Linux Setup

Posted by Max Dunn Sun, 11 Dec 2005 00:09:00 GMT

When we moved in September, I knew that I wouldn’t be able to keep the Internet connection to my home server going continuously, so I transfered all the email and web accounts I was hosting to a 1and1 account. I also wanted to update to the latest Mandrake Linux, to get rid of the hodgepodge of application versions I was currently running. So over the last few months, I wiped out my server, updated to Mandrake 2005 and proceeded to reconfigure it, especially as an router with web filtering software.

There were a few tricky things that took a while to figure out, so I wanted to document them in case I have to go through this exercise again.

But rather than clutter up this blog with all the excruciating details, I am going to add them as extended content to this entry. I doubt these notes will be of much use to anyone else, so consider this just an entry of me talking to myself. ;-)

Basic

  • Installed Mandrake 2005 as a server
  • Setup the network interface
    • eth0 => local
    • eth1 => internet (to SBC DSL box)
  • cp /etc/security/msec/security.conf /var/lib/msec

DHCP Server

  • Add Subnet
    • Network address: 192.168.1.1
    • Address range: 192.168.1.100 - 192.168.1.254
    • Dynamic BOOTP: off
  • Edit Client Options
    • Domain name: maxdunn.net
    • Default routers: 192.168.1.1
    • DNS servers: 192.168.0.1

Postfix

  • General
    • Domain out: maxdunn.net
    • Domina receive: maxdunn.net
    • Local domain: maxdunn.net

Shorewall

  • Masquerade (To enable NAT)
    • Outgoing: eth1
    • Subnet to masquerade: Subnet on: eth0
  • Rules (To redirect to Dansguardian)
    • Action: Redirect
    • Source: Local
    • Destination: Other.., 8080
    • Protocol: TCP
    • Source ports: any
    • Destination ports: 80
  • Proxy ARP (To access SBC DSL box)
    • Address to ARP: 192.168.0.1
    • Connect to interface: eth1
    • Route to hosts exits: no
    • External interface: eth0
    • Leave route when stopped: yes
    • (Direct file configuration: 192.168.0.1 eth 1 eth0 no yes)

Squid

  • Misc Options
    • HTTP Accel Host: virtual
    • Only have Single HTTP Accel server: no
    • HTTP Accel port: 80
    • HTTP Accel with proxy: On
    • HTTP Accel use host header: Yes
  • squid.conf (This is needed for Subversion)
    • extension_methods REPORT MERGE MKACTIVITY CHECKOUT

Dansguardian

  • No Changes

Posted in  | no comments

Comments

Leave a response

RSS feed for this post

(leave url/email »)

   Comment Markup Help Preview comment