Redhat Firewall

[bobbytupper]

Hello all,

I have a lot of questions any help if appreciated.

I have been (and probably always will be) setting up my home network for some time now. I have a broadband internet connection with a dedicated PC that I use as my firewall/router. I run mail/ftp/web servers on the LAN with the firewall translating the corresponding ports to the internal addresses. I wanted to take this a step further and to possibly implement bandwidth management.

I did a lot of reading and came to the conclusion that Linux would be the way to go. I have downloaded Redhat 8 (2 ISO) and installed in server mode, selecting ftp, mail and proxy server (squid).

Now I need to setup the linux box to allow the pc's on the LAN to access resources on the internet. I have read a lot of literature on the internet but being new to linux I don't know how reliable the info is and thought it would be more help to hear from people who have real life experience with Linux.

If I can get this up and running then I would like to know how to start managing my bandwidth.

Thanks in advance,

James

----------------------------------------------------------

Linux Newbie (c)

 

[arjagadish]

Well, You heard it right.............. Linux is right now the numero one OS as a Gateway or for that matter anything related to Internet.

Reasons:

1. Compared to Windows, not many viruses which infect Linux.

2. Cost............

3. More Secure.

Well, as u said, u have to use SQUID to share the internet in LAN(it acts like proxy). For better bandwidth, u have to be careful while configuring squid. Better secure way is to use iptables, so that u can block all unwanted stuff.

Configure, ur Linux OS such that it does not broadcast ur Internet Address(Since ur having Broadband).

 

[bobbytupper]

Thanks for your reply.

Could you give me a few pointers on how to configure iptables/squid wiht some explanations please. Also how do I configure the ftp service ?

 

[bobbytupper]

Thanks for your help but I think I have a pretty good grasp on the basics now. I would still like to know how to limit bandwidth though if anyone can help me on that one.

Thanks,

James.

 

[krale]

---Hello all,

Hi

---I have a lot of questions any help if appreciated.

---I have been (and probably always will be) setting up my home network for some time now. I have a broadband internet connection with a dedicated PC that I use as my firewall/router.

Can I assume that this previous PC is running WIndows (2k?)? And is this computer doing triple duty?

---I run mail/ftp/web servers on the LAN with the firewall translating the corresponding ports to the internal addresses. I wanted to take this a step further and to possibly implement bandwidth management.

Now that's a toughie in Linux. There's some documents at

http://lartc.org/lartc.html

that goes over the Linux advanced routing stuff, but that's overkill. I'd go with FreeBSD because that exact feature is easily implemented in DummyNet driver. It's a driver that allows you to put network data in and control how long and how much data goes out.

---I did a lot of reading and came to the conclusion that Linux would be the way to go. I have downloaded Redhat 8 (2 ISO) and installed in server mode, selecting ftp, mail and proxy server (squid).

FreeBSD is exactly that: free. It has all the servers you'd need (the same as Linux). Still, I'd a few servers. If you were using Windows, you could add Samba (windows filesharing server/client) and have all your files acccessable from there too. I'd also add a DHCPD so you dont have to worry about IP addresses on your network.

---Now I need to setup the linux box to allow the pc's on the LAN to access resources on the internet. I have read a lot of literature on the internet but being new to linux I don't know how reliable the info is and thought it would be more help to hear from people who have real life experience with Linux.

Sendmail's going to be a bitch. The configuration's hard to get right, and easy to open yourself up to holes a mack truck could drive through. Still, that's my main concern. Past that, it's not really hard.

Still, the best thing is to read manuals about your servers and adjust your configurations to your optimal.

---If I can get this up and running then I would like to know how to start managing my bandwidth.

Do you want to manage bandwidth only internally or do you wish to ONLY limit bandwidth over the DSL connection?

---Thanks in advance,

Not a problem, just a little sleepy ;-) (1:55 am)

Krale

 

[bobbytupper]

Morning Krale, the pc that is functioning as my firewall is used only for that reason.

The confusion I have been coming into is one caused because I am used to the Windows way having many years experience supporting a corporate (primeraly) Windows Network.

As you well know there is a dialogue box to configure just about every aspect of a Windows service, this is what I was looking for in Linux. Now I realise that most software changes are done using a simple config file. (am I getting closesr?)

I have configured my linux box to do what I want it to do, I even managed to configure sendmail to send/receive mail.

I did this using a genious piece of code found at

http://webmin.com

(sheer brilliance) It is a http front end which enables central management of just about every standard Linux service. The literature states it also supports a lot of OS including FreeBSD.

The reason behind this project is because at ny place of work packet shaping or QOS is very important for group services. We have now started using IpSec for office --> office connection. To successfully manage the bandwidth in this senario one bandwidth managing device in each office. The device we are using now (I wont name I dont wanna offend) is good but costs 3k. we have 30 offices so to put one of these devices in each office is big dorra, enter linux

To be honest I was half expecting someone to say "yeah heres a link to a tool that does it for you"! I was really , looking for something that could be remotely managed but not overly complex.

Thanks for your help

James