I took delivery of my Sheeva Plug Sata Multi today. I bought it yesterday online and it came first thing this morning. Indeed I made a mistake on the order when I bought it with an EU plug so I emailed and then called NewIT who were very helpful and changed over the order without any fuss.
If you remember from my previous post I wanted this device to run a network content filter, Squid and Dansguardian and also to take control of the network I have at home. I therefore, went for the 8GB SD card with Ubuntu 9.04 pre-installed. I will take an image of this before I start to play with it although one can be downloaded from the NewIT website if I need to. I also went for the Sata version so that I can add hard disk space to the device in the future to make it into a NAS drive as well as a network content filter.
First Steps
So my first step was to simply plug the device into my home network, a very simple task of plugging in a network cable and plugging in the power.
I then logged onto my router which currently runs my DHCP and found that a device called Ubuntu had been given an IP address.
Opening up Putty (My preferred SSH client) and ssh’ing to the ip address, I was able to log into the device with the root login and the default password of ‘nosoup4u’
The first impression of the device while navigating around the system via SSH and running the ‘top –d1’ command seemed to be fairly quick, ok the device is not doing anything other than running base Ubuntu but still a good sign at this stage.
I also ran ‘free -m’ which showed 472mb of free memory and df –f to find the free disk space showed:
Filesystem Size Used Avail Use% Mounted on tmpfs 251M 0 251M 0% /lib/init/rw varrun 251M 36K 251M 1% /var/run varlock 251M 0 251M 0% /var/lock udev 251M 116K 251M 1% /dev tmpfs 251M 0 251M 0% /dev/shm rootfs 7.4G 443M 6.6G 7% /
All looks in order and I was ready to start playing with the system to see what it could do, but first I wanted to take an image of the system as a backup.
Imaging the SD Disk
I was not sure how I was going to do this so I did a little bit of research for the best method, but I plumped for a simple TAR of the whole system using linux its self:
tar cvpzf backup.tgz --exclude=/backup.tgz /
remembering to exclude the backup file its self otherwise it would get into some sort of loop! The tar of the whole system took only 2 minutes and created a file that was 135 Mb. I then sent this across to my Western Digital MyBookWorld NAS drive which has a hacked Linux operating system on it
scp backup.tgz root@xxx.xxx.xxx.xxx:/shares/internal/backups/
Happy that I had a backup of the system I then went ahead with a system update before trying a setup of Dansguardian.
System update
I ran apt-get update and then apt-get upgrade and upgraded the whole system. It wanted to upgrade the following:
The following packages will be upgraded: root@ubuntu:/# apt-get upgrade Reading package lists... Done Building dependency tree Reading state information... Done cron dhcp3-client dhcp3-common dpkg file gzip language-pack-en language-pack-en-base libcurl3-gnutls libgnutls26 libkrb53 libldap-2.4-2 libmagic1 libnewt0.52 libpam-modules libpam-runtime libpam0g libsasl2-2 libsasl2-modules libsqlite3-0 libssl0.9.8 libvolume-id1 libxcb1 lsb-base lsb-release ntpdate openssl perl perl-base perl-modules sudo tzdata udev wget whiptail 35 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Need to get 18.2MB of archives. After this operation, 1565kB of additional disk space will be used.
This process was again fairly quick taking just 5 minutes most of which was taken downloading the 18mb as Karoo Internet is simply rubbish!
I restarted the device just to check everything was still ok
Shutdown –r now
It took less than a minute to start back up and was back with me.
I then changed the root password ‘passwd’ and I was ready to start my install of dansguardian.
Install of Dansguardian
The setup I wanted was one with Squid for the proxy, ClamAV for virus scanning and then Dansguardian for the content filtering. I followed a tutorial guide on how to forge
http://www.howtoforge.com/squid-proxy-server-on-ubuntu-9.04-server-with-dansguardian-clamav-and-wpad-proxy-auto-detection
but I would skip the auto-detection part as I did not need this and could always add it at a later date.
The first step is to install ClamAV
apt-get install clamav-daemon clamav-freshclam
I then needed to edit the ClamAV conf file so I ran
Vim /etc/clamav/freshclam.conf
And found that vim was not installed so I installed it
Apt-get install vim
Once installed I could then edit the conf file above. FreshClam is the part of ClamAV that downloads the new virus definitions. The config file contains a line ‘checks 24’ which indicates that FreshClam will check for new definitions 24 times a day or once every hour. I decided that would be adequate o accepted the default values, So my freshclam.conf file looks like this:
# Automatically created by the clamav-freshclam postinst # Comments will get lost when you reconfigure the clamav-freshclam package
DatabaseOwner clamav UpdateLogFile /var/log/clamav/freshclam.log LogVerbose false LogSyslog false LogFacility LOG_LOCAL6 LogFileMaxSize 0 LogTime no Foreground false Debug false MaxAttempts 5 DatabaseDirectory /var/lib/clamav/ DNSDatabaseInfo current.cvd.clamav.net AllowSupplementaryGroups false PidFile /var/run/clamav/freshclam.pid ConnectTimeout 30 ReceiveTimeout 30 ScriptedUpdates yes CompressLocalDatabase no NotifyClamd /etc/clamav/clamd.conf # Check for new database 24 times a day Checks 24 DatabaseMirror db.local.clamav.net DatabaseMirror database.clamav.net
You then need to restart ClamAV
/etc/init.d/clamav-freshclam restart
It was then time to install Squid, again an easy process with apt
apt-get install squid
Then to make some modifications to the squid conf files:
Vim /etc/squid/squid.conf
Just adding ‘http_port 3128’ to the bottom of the file and then restart squid
/etc/init.d/squid reload
Finally it was the turn of Dansguardian, again a simple task using apt:
apt-get install dansguardian
Again some modifications to the dansguardian conf files
Vim /etc/dansguardian/dansguardian.conf
I simply added my SheevaPlug Server IP address to the ‘filterip =’ line
Uncommented the line:
contentscanner = '/etc/dansguardian/contentscanners/clamav.conf'
to enable the ClamAV virus Scanning and then commented out the line:
#UNCONFIGURED - Please remove this line after configuration
Then restarted dansguardian:
/etc/init.d/dansguardian restart
Testing the install
The system was then ready and I added the proxy settings to my web browser with the address of the SheevaPlug server and then a port of 8080
I then tried Google which was accessed no problem, and then google’d for some adult terms which were blocked.
I do not like the default ‘blocked site’ template that dansguardian uses but I am sure I can change that as it looks like a simple HTML page.
I also need to re-configure the router to stop it handing out ip addresses and limit access to it to the ipaddress of the Sheevaplug and then add DHCP to the sheevaplug but I will carry on with this at a later date.
The SheevaPlug review
I am very pleased with how well this has gone and the performance of the Sheevaplug. I will continue to use this content filtering on my own laptop to see how it goes and test the performance of the Sheevaplug. The first impressions and results are very good indeed.
EDIT:
I should have given a link to NewIT who sell these little SheevaPlug systems they can be found at http://www.newit.co.uk defiantly worth a try.
Related posts:
- Disk Space Monitor Bash Script For Linux Having setup the media storage and samba shares on the network at home, I do loose some control via windows of monitoring the space left...
- Home Computer Network Finally Finished Recently I have posted about my tribulations with setting up my perfect network at home. A quick re-cap is that we have two Windows Media...
- Media Centre And Network Storage Solution I have spent the past week moving 100′s of terabytes of data from disk to disk, trying to find the best solution for the central...
