATTRS{idProduct}=="000c", SYMLINK+="USBheadset"
# Install package inetutils-telnetd.
# dalton:/etc/inetd.conf has this line.
telnet stream tcp nowait root /usr/sbin/tcpd /usr/sbin/telnetd -E /bin/bash
Configuration files in imager
# imager:~/.config/openbox/rc.xml
# ...
# Default window location.
<application class="*">
<position> <x>1600</x> <y>0</y> </position>
</application>
<application class="Dillo">
<position> <x>800</x> <y>0</y> </position>
</application>
<application class="Firefox-esr">
<position> <x>0</x> <y>0</y> </position>
</application>
<application name="xterm">
<position> <x>1110</x> <y>30</y> </position>
</application>
</applications>
</openbox_config>
# imager:~/.config/openbox/autostart
# Added by Peter, 2022-03-21.
# Investigate display geometry with
# watch -ptn 0 "xdotool getmouselocation"
#
# Start aos. DisplaySize parameter is in /usr/bin/aos.
(sleep 3s && /home/root/myaos ) &
# Start firefox.
(sleep 6s && firefox -height 900 -width 796 ) &
# Start a terminal.
(sleep 6s && xterm ) &
# Linphone. Preferences > User Interface has a switch to autostart.
# It doesn't work. Ignore it.
(sleep 11s && xterm -e linphone) &
-
# imager:/etc/dma/auth.conf
#
# SMTP authentication entries (currently AUTH LOGIN only)
# Format: user|my.smarthost.example.com:password
peter@easthope.ca|localhost:mySecretPassword
-
# imager:/etc/dma/dma.conf
#
SMARTHOST localhost
MAILNAME /etc/mailname
-
# imager:/etc/dnsmasq.conf
domain-needed
bogus-priv
except-interface=eno1
# Systems subnetted via DHCP.
dhcp-range=172.23.7.2,172.23.7.3
-
# imager:/etc/exim4/passwd.client # exim not currently used.
# password file used when the local exim is authenticating to a remote
# host as a client.
#
# see exim4_passwd_client(5) for more documentation
#
# Example:
### target.mail.server.example:login:password
# mail.easthope.ca:peter@easthope.ca:mySecretPassword
Exim4 configuration
Execute
dpkg-reconfigure exim4-config
set smarthost,
mail.easthope.ca::465
and etc.
Then execute,
update-exim4.conf
service exim4 restart
# imager:/etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
# systemd generates mount units based on this file, see systemd.mount(5).
# Please run 'systemctl daemon-reload' after making changes here.
#
#
# / was on /dev/sda1 during installation
UUID=6d7e62dd-a3fe-49ac-b0a2-2916d33b9eb7 / ext4 errors=remount-ro 0 1
# /home was on /dev/sda5 during installation
UUID=b1ed1667-2daf-471b-b8a0-9e284cadfe78 /home ext4 defaults 0 2
# swap was on /dev/sda3 during installation
UUID=78803715-10b2-4cc0-aa56-1531bf31f349 none swap sw 0 0
/dev/sr0 /media/cdrom0 udf,iso9660 user,noauto 0 0
# Volume for A2.
/dev/NY /home/root/NY ext2 defaults,user,users,exec,noauto 0 0
# Kingston usb stick.
/dev/KingstonUSB /home/root/USB vfat noauto,umask=000,user,users 0 0
# imager:/etc/hosts
127.0.0.1 localhost
127.0.1.1 imager.invalid imager
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
# A static address link for af.
172.23.4.1 imager.invalid imager
172.23.4.2 af.invalid af
# A static address link for heaviside.
172.23.5.1 imager.invalid imager
172.23.5.2 heaviside.invalid heaviside
#imager:/etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
allow-hotplug eth0
auto eth0
iface eth0 inet dhcp
# post-up /sbin/ip link set $IFACE mtu 1500
# Private subnets at home.
# The interface to af
auto enx0050b60be9be
allow-hotplug enx0050b60be9be
iface enx0050b60be9be inet static
address 172.23.4.1
netmask 255.255.255.0
# The interface to heaviside
# auto enx0050b60be9be
# allow-hotplug enx0050b60be9be
# iface enx0050b60be9be inet static
# address 172.23.5.1
# netmask 255.255.255.0
# Interface to QEMU ETH Oberon guest.
allow-hotplug br0
auto br0
iface br0 inet static
address 172.23.8.1
netmask 255.255.255.0
# An interface for PPP.
# allow-hotplug ??
#iface Loc?? inet static
# address 172.23.6.1
# netmask 255.255.255.0
# An interface for local DHCP. Addresses allocated in /etc/dnsmasq.conf.
#allow-hotplug ??
#iface Loc?? inet static
# address 172.23.7.1
# netmask 255.255.255.0
# cat imager:/etc/rc.d/rc.local
#this file called from rc.sysinit in EasyOS
#you can edit this file
# Added 2026.01.29 to automount my working SD card and HDD in EasyOS.
# Working SD card.
mkdir /mnt/A
mount "$(blkid --uuid 40d81969-8f9d-4964-b214-87bcf273192a)" /mnt/A
# HDD in imager.
mkdir /mnt/B
mount "$(blkid --uuid b1ed1667-2daf-471b-b8a0-9e284cadfe78)" /mnt/B
Shorewall configuration files are published under the terms of the
GNU Lesser General Public License
as published by the Free Software Foundation.
# imager:/etc/default/shorewall
startup=1
OPTIONS=""
STARTOPTIONS=""
RESTARTOPTIONS=""
RELOADOPTIONS=""
STOPOPTIONS=""
INITLOG=/dev/null
SAFESTOP=0
# imager:/etc/shorewall/interfaces
#ZONE INTERFACE BROADCAST OPTIONS
net eno1 detect optional,dhcp,tcpflags,routefilter,nosmurfs,logmartians
loc enx+ detect tcpflags,nosmurfs,routeback
loc ppp+ detect tcpflags,nosmurfs,routeback
loc br0 detect tcpflags,nosmurfs,routeback
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
# imager:/etc/shorewall/snat
#ACTION SOURCE DEST PROTO PORT
# All local subnets are masqueraded.
MASQUERADE 172.23.0.0/16 eno1
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE
# imager:/etc/shorewall/policy
#SOURCE DEST POLICY LOG LEVEL LIMIT:BURST
net all DROP info
$FW all ACCEPT
loc all ACCEPT
#vpn all ACCEPT
# THE FOLLOWING POLICY MUST BE LAST
all all REJECT info
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE
# imager:/etc/shorewall/rules
# PROTO refers to the transport and session layer of the
# OSI model rather than
# to the application layer. So most of these PROTOs are tcp.
# PROTO is not explicit where a macro is used.
# Stock macros are defined in /usr/share/shorewall/*.
#ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ MARK
# PORT PORT(S) DEST LIMIT GROUP
# Accept SSH connections from the local network and from the net for administration
SSH/ACCEPT net $FW
# Drop Ping from the "bad" net zone and prevent your log from being flooded.
Ping/DROP net $FW
ACCEPT $FW loc icmp
ACCEPT $FW net icmp
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
# imager:/etc/shorewall/shorewall.conf, revision from stock
IP_FORWARDING=On
# imager:/etc/shorewall/zones
#ZONE TYPE OPTIONS IN OUT
# OPTIONS OPTIONS
fw firewall
net ipv4
loc ipv4
#vpn ipv4
#LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE
# imager:/etc/stunnel/stunnel.conf
[pop3]
client = yes
accept = localhost:110
connect = mail.easthope.ca:995
[smtp]
client = yes
accept = localhost:106
connect = mail.easthope.ca:465
[nntp]
client = yes
accept = localhost:119
connect = news.eternal-september.org:563
# /etc/init.d/stunnel4 restart
# imager:/etc/udev/rules.d/70-persistent-net.rules
# The old problem from Ethernet devices renamed after reboot
# is solved without additional udev rules.
# Udev rules to create persistent names for storage devices.
# The document in wiki.archlinux.org is helpful.
# Use a command such as this to find parameters of device.
# udevadm info -a -p $(udevadm info -q path -n /dev/sdb1)
# "udevadm trigger" will activate new rules.
# 2nd part of the primary hdd.
KERNEL=="sd?2", ATTR{size}=="16883712", SYMLINK+="Oberon", \
OWNER="root", GROUP="root"
# The Kingston 512 MB CF card in the USB adapter.
KERNEL=="sd?", ATTR{size}=="1018080", SYMLINK+="KingstonCF", \
OWNER="peter", GROUP="peter"
# The Kingston 512 MB CF card, first part.
KERNEL=="sd?1", ATTR{size}=="205632", SYMLINK+="KingstonCF1", \
OWNER="peter", GROUP="peter"
# The SanDisk 512 MB CF card.
KERNEL=="sd?", ATTR{size}=="1000944", SYMLINK+="SanDiskCF", \
OWNER="peter", GROUP="users"
# Formatted with one VFAT.
KERNEL=="sd?1", ATTR{size}=="997376", SYMLINK+="SanDiskCF1", \
OWNER="peter", GROUP="users"
# Formatted with two VFATs.
KERNEL=="sd?1", ATTR{size}=="205569", SYMLINK+="SanDiskCF1", \
OWNER="peter", GROUP="users"
KERNEL=="sd?2", ATTR{size}=="795312", SYMLINK+="SanDiskCF2", \
OWNER="peter", GROUP="users"
# CF adapter containing an 8 GB Kingston SD card.
#KERNEL=="sd?", SUBSYSTEM=="block", SUBSYSTEMS=="scsi", \
#ATTRS{model}=="?", SYMLINK+="CFadapter8GB", \
# OWNER="peter", GROUP="users"
# SanDisk 4 GB CF card.
KERNEL=="sd?", SUBSYSTEM=="block", SUBSYSTEMS=="scsi", \
ATTRS{model}=="SanDisk SDCFH2-0", SYMLINK+="SanD4GB", \
OWNER="peter", GROUP="peter"
# The Sony mylo. This is treated as a floppy which is not partitioned.
# The size of the device and of the parent are the same.(?)
KERNEL=="sd?1", ATTR{size}=="1752512", SYMLINK+="mylo", \
OWNER="peter", GROUP="floppy"
# The green Nexttech SDHC card.
KERNEL=="sd?1", ATTR{size}=="7835648", SYMLINK+="MY", \
OWNER="root", GROUP="root"
# The black Kingston SDHC card, 4 GB, marked on the back
# AC00EN17A52, 3500007-002:ADOLF, 061112.
#KERNEL=="sd?1", ATTR{size}=="7208960", SYMLINK+="BLACKSDHC41", \
# OWNER="peter", GROUP="users"
# The black Kingston SDHC card, 8 GB, marked on the back
# 330-100000-176, 3500007-002:ADOLF, 042814.
#KERNEL=="sd?1", ATTR{size}=="15114240", SYMLINK+="BLACKSDHC81", \
# OWNER="peter", GROUP="users"
# The black Kingston SDHC card, 8 GB, marked 31560-021.ADOLF
#KERNEL=="sd?1", ATTR{size}=="15261696", SYMLINK+="MOTION", \
# OWNER="peter", GROUP="users"
# The black Kingston SDHC card, 8 GB, industrial grade.
KERNEL=="sd?1", SUBSYSTEM=="block", ATTR{size}=="15695872", \
SYMLINK+="NY", OWNER="root", GROUP="root"
# The Kingston USB.
KERNEL=="sd?1", SUBSYSTEM=="block", ATTR{size}=="499712", \
SYMLINK+="KingstonUSB", OWNER="root", GROUP="root"
# Partition in Hitachi drive in Inspiron 1150.
KERNEL=="sd?4", ATTR{size}=="202752", SYMLINK+="HitachiP4", \
OWNER="peter", GROUP="users"
# A 250 MiB Zip disk.
#KERNEL=="sd?1", ATTR{size}=="489440", SYMLINK+="ZIP250", \
# OWNER="peter", GROUP="users"
# A 100 MiB Zip disk.
#KERNEL=="sd?1", ATTR{size}=="196576", SYMLINK+="ZIP100", \
# OWNER="peter", GROUP="users"
# imager:/etc/vsftpd.conf.
listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
ssl_enable=NO
force_dot_files=YES
# Install package inetutils-telnetd.
# imager:/etc/inetd.conf has this line.
telnet stream tcp nowait root /usr/sbin/tcpd /usr/sbin/telnetd -a none -E /bin/bash
# imager:~/.xsessionrc
xrandr --output HDMI-3 --primary --mode 1600x900 --pos 0x0
xrandr --output VGA-1 --mode 1280x1024 --pos 1600x0
Configuration files in joule
# joule:~/.config/openbox/rc.xml
# ...
# Default window location.
<application class="*">
<position> <x>1600</x> <y>0</y> </position>
</application>
<application class="Dillo">
<position> <x>800</x> <y>0</y> </position>
</application>
<application class="Firefox-esr">
<position> <x>0</x> <y>0</y> </position>
</application>
<application name="xterm">
<position> <x>1110</x> <y>30</y> </position>
</application>
</applications>
</openbox_config>
# joule:~/.config/openbox/autostart
# Added by Peter, 2022-03-21.
# Investigate display geometry with
# watch -ptn 0 "xdotool getmouselocation"
#
# Start aos. DisplaySize parameter is in /usr/bin/aos.
(sleep 3s && /home/root/myaos ) &
# Start firefox.
(sleep 6s && firefox -height 900 -width 796 ) &
# Start a terminal.
(sleep 6s && xterm ) &
# joule:/etc/dnsmasq.conf
domain-needed
bogus-priv
except-interface=eno1
# Systems subnetted via DHCP.
dhcp-range=172.23.7.2,172.23.7.3
# joule:/etc/exim4/passwd.client
# password file used when the local exim is authenticating to a remote
# host as a client.
#
# see exim4_passwd_client(5) for more documentation
#
# Example:
### target.mail.server.example:login:password
mail.easthope.ca:peter@easthope.ca:mySecretPassword
Exim4 configuration
Execute
dpkg-reconfigure exim4-config
set smarthost,
mail.easthope.ca::465
and etc.
Then execute,
update-exim4.conf
service exim4 restart
# joule:/etc/hosts
127.0.0.1 localhost
127.0.1.1 joule.invalid joule
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.23.5.1 joule.invalid joule
172.23.5.2 heaviside.invalid heaviside
#joule:/etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eno1
allow-hotplug eno1
iface eno1 inet dhcp
# post-up /sbin/ip link set $IFACE mtu 1500
# Private subnets at home.
# The interface to heaviside
auto enx0050b60be9be
allow-hotplug enx0050b60be9be
iface enx0050b60be9be inet static
address 172.23.5.1
netmask 255.255.255.0
# Interface to QEMU ETH Oberon guest.
auto br0
allow-hotplug br0
iface br0 inet static
address 172.23.8.1
netmask 255.255.255.0
# An interface for PPP.
# allow-hotplug ??
#iface Loc?? inet static
# address 172.23.6.1
# netmask 255.255.255.0
# An interface for local DHCP. Addresses allocated in /etc/dnsmasq.conf.
#allow-hotplug ??
#iface Loc?? inet static
# address 172.23.7.1
# netmask 255.255.255.0
Shorewall configuration files are published under the terms of the
GNU Lesser General Public License
as published by the Free Software Foundation.
# joule:/etc/default/shorewall
startup=1
OPTIONS=""
STARTOPTIONS=""
RESTARTOPTIONS=""
RELOADOPTIONS=""
STOPOPTIONS=""
INITLOG=/dev/null
SAFESTOP=0
# joule:/etc/shorewall/interfaces
#ZONE INTERFACE BROADCAST OPTIONS
net eno1 detect optional,dhcp,tcpflags,routefilter,nosmurfs,logmartians
loc enx+ detect tcpflags,nosmurfs,routeback
loc ppp+ detect tcpflags,nosmurfs,routeback
loc br0 detect tcpflags,nosmurfs,routeback
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
# joule:/etc/shorewall/snat
#ACTION SOURCE DEST PROTO PORT
# All local subnets are masqueraded.
MASQUERADE 172.23.0.0/16 eno1
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE
# joule:/etc/shorewall/policy
#SOURCE DEST POLICY LOG LEVEL LIMIT:BURST
net all DROP info
$FW all ACCEPT
loc all ACCEPT
#vpn all ACCEPT
# THE FOLLOWING POLICY MUST BE LAST
all all REJECT info
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE
# joule:/etc/shorewall/rules
# PROTO refers to the transport and session layer of the
# OSI model rather than
# to the application layer. So most of these PROTOs are tcp.
# PROTO is not explicit where a macro is used.
# Stock macros are defined in /usr/share/shorewall/*.
#ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ MARK
# PORT PORT(S) DEST LIMIT GROUP
# Accept SSH connections from the local network and from the net for administration
SSH/ACCEPT net $FW
# Drop Ping from the "bad" net zone and prevent your log from being flooded.
Ping/DROP net $FW
ACCEPT $FW loc icmp
ACCEPT $FW net icmp
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
# joule:/etc/shorewall/shorewall.conf, revision from stock
IP_FORWARDING=On
# joule:/etc/shorewall/snat
#ACTION SOURCE DEST PROTO PORT
# Rules generated from masq file /etc/shorewall/masq by Shorewall 5.2.3.2 - Mon
#
MASQUERADE 172.23.0.0/16 eno1