LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[ILUG] Firewall/Proxy/Gateway Build

[ILUG] Firewall/Proxy/Gateway Build

Hamilton, David (HPS) david.hamilton3 at hp.com
Wed Oct 6 12:09:27 IST 2004 

I am finally going to build up a nice little firewall/appliance box for
home, and am trying to decide on the best way to put it together in a
secure, yet functional manner.
I am building it around a mini-itx 1GHz board with 265Mb RAM, so it'll
be running nothing too heavy, but I would be looking for peoples
experience/recommendations around the various functions it will be
performing.

DNS - BIND forwarding different zones to different servers, chroot'ed.
DHCPFWD - Forwarding DHCP requests to server in secure LAN, chroot'ed.
Squid - Squid configured as transparent proxy, would like to integrate
CLAM-AV, but not sure how. Can this be chroot'ed?
Postfix - Configured to relay mails from internal server to external
server. Can this be chroot'ed?
Fetchmail - Configured to gather mails from external server and deliver
to internal server. Can this be chroot'ed?
IPTABLES - configured via shorewall. I have to say that I love this
package!
Webmin - Configured to only allow access from internal LAN. (Might not
bother with this)
OpenSSH - Configured to only allow access from internal LAN and
secure(ish) Wireless LAN.
Squirrelmail - To be done later...

Has anyone managed to get a CAPI based ISDN USB modem working reliably?

Does anyone have any recommendations on which VPN software to use?  I
need it to be easy enough to maintain with Windows and Linux clients.
I am planning on building it around Fedora Core 2 for a variety of
reasons, and don't feel the need to change that unless there is a bloody
good reason. (Religious debate not required on this one)

I have looked at most of the firewall specific builds, but none of them
really suit my config which has 5 network interfaces, and no clear cut
green/orange/red zones.

I know there's a lot of questions in there, and I know I will be able to
find the answers to some of them via google, but I'd like to know what
experiences other people have had with the different parts to allow me
to avoid any known pitfalls.

Thanks,
	David.

More information about the ILUG mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell