- wireless router
- network access server
- PPPoE server
- HotSpot server
- VPN server/client
- firewall
- traffic shaper
- HTTP content filter
- OSPF router
- PIMv2 (multicast) router
- and more - see Features
While giving the end user a powerful, high-level interface, Lintrack has still all of the possibilities of traditional Linux administration. What's more, some functionality may be managed by fcc, and some by die-hard Unix tools, e.g. vim.
Lintrack has also many unique features exclusively developed by our team, like improved MadWiFi driver with better 802.11h support and many bugs fixed, dynamic weighted round-robin Ethernet bonding, RADIUS client with solid-state queue, QoS layer-7 firewall with DiffServ support and basic HTTP advertisements distribution framework, just to name a few.
Currently, we target x86 CPU architectures only, but support for other architectures is planned in near future. A typical installation needs at least 256MB of storage space, but 512MB is recommended.
Lintrack features? Citing one of our developers, "probably more than you will ever need ;-)". Below list presents Lintrack functionality as of version 2.0.
- based on Linux kernel 2.6
- support for Reiser4
- in-kernel interface descriptions
- in-kernel IP address descriptions
- centralized, unified system configuration - Flatconf
- interactive command-line interface with autocompletion - fcc
- English and Polish translations
- IPv4 support
- IPv6 support (partially)
- IPsec support
- ESP, AH
- static keying
- simple dynamic keying via IKEv1 - ipsec-tools' racoon
- VLAN support (in Linux thanks to Candelatech)
- 802.1Q VLAN on Ethernet devices
- MACVLAN
- IP traffic shaping
- HTB - enhanced HTB.init
- TBF with ESFQ
- Wonder Shaper
- IP filtering
- powerful zone-based firewall
- DiffServ marking basing on QoS characteristics (ASN DiffServ tags)
- bulk - eg. downloads, P2P
- office - eg. web browsing, email
- media - eg. streaming media, VoIP
- txt - eg. IM, IRC, SSH
- sys - eg. DNS, TCP ACKs
- decreasing TCP MSS to path MTU
- removing IP DF flag
- masquerading
- DNAT
- custom rules
- apart of standard Netfilter functionality:
- transparent proxy - BalaBit's tproxy
- application layer packet classification - l7-filter
- passive OS fingerprinting
- IP routing
- static routing
- multitable routing
- multipath routing (random, wrandom, rr, drr)
- dynamic routing
- Atheros WiFi devices - MadWiFi improved by Lintrack team
- tested chipsets: AR5211, AR5212, AR5213
- parts of IEEE 802.11h and 802.11d needed to satisfy the ETSI EN 301 893 requirements (DFS, TPC)
- Super A/G support: bursting mode, fast frames, compression
- easy regdomain changing (ar5k)
- Virtual AP (VAP) support: up to 4 interfaces on one device (AP, station, monitor)
- WDS support (standards-conforming)
- AP clients isolation
- Wireless Multimedia Extensions (WME) support
- MAC address policies
- full WPA and WPA2 (RSN) support - great hostapd and wpa_supplicant
- PSK, EAP-TLS, EAP-TTLS, EAP-PEAP
- embedded RADIUS server
- Ethernet devices - all that Linux supports (most on market)
- Ethernet bonding
- weighted round-robin (wrr) mode developed by Lintrack team
- dynamic wrr weights
- 2-seconds reaction to link loss
- support for IP addresses on slave interfaces
- works with WPA on Madwifi interfaces
- Ethernet bridging with Spanning Tree Protocol support
- transparent ("cheap") Ethernet encryption (ccrypt)
- does not need higher MTU
- does not fragment frames
- PPPoE support - patched Roaring Penguin's RP-PPPoE
- PPPoE client
- PPPoE relay agent
- PPPoE server
- PAP/CHAP authentication
- local IP address pool
- RADIUS support
- supports ASN RADIUS dictionary
- bandwidth limits
- pps limits
- TCP connections limits
- server-side client firewall
- server-side QoS traffic shaping
- SFQ
- per-client HTB queue
- prioritizing traffic basing on ASN DiffServ tags
- different bandwidth limits for localmedia-tagged traffic (eg. locally generated multimedia streams)
- IP redirections with optional randomness
- per-client HTTP content filter settings
- redirection URL
- content groups to match
- web domains to match
- solid-state, reliable RADIUS queue
- possibility to obtain client IP address from RADIUS reply
- IP tunneling: GRE, IPIP, SIT
- OpenVPN support
- point-to-point mode
- IP tunneling / Ethernet bridging
- TCP/UDP transport
- static PSK and SSL modes
- HotSpot network access - ChilliSpot
- HTTP proxy - Squid
- caching
- in-RAM cache storage
- content filtering
- customized and enhanced version of squidGuard
- URL and domain lists from:
- advertisements and announcements distribution support - red
- DNS cache and DHCP server - dnsmasq
- real-time per-IP link quality measurements - ifquald
- ICMP echo test (latency, packet loss) - reliability
- iperf bandwidth test - performance
- SNMP agent - Net-SNMP
- SNMPv2 and simple SNMPv3 support
- engine for quick snmpd extensions
- fetching arbitrary netfilter rule counters
- fetching all information about link monitored by ifquald
- easy to use package manager: pkg
- multiple repositories
- Lintrack repository with almost 150 packages
- tight, system-wide integration with SSL/TLS
- automatic time synchronization via NTPv4
- ClamAV
- ISC DHCP
- exim Internet Mailer
- FreeRADIUS
- with rlm_netvim_pools
- htop
- Kismet
- l2tpd from rp-l2tp
- lighttpd
- Links (from creators of great Ronja)
- linux-atm
- GNU Midnight Commander
- monit
- mtr
- MySQL
- ndiswrapper
- Nmap
- olsrd
- OpenSSH (from great OpenBSD project)
- PHP
- rt2x00
- Vim (with Tab autocompletion ;-)
- vsftpd
- wavemon
