All seems to work well but I think that we are the only two interested in this nerd stuff.
Using this to run a NEW firewall and protect it from access is a wonderful use for this method. Any hack attempts would report the older coLinux kernel version and no one would figure out how the newest kernel features could possibly exist on the older kernel.
A hacker would need to find the new kernel and log into it to allow them to hack the old kernel. A hacker would need to hack the old kernel and log into it to allow them to find the new kernel.
A hacker can not do both without both the passwords (which could be a dongle) (unless you set something up incorrectly).
Rob 5/30/08
Is the network tip ok? Feel free to change into your ipaddresses.
Suggest, to resort the network from primitive to the complicated. This is, what we suggest per default:
eth0=slirp eth1=tuntap eth2=pcap-bridge
Also use only slirp OR pcap, not both in same time. You can still config alls in coLinux config, but should not use. The condition: You can have only one "default" route to sirps 10.0.2.2 or to your ipaddress behind pcap-bridge routers in your LAN.
pcap-bridge is not working in all cases (WLAN, IP-security, non admin runs). That's why suggest to use SLiRP. After you have SLiRP running, can replace slirp with pcap-bridge. But need to configure ipaddresses more restricted to the external LAN. SLiRP is better here for easy setup.
This was my first workable kernel. Your 2.6.23-rc2 couldn't compile. Perhaps the host gcc 4.1.0 is to buggy for this?
-- HenryNe 15:21, 10 August 2007 (UTC)
Henry, You can read more than once, think about it, then come back and post.
Other people, on other wikies on the Internet, also read a few words and then post away without studying carefully. This happens often and is not good (being polite about it). Newcomers will see that it "doesn't work" when in fact it works well. This helps nobody. So don't worry about being the first one to do this ;) .
When you configure and build a UML kernel it does not add "-uml". We could do that, but it does not seem that it is standard to do that.
I built 2.6.23-rc2 "as-is", without modification, and have it running under coLinux (which is running under WinXP). When I type "uname -a" that is what it types out - no modications from me.
IF it were modifed then someone else would say "that is a fake screen, it would not print that if you typed uname -a". So I did not modify anything, and it runs under coLinux "as-is".
Now we can play with the newest kernel.
Accepted, lets move on. (You could help by trying it out and typing some network tips).
Rob
Rob, sorry. Was not read all details. It's clear now: You use UML under coLinux, and the screen shows the UML kernel, not a coLinux Kernel.
I suggest, use CONFIG_LOCALVERSION="-uml" to mark this difference from normal kernel. (For viewers like me.)
Thank you very mutch for details about using UML under coLinux. Nice to see, that UML is usable.
-- HenryNe 09:06, 8 August 2007 (UTC)
Henry, there is nothing fake about it. Try following the instructions. I just compiled
linux2.6.23-rc2 and have it running UML. Please read my article again and try it.
Look at the ASCII diagram at the bottom of the post to understand it.
I am uploading my .config file so you can all see.
Henry, try the patches (any version) on linux-2.6.23 kernel -- too many rejects to fix, so obviously I have smart fix. Re-read the article.
Rob
Think, there is a fake "without applying any coLinux patches". You still use coLinux patches, but not seen it. Please check your kernel config, and you would see the "CONFIG_COOPERATIVE=y" ;-)
Warning: Without coLinux patches, your host (Windows) would crash, all times.
I'm missing your step, where you have patched all the patch/*.diff files from coLinux source to the vanilla kernel.
Be carefully with kernel builds without "-co-" in the kernel version text, I mean the string you seen from `uname -r`. It suggest, that you not use any coLinux kernel patches. But, this is not so. Any kernel to run under coLinux must patch with coLinux patches, and must enable the CONFIG_COOPERATIVE=y.
-- HenryNe 16:33, 6 August 2007 (UTC)