2.2. Modifying an image with workon.sh

This is a way to permanently modify a SmallWall image. It allows changes to be persistent across reboots. An example might be a custom configuration to detect the installed network cards, or additional drivers, or perhaps just turning the entire webGUI red. However, it has more requirements as well. The key one being that you must use FreeBSD to modify the image.

  1. First download the workon.sh script from www.SmallWall.org/downloads/workon.sh.tar.gz

  2. Now you will need to install FreeBSD 8 on an older system or in a VM. www.freebsd.org/

  3. You will need a copy of the SmallWall image you want to modify, and both it and workon.sh will need to be in the same directory.

  4. As root your workon.sh generic-pc-1.8.2.img (or whatever is appropriate) to mount the compressed images. It will exit into a bash shell and you will see mnt1 and mnt2 directories. The mnt1 directory is the image that is written to the hard drive. (Or CF card, or USB stick, or DOM) It contains the msfroot and the working config.xml file. The mnt2 directory is the uncompressed msfroot, and is the filesystem that is loaded in memory when SmallWall is running.

  5. Some special locations in the file system are here.

    mnt2/conf.default/config.xml	-> Default Config
    mnt1/conf/config.xml		-> Current Config
    mnt2/etc/version.buildtime	-> Image Build time
    mnt2/etc/version		-> Image Version (Change 1.8.2 to 1.8.2-special)
    mnt2/usr/local/www		-> Web Files
    mnt2/usr/local/www/fbegin.inc	-> Header
    mnt2/usr/local/www/fend.inc	-> Footer
    mnt2/usr/local/www/gui.css	-> Color defaults
  6. Once you have edited all of the files you want (And added a notation to the version so you can identify it) type "exit" to leave the bash shell, and allow workon.sh to decompress all of the now modified images. Needless to say, a reboot, crash, or killing of the shell without a clean exit will result in a broken image. Also, your modified image will no longer be signed.

  7. Your new image can now be uploaded to an existing SmallWall installation, or written to a hard drive.