Setting up SNORT on Gentoo Part 1

Install Gentoo. I used the Live CD of 2007.0

Installation took about 1h30 to complete on a dual PIII 933 with 2GB RAM and SCSI drives.

The following steps where then taken to setup the machine as a transparent bridge with an administrative IP

1. Added bridging as a module

echo “bridge” >> /etc/modules.autoload.d/kernel-2.6
update-modules
modprobe bridge

2. Installed the bridge tools

emerge net-misc/bridge-utils

3. Edited /etc/conf.d/net to contain

#set ifconfig as default tool
modules=( “ifconfig” )
# eth0 & eth1 setup to not have any IP
config_eth0=( “null” )
config_eth1=( “null” )

# Bridging (802.1d)
# Assign the NIC’s to the bridge
bridge_br0=”eth0 eth1″
# give the bridge an IP
config_br0=( “196.31.203.52 netmask 255.255.255.240″ )
RC_NEED_br0=”net.eth0 net.eth1”
# Stop broadcast storms from occuring
brctl_br0=( “stp on” )
# Set default route for the bridge so that the internet is
# accessable
routes_br0=( “default gw 196.31.203.49” )

4. Setup the bridge to start at system start

ln -sf /etc/init.d/net.lo /etc/init.d/net.eth1
rc-update add net.eth0 default
rc-update add net.eth1 default

ln -sf /etc/init.d/net.lo /etc/init.d/net.br0
rc-update add net.br0 default
/etc/init.d/net.br0 start

Will follow with the rest soon