[GLLUG] monilithic kernel (debian 3.0) and ethernet devices

Matt Graham danceswithcrows@usa.net
Thu, 21 Mar 2002 12:55:19 -0500


On Thursday 21 March 2002 11:54, you wrote:
> So for security reasons i've compiled my IPSec enabled (freeswan) and
> Masquerading enabled kernel monolithically

I've never understood why people would do that.  It doesn't provide any 
security benefits that I can see, since you have to be root anyway to 
load a module.  If a malicious attacker gets root on your machine, 
you're screwed whether or not the attacker loads a new module.  

> I have one PCI 3c905 (Vortex) card that autodetects but comes up at
> 10Mbit (I want 100FDX) and an ISA 3c509 (Etherlink 3 Combo) that does
> not come up at all. I found a page that described that if i appended
> "ether=0,0,eth1" to my boot line that the 3c509 would come up. Well
> it did and it didn't. It recognized on boot and I could see it with
> ifconfig. however I could not get it to actually transmit or receive
> packets. I could do a self ping but that was going back to localhost.
>
> So basically, I'm stupid when it comes to passing arguments to
> "modules" that are actually part of a monolithic kernel. I have no
> clue what the above "ether" line is actually doing and could not find
> any doc on it.

/usr/src/linux/Documentation/networking/vortex.txt
/usr/src/linux/Documentation/kernel-parameters.txt 
/usr/share/doc/howto/en/Ethernet-HOWTO.gz

ether=IRQ,BASE_IO_ADDR,PARAM1,PARAM2,NAME

and you can have multiple ether= lines, like so:

ether=11,0,eth1 ether=0,0,1,4,eth0

You *must* specify the IRQ for a 3c509 since it's an ISA card.

I don't know how you'd be able to specify things other than the 
parameters above to the 3c59x module.  They say that MEM_START is often 
used for module-specific information, but a quick fiddle through the 
source tells me nothing.

> modprobe 3c509 io=300 irq=11

The 3c509 module doesn't take an io= parameter, and will refuse to load 
if you pass it this.  The 3c509 module finds out the I/O value to use 
given the IRQ, since the 509 is reasonably intelligent for an ISA card.

> modprobe 3c59x debug=1, options=4

I'd build this as a module.  It *may* use PARAM1 and PARAM2 for the 
debug= and options= values, but I wouldn't bet on it.

-- 
   Paranoid Club meeting this Friday.
   Now ... just try to find out where!
There is no Darkness in Eternity/But only Light too dim for us to see