Custom m0n0wall image hacking how-to Custom, hacking, image

jacky

  NOTE: This document references FreeBSD 4.10 and m0n0wall 1.1b15.
Your mileage may vary if using different versions.

First you need to install FreeBSD 4.10. You can get it at ftp://ftp.freebsd.org.

This document doesn’t explain how to install FreeBSD, their documentations
is very extensive on their website.

So once you have a working environment, you need to create a work directory.
I prefer to do all the dirty work in my $HOME. I created a ~/devel directory
and a change/system subdirectories.

# cd $HOME
# mkdir devel
# mkdir devel/change
# mkdir devel/system

Enter your new hacking environment!

# cd devel

Now let’s fetch the m0n0wall image we require to hack this custom image of
ours. We’ll get it using wget, it might not be installed, install it using
the ports collections or the packages.

# wget http://m0n0wall.cac.net/download/m0n0wall/generic-pc-1.1b15.img

Most of the interesting files that can be customized reside in mfsroot.gz
in the root of the image. So the next example will show how to edit those
files.

Rename the downloaded file.

# mv generic-pc-1.1b15.img generic-pc-1.1b15.img.gz

Decompress the file.

# gzip -d generic-pc-1.1b15.img.gz

In Linux, you would use ‘mount -o loop imagefile /mount/point’ to mount the image.
In FreeBSD, you need to create a virtual device, then mount that virtual
device. Here’s how it’s done.

# vnconfig -s labels -c vn0 generic-pc-1.1b15.img
# mount /dev/vn0a system/

Copy mfsroot.gz to another directory for editing.

# cp system/mfsroot.gz change/

Now, we’re going to unmount the image.

# umount system/

We’ll remove the virtual device.

# vnconfig -u vn0

Now, we have a copy of the file system, we need to decompress it.

# gzip -d change/mfsroot.gz

Since we can’t access the filesytem in the image, we need to mount it first.

# vnconfig -s labels -c vn0 change/mfsroot
# mount /dev/vn0 system/

We are now able to edit the m0n0wall image. Most of the interesting stuff is under
~/usr/local/www. Once you have edited your files, go back to $HOME/devel.

# cd $HOME/devel

*** WARNING: If you try to unmount the image while being in the filesystem, it will create
problems, you might have to start all over again! ***

Now we’re ready to unmount everything and repackage the custom image.

# umount system/
# vnconfig -u vn0

We need to compress our new mfsroot filesystem, and copy it back in the image.

# gzip -9 change/mfsroot
# vnconfig -s labels -c vn0 generic-pc-1.1b15.img
# mount /dev/vn0a system/
# cp change/mfsroot.gz system/
# umount system/
# vnconfig -u vn0

Last step, recompressing the image.

# gzip -9 generic-pc-1.1b15.img
# mv generic-pc-1.1b15.img.gz generic-pc-1.1b15.img

You are now ready to upload your custom image to your m0n0wall box.

NOTES:

- If you want to make changes to the default settings you get after
installing m0n0wall, edit /conf/config.xml and config.xml in the mfsroot.gz image.

- If you want to add more ports in the NAT section (i.e. SSH/HTTP/FTP) available to
create rules, edit ~/usr/local/www/guiconfig.inc

- I strongly suggest you make patches using diff if you edit a lot of stuff. Going to
make customizing future versions easier. Example:

# diff -ur file.orig file > patch01