Some simple instructions that may get re-written depending on motivation. If any of these are broken, please let me know! I'll try to fix them and update them ... but they probably won't be 'offically' supported. All programs etc ... are (c) their respective sources. Texas A&M grants no warranty and neither do I :) These are distributed to make life easy, so please don't make mine hard :) The tagfile.tar.gz is for automating most of a Slackware 9.1 Install. The perl-5.8.3-i686-1.tgz is a Slackware Package with the following: * Perl 5.8.3 compiled with threads and prefix=/usr * IPTables module (CVS version) * Net-Netmask 1.9009 * Net-RawIP 0.1 * Config-Natural 0.98 The netsquid-i686-1.tgz is a Slackware Package with the following: * Thttpd 2.24 (config file in /usr/local/etc/thttpd.conf) * Snort 2.1.3 (related conf files in /etc, rules in /usr/local/snort/rules) * Netsquid v1.2 (conf and exclude file in /usr/local/etc/) * brctl (/usr/local/bin/brctl) * smbclient, nmblookup (/usr/local/bin/) * NetSQUID startup file /etc/rc.d/rc.netsquid and logging directories in /var Just install the package, and edit the config files (netsquid and snort to your liking) perhaps add the following to /etc/rc.d/rc.local: # Configure the bridge /usr/local/bin/brctl addbr br0 /usr/local/bin/brctl addif br0 eth1 /usr/local/bin/brctl addif br0 eth0 # Bring up the Interfaces /sbin/ifconfig eth1 up /sbin/ifconfig eth0 up # Configure IP address /sbin/ifconfig br0 192.168.1.1 netmask 255.255.255.0 /sbin/route add default gw 192.168.1.254 # Tell IPTables to not keep a lot of state info # Not really needed as IPTables rules don't use state # Well at least the ones that NetSQUID creates echo 0 > /proc/sys/net/ipv4/ip_conntrack_max echo 60 > /proc/sys/net/ipv4/tcp_keepalive_time # Start Webserver /usr/local/sbin/thttpd -C /usr/local/etc/thttpd.conf # Start NetSQUID (which will auto start snort) /etc/rc.d/rc.netsquid start What I was nice enough not to include * CGI scripts for web (however the web home is under /home/www Haven't cleaned them up yet * Logrotate stuff to rotate Snort logs * A custom Kernel * I'm sure other things