#!/bin/bash # Please support the Radados linux project. http://www.Radados.org # IPcop does not ship with RAID1 support. I like to use RAID1 for my firewalls because IPcop only needs about 5G to work and you cannot buy new hard drives that small. # It is a waste to use a large hard drive when there are so many small older drives that would work just fine so if you use older drives RAID1 is a good idea. # I used Radados linux for this but another live CD may work. The kernel must be recompiled and custom IPcop modules, # like IP filters for h323 are missing because I tried many times to follow the IPcop directions to build the # IPcop source files but it dies with errors every time. # I had to download and compile IPcop 1.4.20 from source to get a working kernel with RAID1. I am keeping a copy of that kernel on my server to use with this script. # This script will download and save a copy of the RAID1 kernel to the local drive. # If you can, run this script from a USB thumb drive, it save time if you want to do this to another system. # Steps # 1) Install two IDE hard drives as HDA and HDB to your new firewall # 2) Install IPcop 1.4.20 to the HDA (other versions of IPcop may need to adjust this script) # 3) Reboot with a Radados live CD # 4) At the Radados desktop press Ctrl+Alt+t for a terminal # 5) Run [ sudo su ] to become root and then run this script # This script will first look to see if you have a RAID1 enabled kernel in this directory already, if not it will try to download it. # mount the new partitions and the old partitions and copy files over. # I like to use tar to copy because I trust it better for preserving the files even in a busybox shell mkdir /mnt/ipcop.root mount /dev/hda4 /mnt/ipcop.root mkdir /mnt/ipcop.boot mount /dev/hda1 /mnt/ipcop.boot mkdir /mnt/ipcop.var.log mount /dev/hda2 /mnt/ipcop.var.log IPCOP_VER="1.4.20" ORIG_DIR=`pwd` # KERNEL_VER=`ls -1 /mnt/ipcop.boot/vmlinuz*2*smp | cut -d\- -f2` KERNEL_VER="2.4.36-smp" rm -rf /mnt/ipcop.boot/vml* rm -rf /mnt/ipcop.root/lib/modules/* if [ ! -f "ipcop-1.4.20-kernel-2.4.36-smp-raid1.tbz" ]; then wget http://www.SiliconTao.com/software/IPcop/ipcop-1.4.20-kernel-2.4.36-smp-raid1.tbz -O ipcop-1.4.20-kernel-2.4.36-smp-raid1.tbz fi dd if=/dev/zero of=/dev/hdb bs=4096 sfdisk -d /dev/hda | sed -e 's/Id=83/Id=fd/' | sfdisk -f /dev/hdb # use cfdisk on hdb to change partitions to type FD (Linux RAID autodetect) # RUN: mdadm --create /dev/md0 --run --level=1 --raid-devices=2 /dev/hdb1 missing mdadm --create /dev/md1 --run --level=1 --raid-devices=2 /dev/hdb2 missing mdadm --create /dev/md2 --run --level=1 --raid-devices=2 /dev/hdb4 missing mkfs.ext3 /dev/md0 mkfs.ext3 /dev/md1 mkfs.ext3 /dev/md2 mkdir /mnt/ipcop.raid1 mount -o dev /dev/md1 /mnt/ipcop.raid1 cd /mnt/ipcop.root tar cf - ./ | tar xvf - -C /mnt/ipcop.raid1 mount -o dev /dev/md0 /mnt/ipcop.raid1/boot cd /mnt/ipcop.boot tar cf - ./ | tar xvf - -C /mnt/ipcop.raid1/boot mount -o dev /dev/md2 /mnt/ipcop.raid1/var/log cd /mnt/ipcop.var.log tar cf - ./ | tar xvf - -C /mnt/ipcop.raid1/var/log cd "$ORIG_DIR" tar xvfj ipcop-1.4.20-kernel-2.4.36-smp-raid1.tbz -C /mnt/ipcop.raid1/ chroot /mnt/ipcop.raid1/ depmod # New IPcop will need some helper programs from Radados touch /etc/lilo.conf dpkg -i /cdrom/debian/installer_cd/dists/prospector/main/binary-i386/base/lilo_22.6.1-4_i386.deb cp /sbin/mdadm /mnt/ipcop.raid1/sbin cp /sbin/lilo /mnt/ipcop.raid1/sbin cp /sbin/lilo.real /mnt/ipcop.raid1/sbin/ cp /lib/libdevmapper.so.1.00 /mnt/ipcop.raid1/lib/ # Write a lilo.conf file cat > /mnt/ipcop.raid1/etc/lilo.conf << END lba32 raid-extra-boot=/dev/hda,/dev/hdb boot=/dev/md0 install=/boot/boot.b backup=/dev/null map=/boot/map prompt timeout=100 default=IPcop image=/boot/vmlinuz-$KERNEL_VER append="lang=en apm=power-off quiet" # initrd=/boot/initrd-$KERNEL_VER.img root=/dev/md1 vga=6 label=IPcop read-only END # Something was using the ipcop mounts, wait for it to end cd # remove the original install and build back the RAID ERROR=1 while [ $ERROR -ne 0 ]; do sleep 3 umount /mnt/ipcop.boot ERROR=$? done ERROR=1 while [ $ERROR -ne 0 ]; do sleep 3 umount /mnt/ipcop.var.log ERROR=$? done ERROR=1 while [ $ERROR -ne 0 ]; do sleep 3 umount /mnt/ipcop.root ERROR=$? done # Don't need and initrd for this but I left the code incase it needs it in a future version of IPcop. dd if=/dev/zero of=/dev/hda bs=4096 sfdisk -d /dev/hdb | sfdisk -f /dev/hda sleep 2 mdadm --add /dev/md0 /dev/hda1 sleep 2 mdadm --add /dev/md1 /dev/hda2 sleep 2 mdadm --add /dev/md2 /dev/hda4 sleep 2 cp -ra /dev/md? /mnt/ipcop.raid1/dev/ # Build a very minimal initrd image. IMAGE_SIZE=4096 dd if=/dev/zero of=/mnt/ipcop.raid1/raw_image bs=1k count=$IMAGE_SIZE mkfs.ext2 -F -m 0 -i 1024 -q /mnt/ipcop.raid1/raw_image mkdir ~/image_mnt mount -o loop /mnt/ipcop.raid1/raw_image ~/image_mnt mkdir ~/image_mnt/bin mkdir ~/image_mnt/dev mkdir ~/image_mnt/lib mkdir ~/image_mnt/sbin cp /mnt/ipcop.raid1/bin/bash ~/image_mnt/bin cp /mnt/ipcop.raid1/sbin/mdadm ~/image_mnt/sbin cp /mnt/ipcop.raid1/lib/libncurses.so.5 ~/image_mnt/lib cp /mnt/ipcop.raid1/lib/libdl.so.2 ~/image_mnt/lib cp /mnt/ipcop.raid1/lib/libc.so.6 ~/image_mnt/lib cp /mnt/ipcop.raid1/lib/ld-linux.so.2 ~/image_mnt/lib cp -ra /dev/md? ~/image_mnt/dev/ cp -ra /dev/tty ~/image_mnt/dev/ cp -ra /dev/tty? ~/image_mnt/dev/ cp -ra /dev/hd* ~/image_mnt/dev/ cp -ra /dev/sd* ~/image_mnt/dev/ cp -ra /dev/null ~/image_mnt/dev/ cp -ra /dev/zero ~/image_mnt/dev/ cp -ra /dev/mem ~/image_mnt/dev/ cp -ra /dev/ram* ~/image_mnt/dev/ cp -ra /dev/kmem ~/image_mnt/dev/ cp -ra /dev/initrd ~/image_mnt/dev/ cp -ra /dev/console ~/image_mnt/dev/ cp -ra /dev/core ~/image_mnt/dev/ cp -ra /dev/cloop* ~/image_mnt/dev/ cp -ra /dev/loop* ~/image_mnt/dev/ cp -ra /dev/lp* ~/image_mnt/dev/ cp -ra /dev/random ~/image_mnt/dev/ cp -ra /dev/std* ~/image_mnt/dev/ cat > ~/image_mnt/linuxrc << END #!/bin/bash echo "IPcop with RAID1 initrd" /sbin/mdadm --assemble /dev/md0 /dev/hda1 /dev/hdb1 /sbin/mdadm --assemble /dev/md1 /dev/hda2 /dev/hdb2 /sbin/mdadm --assemble /dev/md2 /dev/hda4 /dev/hdb4 END chmod 755 ~/image_mnt/linuxrc umount ~/image_mnt/ gzip -9 /mnt/ipcop.raid1/raw_image mv /mnt/ipcop.raid1/raw_image.gz /mnt/ipcop.raid1/boot/initrd-$KERNEL_VER.img chroot /mnt/ipcop.raid1/ lilo if [ $? -ne 0 ]; then echo "Lilo failed, fix it" bash fi cat /mnt/ipcop.raid1/etc/fstab echo "------------------------------------------" cat /mnt/ipcop.raid1/etc/fstab | sed -e 's/^\/dev\/root/\/dev\/md1/' > /mnt/ipcop.raid1/etc/fstab.swp cat /mnt/ipcop.raid1/etc/fstab.swp > /mnt/ipcop.raid1/etc/fstab #cat /mnt/ipcop.raid1/etc/fstab #echo "------------------------------------------" cat /mnt/ipcop.raid1/etc/fstab | sed -e 's/^\/dev\/harddisk4/\/dev\/md1/' > /mnt/ipcop.raid1/etc/fstab.swp cat /mnt/ipcop.raid1/etc/fstab.swp > /mnt/ipcop.raid1/etc/fstab #cat /mnt/ipcop.raid1/etc/fstab #echo "------------------------------------------" cat /mnt/ipcop.raid1/etc/fstab | sed -e 's/^\/dev\/harddisk1/\/dev\/md0/' > /mnt/ipcop.raid1/etc/fstab.swp cat /mnt/ipcop.raid1/etc/fstab.swp > /mnt/ipcop.raid1/etc/fstab #cat /mnt/ipcop.raid1/etc/fstab #echo "------------------------------------------" cat /mnt/ipcop.raid1/etc/fstab | sed -e 's/^\/dev\/harddisk2/\/dev\/md2/' > /mnt/ipcop.raid1/etc/fstab.swp cat /mnt/ipcop.raid1/etc/fstab.swp > /mnt/ipcop.raid1/etc/fstab rm -rf /mnt/ipcop.raid1/dev/harddisk* /mnt/ipcop.raid1/dev/root echo "Check the etc/fstab file" cat /mnt/ipcop.raid1/etc/fstab watch "echo Watch the RAID1 build, when done Ctrl+c to finish; cat /proc/mdstat" echo "If all went well you should now be able to reboot" umount /mnt/ipcop.raid1/boot umount /mnt/ipcop.raid1/var/log umount /mnt/ipcop.raid1