Linux Help

Linux Help

[Kev]

Hi,

I'm new to Linux, so i'm paling to install a gateway, with the following,

1. Firewall
2. DNS
3. DHCP
4. SMTP (relay only)
5. Email Virus Scaning
6. Gray Listing (email)
7. NAT
8 Web Cashing
9. Web Based Configuration tool for all above.

can any one tell me the best Linux version to use, (RedHat, Debian, etc)
and the software i can use, like DNS = BIND, some thing simple to use...

the Box will be a P2 with 256MB ram but if i can get it to work on a P1
166Mhz that would be great....

thanks
Kev

------- 
Web Hosting at cheep price, stating at $1 per moth with your own domain, .COM, .NET, .LK, .ORG etc..
PHP, CGI, Perl, MySQL, Cpanel 9, POP3, POP3s, SMTP, IMAP, FTP,
http://www.orbitsl.net

Linux Help

[Kev]

Hi,

I'm new to Linux, so i'm paling to install a gateway, with the following,

1. Firewall
2. DNS
3. DHCP
4. SMTP (relay only)
5. Email Virus Scaning
6. Gray Listing (email)
7. NAT
8 Web Cashing
9. Web Based Configuration tool for all above.

can any one tell me the best Linux version to use, (RedHat, Debian, etc)
and the software i can use, like DNS = BIND, some thing simple to use...

the Box will be a P2 with 256MB ram but if i can get it to work on a P1
166Mhz that would be great....

thanks
Kev
------- 
Web Hosting at cheep price, stating at $1 per moth with your own domain, .COM, .NET, .LK, .ORG etc..
PHP, CGI, Perl, MySQL, Cpanel 9, POP3, POP3s, SMTP, IMAP, FTP,
http://www.orbitsl.net

-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: Linux Help

[James Miller]

On Mon, 19 Jul 2004, Kev wrote:

> I'm new to Linux, so i'm paling to install a gateway, with the following,
>
> 1. Firewall
> 2. DNS
> 3. DHCP
> 4. SMTP (relay only)
> 5. Email Virus Scaning
> 6. Gray Listing (email)
> 7. NAT
> 8 Web Cashing
> 9. Web Based Configuration tool for all above.
>
> can any one tell me the best Linux version to use, (RedHat, Debian, etc)
> and the software i can use, like DNS = BIND, some thing simple to use...
>
> the Box will be a P2 with 256MB ram but if i can get it to work on a P1
> 166Mhz that would be great....

You might take a look at Freesco, which could easily run on your P1.

James
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Linux Help

[Kev]

Hi,

I'm new to Linux, so i'm paling to install a gateway, with the following,

1. Firewall
2. DNS
3. DHCP
4. SMTP (relay only)
5. Email Virus Scaning
6. Gray Listing (email)
7. NAT
8 Web Cashing
9. Web Based Configuration tool for all above.

can any one tell me the best Linux version to use, (RedHat, Debian, etc)
and the software i can use, like DNS = BIND, some thing simple to use...

the Box will be a P2 with 256MB ram but if i can get it to work on a P1
166Mhz that would be great....

thanks
Kev
------- 
Web Hosting at cheep price, stating at $1 per moth with your own domain, .COM, .NET, .LK, .ORG etc..
PHP, CGI, Perl, MySQL, Cpanel 9, POP3, POP3s, SMTP, IMAP, FTP,
http://www.orbitsl.net

Re: Linux Help

[Jens Knoell]

Hi Kev

I won't recommend any specific distro, as that's pretty much a religious 
decision ;)

But...

Kev wrote:

>Hi,
>
>I'm new to Linux, so i'm paling to install a gateway, with the following,
>
>1. Firewall
>  
>
that's built into the Linux kernel, no matter what distro.

>2. DNS
>  
>
I'd go with Bind. There are others, but they've even been worse than 
Bind IMO. However, make sure it's configured as restrictive as possible 
- DNS has some protocol specific security issues.

>3. DHCP
>  
>
No idea

>4. SMTP (relay only)
>  
>
QMail or Sendmail should both do the job just fine. If you are only 
relaying anyway, you could however just set up SpamAssassin.

>5. Email Virus Scaning
>  
>
AMaViS

>6. Gray Listing (email)
>  
>
Errr... what?

>7. NAT
>  
>
Comes with the Linux kernel, it's more or less built into the firewall code.

>8 Web Cashing
>  
>
Squid

>9. Web Based Configuration tool for all above.
>  
>
Webmin (comes with most distros, AFAIK)

>the Box will be a P2 with 256MB ram but if i can get it to work on a P1
>166Mhz that would be great....
>  
>
Should work fine on a P1/166. Depends on how complex your firewall rules 
are, and the amout of mail you want to process. Mail Virus Scanning is 
rather CPU intensive.


Hope this helps
Jen

RE: Linux Help

[Rick Stubblebine]

On Mon, 19 Jul 2004, Kev wrote:

> I'm new to Linux, so i'm paling to install a gateway, with the 
> following,
>
> 1. Firewall
> 2. DNS
> 3. DHCP
> 4. SMTP (relay only)
> 5. Email Virus Scaning
> 6. Gray Listing (email)
> 7. NAT
> 8 Web Cashing
> 9. Web Based Configuration tool for all above.
>
> can any one tell me the best Linux version to use, (RedHat, Debian, 
> etc) and the software i can use, like DNS = BIND, some thing simple to

> use...
>
> the Box will be a P2 with 256MB ram but if i can get it to work on a 
> P1 166Mhz that would be great....

I use Clark Connect (RedHat based distro) to run my gateway and web
server.  I find it very flexible.  Another plus is it uses apt-get for
updates and installations.

Rick

Re: Linux Help

[Ray Olszewski]

Responses interspersed below.

At 11:09 PM 7/19/2004 +0600, Kev wrote:
>Hi,
>
>I'm new to Linux, so i'm paling to install a gateway, with the following,
>
>1. Firewall
>2. DNS
>3. DHCP
>4. SMTP (relay only)
>5. Email Virus Scaning
>6. Gray Listing (email)
>7. NAT
>8 Web Cashing
>9. Web Based Configuration tool for all above.
>
>can any one tell me the best Linux version to use, (RedHat, Debian, etc)

No. Or, put another way, everyone can tell you the "best" distro to use, 
but there will be no consensus among the answers.

One can easily argue pros and cons, strengths and weaknesses of particular 
distros, but in the end they are all quite similar. I favor Debian myself, 
but not because I have any illusion about its being "best" ... simply 
because I've used it for years and am used to its particular quirks. The 
folks who will recommend Slackware, or Red Hat, or Gentoo, or whatever, 
really have the same sorts of biases.

If you are really a rank beginner, the "best" distro for you is the one 
used by your friend who knows Linux and who will help you out when you get 
in a jam.

Whatever distro you use, though, there are two constants:

1. Use an up-to-date version.
2. Use whatever system it has for tracking and installing security updates.

There are specialized small distros, like LEAF (leaf.sourceforge.net) and 
Coyote (DK the URL), that are designed with firewalling in mind. But you 
want a bit more then they easilt provide ... your items 5, 6, 8, and maybe 
4 ... so you are right, I think, to be looking at full-strength distros.

One advantage I will note for Debian is that it is designed to be 
distributed for free. That means that all users get good support as regards 
security. (The concomitant downside is that there is no fallback to a paid 
system of tech support if you run into bigger problems than you can get 
free help for.) Commercial distros tend (not surprisingly) to offer better 
support to paying customers than to freeloaders. So if anyone recommends a 
commercial distro, you might want to ask if that person's experience is 
with a free or a paid version of the distro.

>and the software i can use, like DNS = BIND, some thing simple to use...

OK. Item by item ...

>1. Firewall

Firewalling capability is built into the Linux kernel, using (for modern 
kernels) iptables/netfilter. You may want a firewall configuration package 
to make setting your firewall up easier. The best known, and probably 
actual best, package is Shorewall (shorewall.sourceforge.net, I think, but 
you can Google it if my memory is wrong).

>2. DNS

The standard package for DNS is BIND (named). Small distros use other, 
specialized packages, like dnscache and tinydns, but they are sufficiently 
quirky that you'd do better to stay with the standard on any full-size distro.

>3. DHCP

Server or client?

If you want the host to assign IP addresses, and related info, to its LAN 
clients via DHCP, then it needs to run a server. dhcpd (DHCP Daemon) is the 
standard one for full-size distros. There is also the smaller udhcpd.

If yout router needs to get its IP Address, and related info, from your ISP 
using DHCP, then it needs to run a DHCP client. The common ones are pump, 
dhclient, dhcpcd, and udhcpc ... I know of no particular favorite among them.

>4. SMTP (relay only)

People get into fights over this one. The standard smtp servers for Linux 
distros include sendmail, smail, exim, and qmail. Debian uses exim by 
default, and I find it works well for me. You should probably use whatever 
your chosen distro's default is, or whatever your experienced friend uses.

I assume you mean by "relay only" then you expect the system to send mail, 
but not to receive it. That is, you will get your e-mail via POP or IMAP. 
If I've misunderstood you, you need to explain your meaning more clearly.

>5. Email Virus Scaning

I don't know of any packages that do this on Linux. Perhaps someone else 
can jump in here. (I did just search the Debian packae list, and I saw 
several possibilities there, but I'm not familiar with any of them in detail.)

In any case, what you do here depends on how you are receiving e-mail, and 
your "relay only" comment above leave me uncertain about what you want to 
accomplish.

>6. Gray Listing (email)

Please explain this one better. I'm used to grey lists working as part of 
an smtp aemon setup. But if you get your e-mail via POP or IMAP (again, 
that "relay only" comment leaves me at a loss), I don't know what you want 
"grey listing" to do.

>7. NAT

This is part of the iptables/netfilter code in the kernel. Setup packages 
like Shorewall will help you to configure it.

>8 Web Cashing

I'm a bit out of date here. The usual way to do this is with a caching (not 
"cashing") proxy server like junkbuster or squid. There are a lot of them 
around; squid is probably still the standard.

>9. Web Based Configuration tool for all above.

Good luck. One place where Linux is weak is on unified configuration 
systems of any sort, and Web-based ones in partcular. In any case, 
Web-based configuration requires Web access to the host, and you won't get 
that out of the box with any distro ... they all require some console-based 
setup, if only to assign the IP address to the internal interface.

>the Box will be a P2 with 256MB ram but if i can get it to work on a P1
>166Mhz that would be great....

Probably a P1 will serve ... at least if we are talking about typical 
connection speeds (an external interface between 100 Kbps and 1.5 Mbps) and 
a 100 Mbps LAN. Here, for example, I've used a 486 with 32 MB RAM as 
dedicated firewall for years. Just a NAT'ing firewall, though ... no SMTP 
relay or Web caching.

Issues that might arise for you are:

1. Complexity of the firewall ruleset. Longer rulesets take more time to 
scan, and every packet has to traverse them until it matches a rule (or 
reaches the end). This is likely to be a problem only with very complex 
rulesets and high traffic volume.

2. Size of the Web cache. More RAM will matter here more than CPU type and 
speed. And if you're caching to a hard disk, you'll want one with DMA 
support (standard on modern systems, but I don't know about old P1s).

3. The SMTP stuff. Since I don't have a clear understanding of your setup 
plans here, or the likely mail volumes, I cannot comment substantively.

4. NAT overload. A firewall can NAT only so many active connections at a 
time ... several thousand, but not an unlimited number. This is rarely a 
problem, and when it is, better hardware doesn't solve it. But it is a 
problem that Linux NAT'ing firewall users (actually, all NAT'ing firewall 
users) occasionally run into.


>thanks
>Kev
[advertising deleted]



-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: Linux Help

[Eric Bambach]

On Monday 19 July 2004 12:59 pm, Ray Olszewski wrote:
> Responses interspersed below.
>
> At 11:09 PM 7/19/2004 +0600, Kev wrote:
> >Hi,
> >
> >I'm new to Linux, so i'm paling to install a gateway, with the following,
> >
> >1. Firewall
> >2. DNS
> >3. DHCP
> >4. SMTP (relay only)
> >5. Email Virus Scaning
> >6. Gray Listing (email)
> >7. NAT
> >8 Web Cashing
> >9. Web Based Configuration tool for all above.
--Snip--
> Whatever distro you use, though, there are two constants:
>
> 1. Use an up-to-date version.
> 2. Use whatever system it has for tracking and installing security updates.
>

Agree.

> OK. Item by item ...
>

> >5. Email Virus Scaning
>
> I don't know of any packages that do this on Linux. Perhaps someone else
> can jump in here. (I did just search the Debian packae list, and I saw
> several possibilities there, but I'm not familiar with any of them in
> detail.)
>
> In any case, what you do here depends on how you are receiving e-mail, and
> your "relay only" comment above leave me uncertain about what you want to
> accomplish.

This is tough. How you chose to accomplish this will affect what SMTP/Mail 
client you choose. Ive seen some anti-viurs tools that only work with q-mail, 
or that only work with sendmail, or they work for one, but are extremely 
difficult to configure for another. My best advice, for tackling gray-listing 
and antivirus and an e-mail setup, look deeply into all three before you pick 
any one package. Eg. look at what qmail has to offer and the solutions for 
greylisting and antivirus, then check out sendmail etc. If you settle on any 
one mail package, then, as a novice, you might limit yourself too much on 
choosing a decent or compatible greylisting and antivirus solution.

> >6. Gray Listing (email)
>
> Please explain this one better. I'm used to grey lists working as part of
> an smtp aemon setup. But if you get your e-mail via POP or IMAP (again,
> that "relay only" comment leaves me at a loss), I don't know what you want
> "grey listing" to do.

Gerylisting solutions can be found here for various mail servers.

http://projects.puremagic.com/greylisting/links.html
 
> >8 Web Cashing
>
> I'm a bit out of date here. The usual way to do this is with a caching (not
> "cashing") proxy server like junkbuster or squid. There are a lot of them
> around; squid is probably still the standard.

Go with squid. It has a good default configuration and you will only need to 
change a few things to get it started on your network. That is the allow/deny 
lines i believe, and maybe set your cache directory.

> >9. Web Based Configuration tool for all above.
>
> Good luck. One place where Linux is weak is on unified configuration
> systems of any sort, and Web-based ones in partcular. In any case,
> Web-based configuration requires Web access to the host, and you won't get
> that out of the box with any distro ... they all require some console-based
> setup, if only to assign the IP address to the internal interface.

Look at Webmin. 
http://www.webmin.com/
Great web-tool that supports SSL, and third party modules to configure any 
type of daemon or system operation. Not quite a do-it-all-in-one-wonder tool 
all by itself, but its pretty darn good. Webmin can help you set up qmail, 
sendmail, squid, bind, dhcpd and more.

> >the Box will be a P2 with 256MB ram but if i can get it to work on a P1
> >166Mhz that would be great....
>
> Probably a P1 will serve ... at least if we are talking about typical
> connection speeds (an external interface between 100 Kbps and 1.5 Mbps) and
> a 100 Mbps LAN. Here, for example, I've used a 486 with 32 MB RAM as
> dedicated firewall for years. Just a NAT'ing firewall, though ... no SMTP
> relay or Web caching.
>
> Issues that might arise for you are:
>
> 1. Complexity of the firewall ruleset. Longer rulesets take more time to
> scan, and every packet has to traverse them until it matches a rule (or
> reaches the end). This is likely to be a problem only with very complex
> rulesets and high traffic volume.
>
> 2. Size of the Web cache. More RAM will matter here more than CPU type and
> speed. And if you're caching to a hard disk, you'll want one with DMA
> support (standard on modern systems, but I don't know about old P1s).

Pick up a cheap ( $20? ) PCI IDE card. Now they will support up to 133 MB/s 
and are supported esily by linux drivers.

-- 

-EB
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: Linux Help

[Art Wildman]

Kev wrote:
> I'm new to Linux, so i'm paling to install a gateway, with the following,
> 
> 1. Firewall
> 2. DNS
> 3. DHCP
> 4. SMTP (relay only)
> 5. Email Virus Scaning
> 6. Gray Listing (email)
> 7. NAT
> 8 Web Cashing
> 9. Web Based Configuration tool for all above.
> 
> can any one tell me the best Linux version to use, (RedHat, Debian, etc)
> and the software i can use, like DNS = BIND, some thing simple to use...
> 
> the Box will be a P2 with 256MB ram but if i can get it to work on a P1
> 166Mhz that would be great....

You'll get 10 different answers to the distro question. I suggest you 
research the individual documentation and packages you need & decide 
which is best supported for you application. I have found the major 
distros to have the best documentation, and have used RedHat/Fedora for 
many years. Debian, Suse, Mandrake, and Gentoo have their stong points 
as well. As long as you disable Xwindows, you should be able to setup a 
minimal mail-server on that hardware, debian may be your best bet for this.

Here are some links to get your started...

Shorewall, IPCop, IPtables Firewall Scripts
http://shorewall.sourceforge.net/
http://www.ipcop.org/cgi-bin/twiki/view/IPCop/WebHome
http://www.linuxguruz.org/iptables/
http://www.liniac.upenn.edu/sysadmin/security/iptables.html

DNS - The Name Service HOWTO
http://www.cryptnet.net/fdp/admin/nameservice.html
http://www.rscott.org/dns/
http://bind8nt.meiway.com/itsaDNSmess.cfm

RH9 Customization Guide: Dynamic Host Configuration Protocol (DHCP)
<http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-dhcp-configuring-server.html>

Postfix
http://www.postfix.org/
http://www.postfix.org/STANDARD_CONFIGURATION_README.html#intranet
LJ: Using Postfix for Secure SMTP Gateways
http://www.linuxjournal.com/article.php?sid=4241

Linux-sec.net: Mail/AntiSpam
http://www.linux-sec.net/Mail/AntiSpam/

Configuring a mail server with 
Postfix-Procmail-Fetchmail-SpamAssassin-ClamAV-Courier IMAP
http://www.jennings.homelinux.net/mailserver_config.html

Squid & Squidguard
http://www.tldp.org/HOWTO/TransparentProxy-4.html
http://www.unixreview.com/documents/s=8989/sam0402c/

AntiVirus
http://www.clamav.net
http://www.amavis.org
http://drivel.com/clamassassin
http://sourceforge.net/projects/klamav/

Webmin
http://www.webmin.com/webmin/

http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/
http://www.tldp.org/HOWTO/HOWTO-INDEX/howtos.html

--
Art Wildman/ITO - art.wildman@noaa.gov
National Weather Service Office (WFO-JAX)
http://www.srh.noaa.gov/jax
"The contents of this message are mine personally, and
do not reflect any position of the Government, NOAA or NWS."

Re[2]: Linux Help

[Kev]

wow thanks for the links.... they are really help full.............


On Mon, 19 Jul 2004 15:46:14 -0400
"Art Wildman" <Art.Wildman@noaa.gov> wrote:

> Kev wrote:
> > I'm new to Linux, so i'm paling to install a gateway, with the following,
> > 
> > 1. Firewall
> > 2. DNS
> > 3. DHCP
> > 4. SMTP (relay only)
> > 5. Email Virus Scaning
> > 6. Gray Listing (email)
> > 7. NAT
> > 8 Web Cashing
> > 9. Web Based Configuration tool for all above.
> > 
> > can any one tell me the best Linux version to use, (RedHat, Debian, etc)
> > and the software i can use, like DNS = BIND, some thing simple to use...
> > 
> > the Box will be a P2 with 256MB ram but if i can get it to work on a P1
> > 166Mhz that would be great....
> 
> You'll get 10 different answers to the distro question. I suggest you 
> research the individual documentation and packages you need & decide 
> which is best supported for you application. I have found the major 
> distros to have the best documentation, and have used RedHat/Fedora for 
> many years. Debian, Suse, Mandrake, and Gentoo have their stong points 
> as well. As long as you disable Xwindows, you should be able to setup a 
> minimal mail-server on that hardware, debian may be your best bet for this.
> 
> Here are some links to get your started...
> 
> Shorewall, IPCop, IPtables Firewall Scripts
> http://shorewall.sourceforge.net/
> http://www.ipcop.org/cgi-bin/twiki/view/IPCop/WebHome
> http://www.linuxguruz.org/iptables/
> http://www.liniac.upenn.edu/sysadmin/security/iptables.html
> 
> DNS - The Name Service HOWTO
> http://www.cryptnet.net/fdp/admin/nameservice.html
> http://www.rscott.org/dns/
> http://bind8nt.meiway.com/itsaDNSmess.cfm
> 
> RH9 Customization Guide: Dynamic Host Configuration Protocol (DHCP)
> <http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-dhcp-configuring-server.html>
> 
> Postfix
> http://www.postfix.org/
> http://www.postfix.org/STANDARD_CONFIGURATION_README.html#intranet
> LJ: Using Postfix for Secure SMTP Gateways
> http://www.linuxjournal.com/article.php?sid=4241
> 
> Linux-sec.net: Mail/AntiSpam
> http://www.linux-sec.net/Mail/AntiSpam/
> 
> Configuring a mail server with 
> Postfix-Procmail-Fetchmail-SpamAssassin-ClamAV-Courier IMAP
> http://www.jennings.homelinux.net/mailserver_config.html
> 
> Squid & Squidguard
> http://www.tldp.org/HOWTO/TransparentProxy-4.html
> http://www.unixreview.com/documents/s=8989/sam0402c/
> 
> AntiVirus
> http://www.clamav.net
> http://www.amavis.org
> http://drivel.com/clamassassin
> http://sourceforge.net/projects/klamav/
> 
> Webmin
> http://www.webmin.com/webmin/
> 
> http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/
> http://www.tldp.org/HOWTO/HOWTO-INDEX/howtos.html
> 
> --
> Art Wildman/ITO - art.wildman@noaa.gov
> National Weather Service Office (WFO-JAX)
> http://www.srh.noaa.gov/jax
> "The contents of this message are mine personally, and
> do not reflect any position of the Government, NOAA or NWS."
> 

------- 
Web Hosting at cheep price, stating at $1 per moth with your own domain, .COM, .NET, .LK, .ORG etc..
PHP, CGI, Perl, MySQL, Cpanel 9, POP3, POP3s, SMTP, IMAP, FTP,
http://www.orbitsl.net

Re: Linux Help

[Skylar Thompson]

[-- Attachment #1: Type: text/plain, Size: 3171 bytes --]

On Mon, Jul 19, 2004 at 10:50:07PM +0600, Kev wrote:
> Hi,
> 
> I'm new to Linux, so i'm paling to install a gateway, with the following,
> 
> 1. Firewall

On Linux, your choices are pretty limited: ipchains or iptables. On a new
installation, I can see of no reason not to go with iptables.

> 2. DNS

Without more information, I'd say BIND 9 (http://www.isc.org/sw/bind/).
It's stable, secure, and full of nice features.

> 3. DHCP

Again, without more information, the obvious choice is ISC-DHCP 3
(http://www.isc.org/sw/dhcp/).

> 4. SMTP (relay only)

Here you've got lots of options. I personally maintain Sendmail
(http://www.sendmail.org) on a variety of platforms (OS/2, Red Hat Linux,
Debian GNU/Linux, Solaris, FreeBSD, and NetBSD) and find it to be full of
features, but a real PITA when it comes to debugging. Since all you want to
do is relay, and for reasons I'll explain in the next point, I'm going to
recommend Exim (http://www.exim.org).

> 5. Email Virus Scaning

If all you are doing is virus scanning, I'd suggest using ClamAV
(http://www.clamav.net). To avoid needing to use a milter (I can't recall
whether Exim supports milters), I'd highly recommend MailScanner
(http://wwww.mailscanner.info). It uses a two-queue solution that obviates
the need for milters, and in my experience increases mail throughput by as
much as 10x compared to milters. It can be easily setup to call a spam
filter such as SpamAssassin (http://www.spamassassin.org) and a virus
scanner such as ClamAV (http://www.clamav.net).

> 6. Gray Listing (email)

SpamAssassin or MailScanner can do this.

> 7. NAT

This is done with iptables.

> 8 Web Cashing

Squid (http://www.squid-cache.org) is the best one I've used. I use it on a
NetBSD box in front of a cable connection to do transparent proxying, and
it works marvelously.

> 9. Web Based Configuration tool for all above.

Definitely Webmin (http://www.webmin.com).
 
> can any one tell me the best Linux version to use, (RedHat, Debian, etc)
> and the software i can use, like DNS = BIND, some thing simple to use...
 

While I've been a devout Red Hat user for years, I've been shying away from
Red Hat on new installs because they've been moving away from personal
users and concentrating almost exclusively on the commercial customers.
Fedora isn't (and wasn't intended to be) as well-polished as Red Hat 9, so
I'd go with Debian. It has a large user and developer base, so it's not
going south any time soon.

> the Box will be a P2 with 256MB ram but if i can get it to work on a P1
> 166Mhz that would be great....

Especially for mail filtering, you're going to want as much CPU power and
RAM as you can throw at it. Go SMP if you can. You might even want to run
that P1 for DHCP, DNS routing if you can, so that those services don't get
slowed down significantly if you suddenly get a huge spike in mail traffic.
Web caching benefits from having as much RAM and hard drive space as
possible, but CPU power isn't as much of a concern for it.

-- 
-- Skylar Thompson (skylar@cs.earlham.edu)
-- http://www.cs.earlham.edu/~skylar/

[-- Attachment #2: Type: application/pgp-signature, Size: 187 bytes --]

Re[2]: Linux Help

[Kev]

now i'm going with Debian

if i install minum installation of debian and i can install other things by downloading them (Sendmail, Squid etc) ?



On Mon, 19 Jul 2004 21:59:02 -0500
Skylar Thompson <skylar@cs.earlham.edu> wrote:

> On Mon, Jul 19, 2004 at 10:50:07PM +0600, Kev wrote:
> > Hi,
> > 
> > I'm new to Linux, so i'm paling to install a gateway, with the following,
> > 
> > 1. Firewall
> 
> On Linux, your choices are pretty limited: ipchains or iptables. On a new
> installation, I can see of no reason not to go with iptables.
> 
> > 2. DNS
> 
> Without more information, I'd say BIND 9 (http://www.isc.org/sw/bind/).
> It's stable, secure, and full of nice features.
> 
> > 3. DHCP
> 
> Again, without more information, the obvious choice is ISC-DHCP 3
> (http://www.isc.org/sw/dhcp/).
> 
> > 4. SMTP (relay only)
> 
> Here you've got lots of options. I personally maintain Sendmail
> (http://www.sendmail.org) on a variety of platforms (OS/2, Red Hat Linux,
> Debian GNU/Linux, Solaris, FreeBSD, and NetBSD) and find it to be full of
> features, but a real PITA when it comes to debugging. Since all you want to
> do is relay, and for reasons I'll explain in the next point, I'm going to
> recommend Exim (http://www.exim.org).
> 
> > 5. Email Virus Scaning
> 
> If all you are doing is virus scanning, I'd suggest using ClamAV
> (http://www.clamav.net). To avoid needing to use a milter (I can't recall
> whether Exim supports milters), I'd highly recommend MailScanner
> (http://wwww.mailscanner.info). It uses a two-queue solution that obviates
> the need for milters, and in my experience increases mail throughput by as
> much as 10x compared to milters. It can be easily setup to call a spam
> filter such as SpamAssassin (http://www.spamassassin.org) and a virus
> scanner such as ClamAV (http://www.clamav.net).
> 
> > 6. Gray Listing (email)
> 
> SpamAssassin or MailScanner can do this.
> 
> > 7. NAT
> 
> This is done with iptables.
> 
> > 8 Web Cashing
> 
> Squid (http://www.squid-cache.org) is the best one I've used. I use it on a
> NetBSD box in front of a cable connection to do transparent proxying, and
> it works marvelously.
> 
> > 9. Web Based Configuration tool for all above.
> 
> Definitely Webmin (http://www.webmin.com).
>  
> > can any one tell me the best Linux version to use, (RedHat, Debian, etc)
> > and the software i can use, like DNS = BIND, some thing simple to use...
>  
> 
> While I've been a devout Red Hat user for years, I've been shying away from
> Red Hat on new installs because they've been moving away from personal
> users and concentrating almost exclusively on the commercial customers.
> Fedora isn't (and wasn't intended to be) as well-polished as Red Hat 9, so
> I'd go with Debian. It has a large user and developer base, so it's not
> going south any time soon.
> 
> > the Box will be a P2 with 256MB ram but if i can get it to work on a P1
> > 166Mhz that would be great....
> 
> Especially for mail filtering, you're going to want as much CPU power and
> RAM as you can throw at it. Go SMP if you can. You might even want to run
> that P1 for DHCP, DNS routing if you can, so that those services don't get
> slowed down significantly if you suddenly get a huge spike in mail traffic.
> Web caching benefits from having as much RAM and hard drive space as
> possible, but CPU power isn't as much of a concern for it.
> 
> -- 
> -- Skylar Thompson (skylar@cs.earlham.edu)
> -- http://www.cs.earlham.edu/~skylar/

------- 
Web Hosting at cheep price, stating at $1 per moth with your own domain, .COM, .NET, .LK, .ORG etc..
PHP, CGI, Perl, MySQL, Cpanel 9, POP3, POP3s, SMTP, IMAP, FTP,
http://www.orbitsl.net

Re: Linux Help

[Skylar Thompson]

[-- Attachment #1: Type: text/plain, Size: 776 bytes --]

On Tue, Jul 20, 2004 at 09:27:04AM +0600, Kev wrote:
> now i'm going with Debian
> 
> if i install minum installation of debian and i can install other things by downloading them (Sendmail, Squid etc) ?

apt-get is probably one of the coolest features of Debian. It will download
any packages you need, along with all their dependencies. The days of
hunting for huge dependency trees of RPMs are over. Do an "apt-cache search
<string>" to figure what the package name is called, and then do "apt-get
install <package-name>" to install it. A lot of the configuration is
automated through dialogs, so almost everything should be pretty easy. Let
me know if you need any help.

-- 
-- Skylar Thompson (skylar@cs.earlham.edu)
-- http://www.cs.earlham.edu/~skylar/

[-- Attachment #2: Type: application/pgp-signature, Size: 187 bytes --]

Re[2]: Linux Help

[Kev]

thanks a lot,

i got it on a p1 133mhz but having some prob on the PC it cant detect my 10GB HDD :(



On Mon, 19 Jul 2004 23:23:25 -0500
Skylar Thompson <skylar@cs.earlham.edu> wrote:

> On Tue, Jul 20, 2004 at 09:27:04AM +0600, Kev wrote:
> > now i'm going with Debian
> > 
> > if i install minum installation of debian and i can install other things by downloading them (Sendmail, Squid etc) ?
> 
> apt-get is probably one of the coolest features of Debian. It will download
> any packages you need, along with all their dependencies. The days of
> hunting for huge dependency trees of RPMs are over. Do an "apt-cache search
> <string>" to figure what the package name is called, and then do "apt-get
> install <package-name>" to install it. A lot of the configuration is
> automated through dialogs, so almost everything should be pretty easy. Let
> me know if you need any help.
> 
> -- 
> -- Skylar Thompson (skylar@cs.earlham.edu)
> -- http://www.cs.earlham.edu/~skylar/

------- 
Web Hosting at cheep price, stating at $1 per moth with your own domain, .COM, .NET, .LK, .ORG etc..
PHP, CGI, Perl, MySQL, Cpanel 9, POP3, POP3s, SMTP, IMAP, FTP,
http://www.orbitsl.net

Re: Linux Help

[chuck gelm]

Uh, I like bottom posting and removing unnecessary lines.
Kev wrote:
> I have installed Debina with out my LAN cards (Realtec) i did add the
> cards after the Denian installation, now i cant seem to get Debian to
> detect them :(

What did you do and how did it fail?

Rheorical:

  How does hardware detection fall into administration?
  I would have posted this topic on linux-newbie.

> On Tue, 20 Jul 2004 18:42:44 +0200
> Sascha Retzki <lantis@iqranet.info> wrote:

>>--> Am Di, 2004-07-20 um 18.27 schrieb Kev:
>>--> > how can you make Debian Detect hardware after the installation ?
>>--> 
>>--> This question is ( among many other debian-specific questions ) covered
>>--> by their documentations, but ok :)

>>--> "detect" hardware .. hm .. first of, /etc/modules is a
>>--> one-modulename-per-line file is loaded at boottime, so this is the place
>>--> where you put the module-names in ( without the path or the .o ). The
>>--> detection is imho manually done with debian. Tip is to use modprobe
>>--> instead of isnmod to load dependencies of modules, use lspci -v to find
>>--> out all pci/Isa/... adapters and chipnames in your computer ... . Linux
>>--> module-names are named after chipsetname, not that what the vendor tries
>>--> to tell you on the cage ;) ... .

modprobe 8139too

HTH, Chuck

Re: Linux Help

[joy]

Sascha Retzki wrote:

>Am Di, 2004-07-20 um 17.20 schrieb Kev:
>  
>
>>Hi guys...
>>
>>i'm going to do the follwing as a 1st step,
>>
>>i got a Debian 3 (woody) basic 1 CD and i'm going to have postfix as the
>>SMTP relay.... the BOX is a Cyrix 233Mhz with 64MB ram, (Compaq Presario)
>>4GB HDD with 2 Lan Cards
>>
>>i'm going to install Webmin 1.5, and also DHCP for Debian that comes
>>with Debian (on the web site) 
>>
>>do you gusy thing i can do this with a basic Debian instalation or
>>should i download all other CD's from the site ? 
>>    
>>
>
>I think so, firewall, dns, dhcp, smtp, squid should really be there.
>
>  
>
How about Courier for the smtp part?
As Kev said a web based config would be nice and courier  comes with
courier  webadmin - nice thing to get your setup up and running.
and it some graylisting facilities as well

Joy.M.M

Linux help on show strucuture of share lib.

[Dayong Gu]

Hi, experts:

Is there any command or uility we can use to show the exact structure of a
share lib on Linux?

I want to know the exact location(offset) of functions ,symbols etc in share
lib, and also in
Linux executable.

I know on AIX we can use a cmd like "dump" to do this thing.

Thanks !
Cheers,
Dayong