Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Thu 18 Dec 2014, 09:35
All times are UTC - 4
 Forum index » Advanced Topics » Puppy Projects
How to set up a Puppy Linux Cybercafe
Moderators: Flash, JohnMurga
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
Page 7 of 9 Posts_count   Goto page: Previous 1, 2, 3, 4, 5, 6, 7, 8, 9 Next
Author Message
ecomoney


Joined: 25 Nov 2005
Posts: 2183
Location: Lincolnshire, England

PostPosted: Wed 18 Mar 2009, 21:09    Post_subject:  

thanks for the tip Raffy, and the knowledge of what to call things. I posted just after you.

I changed the APPEND line in the /home/tftpboot/pxelinux.cfg/default file to read

Code:
APPEND initrd=initrd.gz pfix=noram


and took away the Ramdisk section entirely. This didint seem to me to make any difference whatsoever, the boot section still read "loading main pup_420.sfs" file (which it shouldnt do am I correct) and there were no RAM savings.

I had a look into the "init" file which is in the initrd.gz and found some interesting options. I think the new boot menu perhaps has some different boot parameters

Lines 167-184

Code:
#now supporting a boot menu...
if [ "$pfix" ];then
 for ONEFIX in `echo -n "$pfix" | tr ',' ' '`
 do
  case $ONEFIX in
   ram)     PRAMONLY="yes";;      #run in ram only (do not load pup_save).
   rdsh)    RDSH="yes";;          #exit to shell in initial ramdisk.
   nox)     PNOX="yes";;          #do not start X.
   clean)   PCLEAN="yes";;        #force version upgrade and cleanup.
   purge)   PPURGE="yes";;        #radical cleanup for broken system.
   copy)    PCOPY="yes";;         #copy .sfs files into ram.
   noram)   PNORAM="yes";;        #v412 partial restore no copy sfs to ram.
   fsck)    PFSCK="yes";;         #do a fsck of pup_save file.
   [0-9]*)  PIGNORELAST=$ONEFIX;; #blacklist last $ONEFIX folders (multisession).
  esac
 done
fi
[ "$PNORAM" = "yes" ] && PCOPY="no" #v412


perhaps is something to do with these boot options

Ive had a quick scan of the "init" file (man that is some piece of engineering!) and in parts it refers to to humungous initrd's. I will attach it to this post, because Im having some real trouble deciphering it for now.

If it does turn out that it is "double-loading" the pup_420.sfs file (once while it loads the initrd.gz via PXE and then again during bootup proper (the tmpfs?) then this is a bug in puppy's implementation of netbooting. In netbooting, it should be able to call programmes directly from the pup_420.sfs inside the initrd.gz, otherwise client computers will waste RAM that could be used for running programs once puppy has PXE booted. It could also just be that the size of the free RAM in the final netbooted puppy is reported as larger, because I did hear that if Linux does find extra ram then it just uses it. If it is a bug(let) then it would be good to iron out and give and extra 100mb or so RAM for applications.

Im also going to have to add code to this file to autodhcp eth0 at bootup, to connect back to the smoothwall server for an i.p. address for the internet connection. That way the internet will "just work" when they launch seamonkey. Is this along the lines of

Code:
dhcpcd eth0
?
init.zip
Description  init script from within the netboot initrd.gz for puppy linux 4.2 RC3
zip

 Download 
Filename  init.zip 
Filesize  17.1 KB 
Downloaded  336 Time(s) 

_________________
Puppy Linux's Mission

Sorry, my server is down atm!
Back to top
View user's profile Send_private_message Visit_website MSNM 
raffy

Joined: 25 May 2005
Posts: 4798
Location: Manila

PostPosted: Wed 18 Mar 2009, 22:41    Post_subject: load <> copy  

I used "tmpfs" because I believe that's how Puppy's ramdisk is called (and there is another ramdisk associated with PXE booting). You're right, there should be no duplication of RAMdisks. You can check this while puppy is running via "df -h" in console : if there is loop0 and no identical tmpfs, then no separate RAMdisk is given to pup_420.sfs.
ecomoney wrote:
.. the boot section still read "loading main pup_420.sfs" file (which it shouldnt do...

In theory, it should say "copying to RAM" if it is copying pup_420.sfs to RAM.
ecomoney wrote:
It could also just be that the size of the free RAM in the final netbooted puppy is reported as larger, because I did hear that if Linux does find extra ram then it just uses it.

Puppy uses another tmpfs for /tmp (the scratch file), and that consumes RAM, too. The free RAM is displayed with "free" in console.
ecomoney wrote:
Im also going to have to add code to this file to autodhcp eth0 at bootup

If you follow the old network wizard and save the setting, you will have eth0mode in /etc. Copy that into the remastered /etc and you will have autodhcp at boot time.

_________________
Puppy user since Oct 2004. Want FreeOffice? Get the sfs (English only).
Back to top
View user's profile Send_private_message 
MagicZaurus

Joined: 05 Jan 2009
Posts: 88

PostPosted: Wed 18 Mar 2009, 23:32    Post_subject:  

1) From what I read at the dnsmasq man pages the TFTP server can handle multiple connections. The default maximum is 50 connections, but it can be changed with the following parameter in dnsmasq.conf.
Code:
tftp-max=<connections>

But they mention that it depends on the number of available file descriptors. For every client 1 file descriptor is used up. So it depends on how many concurrent file accesses the Smoothwall kernel can handle and how many file descriptors are taken up by other processes on the Smoothwall.

2) For the RAM issue. How did you get the number of free RAM? There are always doubts about the number from 'top' command. If I boot from CD and check with 'top' I also get 275MB used and I'm pretty sure that the sfs-file is only loaded once. In my opinion the sfs-file also is only once on memory for the netbooting, but because more RAM is available the sfs-file will be 'decompressed' so that later access is faster.
Back to top
View user's profile Send_private_message 
MagicZaurus

Joined: 05 Jan 2009
Posts: 88

PostPosted: Wed 18 Mar 2009, 23:53    Post_subject:  

One more issue came to my mind. Running the TFTP on the Smoothwall is a small security risk. TFTP doesn't need any authentication. So make sure it is only serving requests on the internal LAN interface and not the interface to the Internet. Still a small issue if you have nasty guests in your cybercafe who want to try to use the TFTP port to hack into your Smoothwall.

The TFTP protocol is slow because every data packet (maximum 1500 bytes) need to be acknowledged by the client before the next packet is send. Other protocols can send a few packets in a burst and the packets are numbered and the client can just request back if he missed out a packet. That's in simple words what I understood of the whole story.
Back to top
View user's profile Send_private_message 
ecomoney


Joined: 25 Nov 2005
Posts: 2183
Location: Lincolnshire, England

PostPosted: Thu 19 Mar 2009, 09:46    Post_subject:  

@Raffy Yes, with the ram issue, I suppose the only sure way of testing is to reduce the RAM in the client machine to say 128mb and see if it still netboots. That way there will be no chance that the client computer will be able to hold both the initrd.gz (100MB) and a separate pup_420.sfs (100MB) in memory at the same time. I wish I knew of another method for making sure this isnt happening.

@MZ Re "File Descriptors", are these released once the tftp request has finished (i.e. the client booted)? I think I may need to ask these questions on the Smoothwall forum, especially about the open tft port on the "internet" side of the smoothwall. The terminology they use for this the "RED" interface for the network port connected to the modem, and "GREEN" for the network port connected via the hub to the client p.c.'s. From what I have read (most of which I dont understand) these guys are *very* knowledgeable when it comes to network security and the internals of whats going on. I will raise your concerns there, unless you wish to do it MZ? You could probably explain it a let better to them.

Another smoothwall mod that may be required is a "Cybercafe Supervisors Control Panel". At the immingham site there is an attendant onsite at all times, responsible for taking money and setting access (its only £1 per hour to cover costs, although I unofficially anyone in trouble may use it for free). This would list the active clients, set times and allow the supervisor to log individuals on and off.

_________________
Puppy Linux's Mission

Sorry, my server is down atm!
Back to top
View user's profile Send_private_message Visit_website MSNM 
ecomoney


Joined: 25 Nov 2005
Posts: 2183
Location: Lincolnshire, England

PostPosted: Thu 19 Mar 2009, 09:59    Post_subject:  

Grrrrr! Ive just remembered, hotmail doesnt let people send messages when theyre using a linux client!!!! Guess theyre worried about linux users telling others how good Linux is!

I may have to modify the "useragent" settings on seamonkey to hack past this.

_________________
Puppy Linux's Mission

Sorry, my server is down atm!
Back to top
View user's profile Send_private_message Visit_website MSNM 
Trobin

Joined: 18 Aug 2005
Posts: 907
Location: BC Canada

PostPosted: Thu 19 Mar 2009, 10:17    Post_subject:  

http://www.murga-linux.com/puppy/viewtopic.php?t=36436

I had to use both methiods to get hotmail working in Seamonkey.

_________________
http://speakpup.blogspot.com
Back to top
View user's profile Send_private_message 
MagicZaurus

Joined: 05 Jan 2009
Posts: 88

PostPosted: Thu 19 Mar 2009, 11:27    Post_subject:  

1) Don't worry about the file descriptors. Standard setting in the linux kernel is 1024 descriptors for a single process. That is more than enough to serve 50 clients at the same time. But I expect the performance is not so good if you really boot all 50 machines at once. You can try and see how it performs.

2) For controlling the access you indeed need another MOD. If it doesn't exist then this will be a bigger project, as I expect that you want nice GUI, user friendly, bullet proof, ....

3) For the TFTP port it seems it's quite safe on the red interface. I read that all incoming traffic on red is blocked unless it's a response to an outgoing traffic.
Back to top
View user's profile Send_private_message 
Aitch


Joined: 04 Apr 2007
Posts: 6825
Location: Chatham, Kent, UK

PostPosted: Thu 19 Mar 2009, 18:51    Post_subject:  

Rob

a few hotmail tips

http://www.murga-linux.com/puppy/viewtopic.php?t=36436

http://www.murga-linux.com/puppy/viewtopic.php?p=251068#251068

http://www.murga-linux.com/puppy/viewtopic.php?t=6550

I think SHS's mod [2nd link] seems the simplest/most invisible to users

Aitch Smile
Back to top
View user's profile Send_private_message 
ecomoney


Joined: 25 Nov 2005
Posts: 2183
Location: Lincolnshire, England

PostPosted: Fri 20 Mar 2009, 09:00    Post_subject:  

Ive just had this email through from the author of DNSMASQ!!!!

Quote:
Hello,


I'm the author of dnsmasq. I have a regular Google-groups search going to keep an eye on how my baby is doing out in the world, and it found the thread on Murga-linux.com where you are talking about netbooting stuff.


I don't want to create yet another account to post there, so I though I'd just mail you, feel free to repost any of this stuff.

File descriptors: the limit is the number of descriptors available to a process: this is normally 1024, with a dozen of so used for other things, so you have plenty of room to increase the default tftp-max limit. The descriptors are only used while the tftp transfer is happening, and released afterwards. Each transfer uses two, one to read the file and one for a UDP socket, but if many transfers of the same file are going on, that only takes one descriptor plus one for the socket for each transfer.

Booting 100 machines should not take 100 times longer than booting one: TFTP uses the network very inefficiently, so there should be enough bandwidth for many transfers simultaneously.

Security. You should be OK, the dnsmasq TFTP server doesn't accept writes, and only gives access to stuff under --tftp-root. Look at the man page entry for tftp-secure too, If you're running dnsmasq as a dedicated user, you can make it serve only files owned by that user.


HTH

Simon.


This blew me away that the author of such a popular piece of software should go out of his way to contact me in this way to offer his knowledge. How come free software has better "customer support" than anything commercial I have ever paid for?

My faith in humanity is restored Very Happy

_________________
Puppy Linux's Mission

Sorry, my server is down atm!
Back to top
View user's profile Send_private_message Visit_website MSNM 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15122
Location: Paradox Realm

PostPosted: Fri 20 Mar 2009, 11:49    Post_subject:  

Quote:
My faith in humanity is restored


This developer has puppytude

Learn the Lingo
http://pupweb.org/wikka/BowWow

_________________
Puppy WIKI
Back to top
View user's profile Send_private_message Visit_website 
ecomoney


Joined: 25 Nov 2005
Posts: 2183
Location: Lincolnshire, England

PostPosted: Fri 20 Mar 2009, 14:10    Post_subject:  

Well doggie biscuits all round then! WoofWoof!

Ive just received via email the full spec for the required set of applications for the cybercafe. The installation of the cybercafe is through [http://www.humbersidecda.info/index2.htm]Humberside Co-Operative Development Agency[/url] who have had a working relationship with the Cybercafe's for some time, and are more aware of their day to day needs.

Here is the meaty bit of the required spec.

Quote:
· We're using the clients equipment (they have around 30 machines, so plenty for the proposed café's with some backups).

· The bare minimum we need by 31/4/09 is:

· 2 cafes, each w/8 machines running Linux, all machines connecting through a single ADSL modem to the line-out via a wired LAN. Where needed, the client will install extra CAT5 cabling etc..

· Linux distro to be configured to block all ports by default, except for those needed for internet browsing and email (see below).

· Linux distro needs Skype, aMSN and Gyache Improved (that gives us audio/video chat for MSN and Yahoo).

· The Linux boxes need to boot and run Live, allowing the staff to just switch off and switch on for a clean system.

· Simple instructions for each machine for staff to configure the network connection on boot.

That's the bare minimum to solve [the cybercafe's] problem come the end of April.

The next two problems are wifi access and stopping P2P activity.

On Wifi, the idea is to buy 2xWifi access points. These just plug into the ADSL line and control access, nice and simple. The questions will be:

· Does the Wifi point have wired LAN connectors.

· Can we configure the router in the wifi point to block ports.

For P2P there would seem to be two options:

· Plumb a Smoothwall box in between the ADSL modem and the router.

· OR

· Configure the router to block all ports except

· TCP 21(FTP),22(SSH),80(HTTP),110(POP3),443(SSL), 6901 (Messenger Voice Chat PC to PC),6891-6900 (Messenger File Transfer),25 (SMTP),143(IMAP4), 5000-5001(Yahoo Messenger Voice), 5050(Yahoo Messenger Messages),5100(Yahoo webcams)

· UDP 53, 6901,2001-2120, 6801, 6901 (MSN, PC to Phone and PC to PC) , 5000-5001(Yahoo Messenger Voice


I think Im going to need to do another visit to audit how their network is currently set up and what computers and equipment (i.e. webcams etc) they are using. Im also suspect going to have to find out the current fixed i.p.s on their network just to ensure there isnt any conflicts when I plumb in the Smoothwall (192.168.0.1 is a pretty common number!). Oh Joy!

At the moment, I think the installation only takes around 100mb of transfer for a boot time of just over one minute. Im assuming most of the computers are of at least 512mb spec, so we have about 100mb of additional space that can be used for the extra requirements of aMsn and Skype (a two minute boot time Im sure would be no problem). I hear that the latest version of amsn (0.98 beta) has experimental audio/video support, and I would like to do some tests on it, and provide some feedback to the amsn team.....after all, without msn how are Windows Refugees going to be able to tell their friends about this marvelous new operating system? Sometimes long term change requires short term compromise Wink

Thanks for reading

Woof Woof

_________________
Puppy Linux's Mission

Sorry, my server is down atm!
Back to top
View user's profile Send_private_message Visit_website MSNM 
Aitch


Joined: 04 Apr 2007
Posts: 6825
Location: Chatham, Kent, UK

PostPosted: Sat 21 Mar 2009, 16:45    Post_subject:  

Rob

Quote:
.....without msn how are Windows Refugees going to be able to tell their friends about this marvelous new operating system?


From puppy, I use meebo, which is an online msn + others, messenger

http://www.meebo.com/

It's also available, with hotmail, for those who want it, plus loads of other online stuff on technosaurus's fantastic web desktop

http://pupweb.org/desktop/

Good luck with the rest of it.....

Aitch Smile
Back to top
View user's profile Send_private_message 
Dougal


Joined: 19 Oct 2005
Posts: 2505
Location: Hell more grotesque than any medieval woodcut

PostPosted: Sun 22 Mar 2009, 06:58    Post_subject:  

G'day,
Just thought I'd mention something regarding the whole copy/don't copy sfs into ram part:
Since the move from an initrd to an initramfs (initrd.gz which is a CPIO archive, like you made), the initial ramdisk does not stay in ram after the switch_root, which means you can't have a humungus initrd and mount the sfs directly from it.

I think the reason you saw that much memory used is that just starting Puppy up with Xorg (without the sfs in ram) takes up about 140MB of ram... I know that when I boot it seems to take about that much up before I open anything.
I presume this is just due to all the bulk being paged to memory when you start X (plus squashfs overhead) -- if I'm not mistaken, booting with pfix=nox I get only about 40MB used at startup...

_________________
What's the ugliest part of your body?
Some say your nose
Some say your toes
But I think it's your mind
Back to top
View user's profile Send_private_message 
tronkel


Joined: 30 Sep 2005
Posts: 1104
Location: Vienna Austria

PostPosted: Sun 22 Mar 2009, 07:22    Post_subject:  

ecomoney wrote:
Quote:
How come free software has better "customer support" than anything commercial I have ever paid for?


I've wondered about that for a long time too.

The world of software and OS development does not appear to behave in what would be thought of as a logical business model. It's all upside down.

You would think that Linux would be the paid-for stuff and the MS stuff would be free - judging by the results of these two differing approaches. The real world of software is really strange - good for us Linux types though!

_________________
Life is too short to spend it in front of a computer
Back to top
View user's profile Send_private_message Visit_website AIM 
Display_posts:   Sort by:   
Page 7 of 9 Posts_count   Goto page: Previous 1, 2, 3, 4, 5, 6, 7, 8, 9 Next
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
 Forum index » Advanced Topics » Puppy Projects
Jump to:  

Rules_post_cannot
Rules_reply_cannot
Rules_edit_cannot
Rules_delete_cannot
Rules_vote_cannot
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.1189s ][ Queries: 12 (0.0049s) ][ GZIP on ]