I've got a Smoothwall machine as my software firewall; it handles NAT for my internal network, and it's the one that's connected to the cable modem. It also runs DHCP for the network, which means that a machine that's plugged into it will automatically get assigned an IP address and will also get told where its default gateway and DNS servers are, etc, etc. All well and good. However, most of my machines were on static IPs, rather than having them assigned through DHCP, because I like to call my machines by name when connecting to them, and the DHCP server on the Smoothwall box doesn't update the DNS server, which means that the DNS server can't give out names for IP addresses. This was very annoying. Then I came across dhcp2dnrd, which was specifically written to be used on a Smoothwall box, and which updates your DNS hosts file on the firewall with details of DHCPed machines. Once that update has happened, the DNS server knows which IP adddresses each machine is on, and you can therefore resolve a name back to that machine's IP address. Exactly what I wanted.
One small problem, though; the page says:
Oh, and it requires the Class::Date perl module.
Ah, that's easy to fix, I'll just get it from CPAN, right? Nope, not right.
You see, a Smoothwall box isn't meant to be a full-on Linux
distribution, which means that it hasn't got a lot of the command-line
tools you'd expect. So, my first problem: when I tried to install
Class::Date from CPAN, using perl -MCPAN -e 'install
Class::Date', CPAN.pm insisted that I provide some configuration
information, among which were questions like "Where's your version of
ncftpget?" Now, as I said, a Smoothwall box doesn't have that kind of
thing, so I told it there wasn't one. The problem then, though, was
that CPAN.pm couldn't connect to the CPAN archive to fetch the module.
Bummer.
So, I thought, well, Perl modules are just, like, some Perl, right?
So I downloaded the Class::Date
module, thinking that I'd just copy it over to the Smoothwall machine
and drop it in the Perl library directory. Uh-uh. When I got the
module, it contained a .xs file, which is an extension to
Perl and requires compilation. Oops. Installation instructions:
perl Makefile.PL, make, make
install. Can you guess the problem? Yep, no "make" on a
Smoothwall machine. Nor a C compiler. Bah. Now, I could theoretically
have compiled it on my main machine and copied it over, but I feared
that, firstly because the two machines are pretty different (Smoothwall
is a 2.2 kernel RH-based thing, my main box is a 2.4 kernel Debian
box), and secondly because I'd have to manually do what make
install would do, which means manually working out what a
makefile will do when you run it. A non-trivial task, that. Oof.
On the point of giving up, I noticed in the Class::Date
manual that you don't need a C compiler; the Date.pm
module will work without the compiled extension. Yay! Just copy it over
to the appropriate place in the Smoothwall machine's Perl library
directory (/usr/lib/perl5/5.00503/Class), and it should
all just work, right? Nope, not right.
Firstly, that module itself depends on the
Class::Date::Const module; fortunately, that's also in the
Class::Date package, so just create a Date
directory on your Smoothwall box alongside the Date.pm
you've just added, and copy Date/Const.pm from the
Class::Date archive into it.
Secondly, Class::Date is picky about the quality of the
operating system functions that underly it, specifically the
strftime function. The Smoothwall distribution runs with
an old-ish version of Perl, which has a buggy strftime implementation,
and so Class::Date refuses to run; you can test whether it
runs by trying perl -MClass::Date -e 1, at which point it
should throw a wobbler about a buggy strftime. Since, frankly, I'm not
too bothered about the timing for this perticular application being
accurate (you'll see why in a bit), we just comment that out; edit
/usr/lib/perl5/5.00503/Class/Date.pm and comment out the
whole
#if (strftime_xs("%Z",localtime(1020463262)) ne "CEST")
test around line 53.
The next problem is that Class::Date whines about not
having its C extension installed. We could fix this by commenting out
the whinge, but instead we'll ignore warnings; edit
dhcp2dnrs.pl and add the line BEGIN {
$Class::Date::WARNINGS=0; } before the # requires
Class::Date line to ignore warnings.
Final problem: how do we get it to run when a new DHCP lease is
taken out? I decided to ignore this problem, because it involves
hacking the Smoothwall scripts themselves, which means that they might
get wiped out by a Smoothwall update. Instead, I made the script run
hourly by putting it in root's crontab, with the line 15 * * * *
/usr/bin/perl /root/dhcp2dnrd.pl.
So, in summary:
- Download and unpack
Class::Date - Download dhcp2dnrd
- Copy
Date.pmandDate/Const.pmfrom your unpackedClass::Datepackage to root's home dir on your Smoothwall box usingscp(something likescp -P222 Date.pm root@smoothwall:.) - Copy
dhcp2dnrs.plto root's home dir on your Smoothwall box - Connect to your Smoothwall box as root (
ssh -p 222 root@smoothwall, or possibly use the Java SSH client in the web interface. You may need to turn on remote SSH access from the web interface before this works.) - Comment out the strftime test as described above
mkdir /usr/lib/perl5/5.00503/Class/Datecp Date.pm /usr/lib/perl5/5.00503/Classcp Const.pm /usr/lib/perl5/5.00503/Class/Date- Add the WARNINGS=0 line to dhcp2dnrs.pl as described above
crontab -eand add the /usr/bin/perl line as above
And that should be it. If the machines on your network aren't already using Smoothwall as their DNS server, then they should be; you should configure DNS on Smoothwall so that it knows about upstream nameservers.
© sil, February 2003