Improve VM boot, and distribution

fmunozs · Mar 25, 2010 · 5e70cc0 · 5e70cc0
1 parent 1737850
commit 5e70cc0
Show file tree

Hide file tree

Showing 4 changed files with 72 additions and 14 deletions.
diff --git a/README b/README
@@ -1,27 +1,49 @@
 # Flint -- a firewall rule analyzer
 
-Supported firewalls:
+## Supported firewalls:
 
-* Cisco Pix/ASA
-* IOS almost...
-* IPTables soon
-* Pf soon
+At the moment Flint only works with Cisco PIX/ASA.  Support for Cisco
+IOS, BSD PF, and Linux IPTables is in the works.  Please let us know
+which platforms you are interested in.
 
-## Installing
+## Installing the FlintVM
+
+The FlintVM is a VMWare image based on Ubuntu JeOS 8.04 (Hardy Heron)
+image provided by Joao Inacio <jcinacio at gmail dot com> and
+available at:  <http://www.jcinacio.com/projects/vmware-ubuntujeos-804/>
+
+It will configure it's network using DHCP.  Check the VM console for the address it was assigned.
+Flint starts up listing on port 4567.  So you can access it at <http://<ip of vm>:4567
+
+### Virtual Machine Login Details:
+
+    username: flint
+    password: flint
+
+Please login and change the flint user's password immediately.
+
+## Installing from Source
 
 You will need a development environment.  On Mac OSX that means XCode.
-On Ubuntu/Debian Linux is would be that `build-essentials` packages.
+On Ubuntu/Debian Linux is would be that `build-essentials` and
+`libc6-dev` packages.
 
 You will also need Ruby, along with the usual tools, rake and gem.
 
+To install all required gemsand supporting software:
+
     rake install
 
-## Running
+To start the web interface:
 
     rake app
 
 This will start a Sinatra server listening on port http://localhost:4567.  Point your browser at that.
 
+## Running Flint
+
+The default user is: admin/admin77
+
 ## Developers
 
 You will need the rspec, racc, and rdoc gems.  You can use `bundle install` to pull in those gems.  

diff --git a/vm/build-flint-vm b/vm/build-flint-vm
@@ -39,7 +39,7 @@ done
 shift $((OPTIND-1))
 
 
-VMNAME=${1:?"Must provide a VM name, such as \"Flint_vX.X\""}
+VMNAME=${1:?"Must provide a VM name, such as \"FlintVM-X.X\""}
 
 if [[ ! -n $VMWUSER ]]; then
     log "Please set the VMWUSER env var to the vmware user"
@@ -129,7 +129,8 @@ function copy_vm
 {
 	echo "Copying $SDIR to $TDIR"
 	cp -r $SDIR $TDIR
-
+	rm $TDIR/readme.txt
+	cp ../README $TDIR/README
 	( cd $TDIR
           cat - > $VMNAME.vmx <<EOF
 #!/usr/local/bin/vmware

diff --git a/vm/rc.local b/vm/rc.local
@@ -14,6 +14,28 @@
 /usr/local/bin/initial_vm_config
 
 echo 'Starting Flint'
-su -l flint -c "(cd flint; /usr/bin/rake app 2>&1 > app.log)" &
+su -l flint -c "(cd flint; /usr/bin/rake app 2>&1 > app.log)" 2>&1 > /var/log/flint.log &
+
+update_motd () {
+# Update motd
+uname -snrvm > /var/run/motd
+[ -f /etc/motd.tail ] && cat /etc/motd.tail >> /var/run/motd
+FLINTIP=`/sbin/ifconfig eth0 | awk '/inet addr:/ { print substr($2,6) }'`
+cat - >> /var/run/motd <<EOF
+----------------------------------------------------------------------
+Flint is available at:
+
+http://$FLINTIP:4567
+
+The default Flint web interface user is: admin/admin77
+
+The default Virtual Machine user is: flint/flint
+----------------------------------------------------------------------
+EOF
+}
+
+# we spit our motd on boot
+update_motd
+cat /etc/motd
 
 exit 0
diff --git a/vm/upload-release-s3 b/vm/upload-release-s3
@@ -6,9 +6,9 @@ require 'aws/s3'
 release = ARGV[0]
 throw "Must provide a release name" unless release 
 
-release_zip = "Flint_#{release}.zip"
-release_ovf = "Flint_#{release}.ovf.zip"
-release_tarball = "../flint-#{release}.tgz"
+release_zip = "FlintVM-#{release}.zip"
+release_ovf = "FlintVM-#{release}.ovf.zip"
+release_tarball = "../Flint-#{release}.src.tgz"
 
 
 
@@ -31,16 +31,29 @@ AWS::S3::Bucket.enable_logging_for(FLINT_BUCKET)
 puts "Uploading #{release_zip} to the #{FLINT_BUCKET} bucket."
 AWS::S3::S3Object.store(release_zip, open(release_zip), FLINT_BUCKET,
                         :access => :public_read)
+
+AWS::S3::S3Object.copy(release_zip, "FlintVM-current.zip", FLINT_BUCKET,
+                       :access => :public_read)
+
 puts "Available at #{AWS::S3::S3Object.url_for(release_zip, FLINT_BUCKET, :authenticated => false)}"
 
+
 puts "Uploading #{release_ovf} to the #{FLINT_BUCKET} bucket."
 AWS::S3::S3Object.store(release_ovf, open(release_ovf), FLINT_BUCKET,
                         :access => :public_read)
+
+AWS::S3::S3Object.copy(release_zip, "FlintVM-current.ovf.zip", FLINT_BUCKET,
+                       :access => :public_read)
+
 puts "Available at #{AWS::S3::S3Object.url_for(release_ovf, FLINT_BUCKET, :authenticated => false)}"
 
+
 puts "Uploading #{release_tarball} to the #{FLINT_BUCKET} bucket."
 AWS::S3::S3Object.store(release_tarball, open(release_tarball), FLINT_BUCKET,
                         :access => :public_read)
+AWS::S3::S3Object.copy(release_zip, "Flint-current.src.tgz", FLINT_BUCKET,
+                       :access => :public_read)
+
 puts "Available at #{AWS::S3::S3Object.url_for(release_tarball, FLINT_BUCKET, :authenticated => false)}"