docs
Directory actions
More options
Directory actions
More options
docs
Folders and files
| Name | Name | Last commit date | ||
|---|---|---|---|---|
parent directory.. | ||||
AOBOUT:
Headwall is a home gateway, firewall and network bridge that is designed to
run on hardware that is widely available to anyone with an interest in
embedded systems and Linux.
Exampled hardware could be Rasperry Pi, PandaBoard, BeagleBoardor similar
systems that can be purchased over the counter.
The goal of the design of this system is that it should be easy to use and
configure with the technical terms and properties as far as possible, hidden
to the user.
Internally, a goal that as far as possible, verify user inputs and give
guidance during configuration.
All code should pass an HTML5 test from sites with such services to ensure the
function on most browsers.
FUNCTIONAL FEATURES:
* Linux based Home Gateway and Wireless Bridge
* DHCP Server in stand alone mode
* DNS Server in stand alone mode
* DDNS (DNS and DHCP integrated)
* Firewall based on shorewall
* URL outgoing filtering with tracker jump over
* Watchdog (hard) surveillance of network connectivity
* VPN Server for the LAN
* Mass storage CIFS server for the LAN
GUI FEATURES
* lighthttpd web server for device configuration
* PHP and JavaScript for device management
* HTML5 verified code
* Auto scaling of fonts - looks beter on tablets
* Session management, password protection & auto logout
* Wireless setup pages
* Wireless Site Survey dialog
* DNS and DHCP Management pages
* Firewall management pages
* Firewall logs (drop, reject)
* Virtual Hosts management (nat and port orchestration)
* URL blacklist management
* Blacklist rejects statistics
* VPN Management
* CIFS management of attached disks
HISTORY:
In connection with the transition from ADSL in our villa for a 4G modem
for Internet connection, there were some challenges.
The modem (actually a complete CPE with wireless and simple firewall)
from a well-known Chinese manufacturer was initially inside the house
which upset some other equipment with its radio signal disturbance.
The signal strength and thus the transmission rate was also too low.
I found that it got the best signal in our adjacent garage, which in turn led
to a connection problem to get the data traffic into the house again.
The solution was to use the CPE's WiFi to talk to only one client,
a Rasberry Pi with a USB WiFI dongle on the WAN side in a bridge configuration
to a switch and a secondary device for the WiFi in the house.
Gradually took Rasberry Pi (now replaced by a PandaBoard) over more and more
tasks from the CPE which now only serves as a 4G modem with only one remaining
function in the built in firewall, namely to have
30E8
this system in a DMZ zone.
Why all this?
Just for fun!
DEVELOPMENT:
Development Host: Linux Mint 14
Crosstools: buildroot-2013.05 for the ARM architecture
Target systems (the actual bridge/gateway):
Rasperry Pi:
Linux 3.12.23 Debian wheezy version 7
Pandaboard:
Linux 3.10.36 Debian wheezy version 7
(internal wlan not used)
Comment:
Target systems have /var/www NFS exported during development for
convenient access to web pages for editing.
Kernel compilation was done on the host using the Buildroot tool suite.
The console used for the target system has been a serial one connected
with minicom from the host. The Raspberry Pi requires an USB converter
to get the serial port out of the pin header.
For security reason, check the /etc/inittab concering a getty for the
graphical and serial console when the system is deployed as a secure firewall.
Have fun!
erland@hedmanshome.se
www.hedmanshome.se
www.linkedin.com/pub/erland-hedman/1a/a4/b29