Linux Help

Linux Help

[Kev]

Hi,

I'm new to Linux, so i'm paling to install a gateway, with the following,

1. Firewall
2. DNS
3. DHCP
4. SMTP (relay only)
5. Email Virus Scaning
6. Gray Listing (email)
7. NAT
8 Web Cashing
9. Web Based Configuration tool for all above.

can any one tell me the best Linux version to use, (RedHat, Debian, etc)
and the software i can use, like DNS = BIND, some thing simple to use...

the Box will be a P2 with 256MB ram but if i can get it to work on a P1
166Mhz that would be great....

thanks
Kev

------- 
Web Hosting at cheep price, stating at $1 per moth with your own domain, .COM, .NET, .LK, .ORG etc..
PHP, CGI, Perl, MySQL, Cpanel 9, POP3, POP3s, SMTP, IMAP, FTP,
http://www.orbitsl.net

Linux Help

[Kev]

Hi,

I'm new to Linux, so i'm paling to install a gateway, with the following,

1. Firewall
2. DNS
3. DHCP
4. SMTP (relay only)
5. Email Virus Scaning
6. Gray Listing (email)
7. NAT
8 Web Cashing
9. Web Based Configuration tool for all above.

can any one tell me the best Linux version to use, (RedHat, Debian, etc)
and the software i can use, like DNS = BIND, some thing simple to use...

the Box will be a P2 with 256MB ram but if i can get it to work on a P1
166Mhz that would be great....

thanks
Kev
------- 
Web Hosting at cheep price, stating at $1 per moth with your own domain, .COM, .NET, .LK, .ORG etc..
PHP, CGI, Perl, MySQL, Cpanel 9, POP3, POP3s, SMTP, IMAP, FTP,
http://www.orbitsl.net

-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: Linux Help

[James Miller]

On Mon, 19 Jul 2004, Kev wrote:

> I'm new to Linux, so i'm paling to install a gateway, with the following,
>
> 1. Firewall
> 2. DNS
> 3. DHCP
> 4. SMTP (relay only)
> 5. Email Virus Scaning
> 6. Gray Listing (email)
> 7. NAT
> 8 Web Cashing
> 9. Web Based Configuration tool for all above.
>
> can any one tell me the best Linux version to use, (RedHat, Debian, etc)
> and the software i can use, like DNS = BIND, some thing simple to use...
>
> the Box will be a P2 with 256MB ram but if i can get it to work on a P1
> 166Mhz that would be great....

You might take a look at Freesco, which could easily run on your P1.

James
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Linux Help

[Kev]

Hi,

I'm new to Linux, so i'm paling to install a gateway, with the following,

1. Firewall
2. DNS
3. DHCP
4. SMTP (relay only)
5. Email Virus Scaning
6. Gray Listing (email)
7. NAT
8 Web Cashing
9. Web Based Configuration tool for all above.

can any one tell me the best Linux version to use, (RedHat, Debian, etc)
and the software i can use, like DNS = BIND, some thing simple to use...

the Box will be a P2 with 256MB ram but if i can get it to work on a P1
166Mhz that would be great....

thanks
Kev
------- 
Web Hosting at cheep price, stating at $1 per moth with your own domain, .COM, .NET, .LK, .ORG etc..
PHP, CGI, Perl, MySQL, Cpanel 9, POP3, POP3s, SMTP, IMAP, FTP,
http://www.orbitsl.net

Re: Linux Help

[Jens Knoell]

Hi Kev

I won't recommend any specific distro, as that's pretty much a religious 
decision ;)

But...

Kev wrote:

>Hi,
>
>I'm new to Linux, so i'm paling to install a gateway, with the following,
>
>1. Firewall
>  
>
that's built into the Linux kernel, no matter what distro.

>2. DNS
>  
>
I'd go with Bind. There are others, but they've even been worse than 
Bind IMO. However, make sure it's configured as restrictive as possible 
- DNS has some protocol specific security issues.

>3. DHCP
>  
>
No idea

>4. SMTP (relay only)
>  
>
QMail or Sendmail should both do the job just fine. If you are only 
relaying anyway, you could however just set up SpamAssassin.

>5. Email Virus Scaning
>  
>
AMaViS

>6. Gray Listing (email)
>  
>
Errr... what?

>7. NAT
>  
>
Comes with the Linux kernel, it's more or less built into the firewall code.

>8 Web Cashing
>  
>
Squid

>9. Web Based Configuration tool for all above.
>  
>
Webmin (comes with most distros, AFAIK)

>the Box will be a P2 with 256MB ram but if i can get it to work on a P1
>166Mhz that would be great....
>  
>
Should work fine on a P1/166. Depends on how complex your firewall rules 
are, and the amout of mail you want to process. Mail Virus Scanning is 
rather CPU intensive.


Hope this helps
Jen

RE: Linux Help

[Rick Stubblebine]

On Mon, 19 Jul 2004, Kev wrote:

> I'm new to Linux, so i'm paling to install a gateway, with the 
> following,
>
> 1. Firewall
> 2. DNS
> 3. DHCP
> 4. SMTP (relay only)
> 5. Email Virus Scaning
> 6. Gray Listing (email)
> 7. NAT
> 8 Web Cashing
> 9. Web Based Configuration tool for all above.
>
> can any one tell me the best Linux version to use, (RedHat, Debian, 
> etc) and the software i can use, like DNS = BIND, some thing simple to

> use...
>
> the Box will be a P2 with 256MB ram but if i can get it to work on a 
> P1 166Mhz that would be great....

I use Clark Connect (RedHat based distro) to run my gateway and web
server.  I find it very flexible.  Another plus is it uses apt-get for
updates and installations.

Rick

Re[2]: Linux Help

[Kev]

wow, thanks for the comple info....

>--> >6. Gray Listing (email)
>--> Errr... what?

Greylisting (www.greylisting.org) is a new technique to slow the spread of spam, The
technique simply delays the mail 300 seconds and forced the original
mail server to attempt redelivery.  Spammers will generally never
attempt redelivery so their mail messages will not get through.  Once
the greylisting process is complete future email messages from the
usernames/ip will immediately be delivered to the destination.




On Mon, 19 Jul 2004 11:46:13 -0600
Jens Knoell <jens@surefoot.com> wrote:

>--> Hi Kev
>--> 
>--> I won't recommend any specific distro, as that's pretty much a religious 
>--> decision ;)
>--> 
>--> But...
>--> 
>--> Kev wrote:
>--> 
>--> >Hi,
>--> >
>--> >I'm new to Linux, so i'm paling to install a gateway, with the following,
>--> >
>--> >1. Firewall
>--> >  
>--> >
>--> that's built into the Linux kernel, no matter what distro.
>--> 
>--> >2. DNS
>--> >  
>--> >
>--> I'd go with Bind. There are others, but they've even been worse than 
>--> Bind IMO. However, make sure it's configured as restrictive as possible 
>--> - DNS has some protocol specific security issues.
>--> 
>--> >3. DHCP
>--> >  
>--> >
>--> No idea
>--> 
>--> >4. SMTP (relay only)
>--> >  
>--> >
>--> QMail or Sendmail should both do the job just fine. If you are only 
>--> relaying anyway, you could however just set up SpamAssassin.
>--> 
>--> >5. Email Virus Scaning
>--> >  
>--> >
>--> AMaViS
>--> 
>--> >6. Gray Listing (email)
>--> >  
>--> >
>--> Errr... what?
>--> 
>--> >7. NAT
>--> >  
>--> >
>--> Comes with the Linux kernel, it's more or less built into the firewall code.
>--> 
>--> >8 Web Cashing
>--> >  
>--> >
>--> Squid
>--> 
>--> >9. Web Based Configuration tool for all above.
>--> >  
>--> >
>--> Webmin (comes with most distros, AFAIK)
>--> 
>--> >the Box will be a P2 with 256MB ram but if i can get it to work on a P1
>--> >166Mhz that would be great....
>--> >  
>--> >
>--> Should work fine on a P1/166. Depends on how complex your firewall rules 
>--> are, and the amout of mail you want to process. Mail Virus Scanning is 
>--> rather CPU intensive.
>--> 
>--> 
>--> Hope this helps
>--> Jen
>--> -
>--> To unsubscribe from this list: send the line "unsubscribe linux-admin" in
>--> the body of a message to majordomo@vger.kernel.org
>--> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>--> 

------- 
Web Hosting at cheep price, stating at $1 per moth with your own domain, .COM, .NET, .LK, .ORG etc..
PHP, CGI, Perl, MySQL, Cpanel 9, POP3, POP3s, SMTP, IMAP, FTP,
http://www.orbitsl.net

Re: Linux Help

[Ray Olszewski]

Responses interspersed below.

At 11:09 PM 7/19/2004 +0600, Kev wrote:
>Hi,
>
>I'm new to Linux, so i'm paling to install a gateway, with the following,
>
>1. Firewall
>2. DNS
>3. DHCP
>4. SMTP (relay only)
>5. Email Virus Scaning
>6. Gray Listing (email)
>7. NAT
>8 Web Cashing
>9. Web Based Configuration tool for all above.
>
>can any one tell me the best Linux version to use, (RedHat, Debian, etc)

No. Or, put another way, everyone can tell you the "best" distro to use, 
but there will be no consensus among the answers.

One can easily argue pros and cons, strengths and weaknesses of particular 
distros, but in the end they are all quite similar. I favor Debian myself, 
but not because I have any illusion about its being "best" ... simply 
because I've used it for years and am used to its particular quirks. The 
folks who will recommend Slackware, or Red Hat, or Gentoo, or whatever, 
really have the same sorts of biases.

If you are really a rank beginner, the "best" distro for you is the one 
used by your friend who knows Linux and who will help you out when you get 
in a jam.

Whatever distro you use, though, there are two constants:

1. Use an up-to-date version.
2. Use whatever system it has for tracking and installing security updates.

There are specialized small distros, like LEAF (leaf.sourceforge.net) and 
Coyote (DK the URL), that are designed with firewalling in mind. But you 
want a bit more then they easilt provide ... your items 5, 6, 8, and maybe 
4 ... so you are right, I think, to be looking at full-strength distros.

One advantage I will note for Debian is that it is designed to be 
distributed for free. That means that all users get good support as regards 
security. (The concomitant downside is that there is no fallback to a paid 
system of tech support if you run into bigger problems than you can get 
free help for.) Commercial distros tend (not surprisingly) to offer better 
support to paying customers than to freeloaders. So if anyone recommends a 
commercial distro, you might want to ask if that person's experience is 
with a free or a paid version of the distro.

>and the software i can use, like DNS = BIND, some thing simple to use...

OK. Item by item ...

>1. Firewall

Firewalling capability is built into the Linux kernel, using (for modern 
kernels) iptables/netfilter. You may want a firewall configuration package 
to make setting your firewall up easier. The best known, and probably 
actual best, package is Shorewall (shorewall.sourceforge.net, I think, but 
you can Google it if my memory is wrong).

>2. DNS

The standard package for DNS is BIND (named). Small distros use other, 
specialized packages, like dnscache and tinydns, but they are sufficiently 
quirky that you'd do better to stay with the standard on any full-size distro.

>3. DHCP

Server or client?

If you want the host to assign IP addresses, and related info, to its LAN 
clients via DHCP, then it needs to run a server. dhcpd (DHCP Daemon) is the 
standard one for full-size distros. There is also the smaller udhcpd.

If yout router needs to get its IP Address, and related info, from your ISP 
using DHCP, then it needs to run a DHCP client. The common ones are pump, 
dhclient, dhcpcd, and udhcpc ... I know of no particular favorite among them.

>4. SMTP (relay only)

People get into fights over this one. The standard smtp servers for Linux 
distros include sendmail, smail, exim, and qmail. Debian uses exim by 
default, and I find it works well for me. You should probably use whatever 
your chosen distro's default is, or whatever your experienced friend uses.

I assume you mean by "relay only" then you expect the system to send mail, 
but not to receive it. That is, you will get your e-mail via POP or IMAP. 
If I've misunderstood you, you need to explain your meaning more clearly.

>5. Email Virus Scaning

I don't know of any packages that do this on Linux. Perhaps someone else 
can jump in here. (I did just search the Debian packae list, and I saw 
several possibilities there, but I'm not familiar with any of them in detail.)

In any case, what you do here depends on how you are receiving e-mail, and 
your "relay only" comment above leave me uncertain about what you want to 
accomplish.

>6. Gray Listing (email)

Please explain this one better. I'm used to grey lists working as part of 
an smtp aemon setup. But if you get your e-mail via POP or IMAP (again, 
that "relay only" comment leaves me at a loss), I don't know what you want 
"grey listing" to do.

>7. NAT

This is part of the iptables/netfilter code in the kernel. Setup packages 
like Shorewall will help you to configure it.

>8 Web Cashing

I'm a bit out of date here. The usual way to do this is with a caching (not 
"cashing") proxy server like junkbuster or squid. There are a lot of them 
around; squid is probably still the standard.

>9. Web Based Configuration tool for all above.

Good luck. One place where Linux is weak is on unified configuration 
systems of any sort, and Web-based ones in partcular. In any case, 
Web-based configuration requires Web access to the host, and you won't get 
that out of the box with any distro ... they all require some console-based 
setup, if only to assign the IP address to the internal interface.

>the Box will be a P2 with 256MB ram but if i can get it to work on a P1
>166Mhz that would be great....

Probably a P1 will serve ... at least if we are talking about typical 
connection speeds (an external interface between 100 Kbps and 1.5 Mbps) and 
a 100 Mbps LAN. Here, for example, I've used a 486 with 32 MB RAM as 
dedicated firewall for years. Just a NAT'ing firewall, though ... no SMTP 
relay or Web caching.

Issues that might arise for you are:

1. Complexity of the firewall ruleset. Longer rulesets take more time to 
scan, and every packet has to traverse them until it matches a rule (or 
reaches the end). This is likely to be a problem only with very complex 
rulesets and high traffic volume.

2. Size of the Web cache. More RAM will matter here more than CPU type and 
speed. And if you're caching to a hard disk, you'll want one with DMA 
support (standard on modern systems, but I don't know about old P1s).

3. The SMTP stuff. Since I don't have a clear understanding of your setup 
plans here, or the likely mail volumes, I cannot comment substantively.

4. NAT overload. A firewall can NAT only so many active connections at a 
time ... several thousand, but not an unlimited number. This is rarely a 
problem, and when it is, better hardware doesn't solve it. But it is a 
problem that Linux NAT'ing firewall users (actually, all NAT'ing firewall 
users) occasionally run into.


>thanks
>Kev
[advertising deleted]



-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: Re[2]: Linux Help

[Adam Lang]

You do realize that on the site you just linked, they have a big link on the
left named "implementations"?  You could have answered your own question. ;)

----- Original Message ----- 
From: "Kev" <savage-garden@hanikamail.com>
To: "Jens Knoell" <jens@surefoot.com>
Cc: <linux-admin@vger.kernel.org>
Sent: Monday, July 19, 2004 1:53 PM
Subject: Re[2]: Linux Help


> wow, thanks for the comple info....
>
> >--> >6. Gray Listing (email)
> >--> Errr... what?
>
> Greylisting (www.greylisting.org) is a new technique to slow the spread of
spam, The
> technique simply delays the mail 300 seconds and forced the original
> mail server to attempt redelivery.  Spammers will generally never
> attempt redelivery so their mail messages will not get through.  Once
> the greylisting process is complete future email messages from the
> usernames/ip will immediately be delivered to the destination.

Re[4]: Linux Help

[Kev]

>--> You do realize that on the site you just linked, they have a big link on the
>--> left named "implementations"?  You could have answered your own question. ;)

hehehe.... i know 

i was just saying what i will be running on the server, i was asking if
i can run all that on a P1/166Mhz


On Mon, 19 Jul 2004 14:02:24 -0400
"Adam Lang" <aalang@rutgersinsurance.com> wrote:

>--> You do realize that on the site you just linked, they have a big link on the
>--> left named "implementations"?  You could have answered your own question. ;)
>--> 
>--> ----- Original Message ----- 
>--> From: "Kev" <savage-garden@hanikamail.com>
>--> To: "Jens Knoell" <jens@surefoot.com>
>--> Cc: <linux-admin@vger.kernel.org>
>--> Sent: Monday, July 19, 2004 1:53 PM
>--> Subject: Re[2]: Linux Help
>--> 
>--> 
>--> > wow, thanks for the comple info....
>--> >
>--> > >--> >6. Gray Listing (email)
>--> > >--> Errr... what?
>--> >
>--> > Greylisting (www.greylisting.org) is a new technique to slow the spread of
>--> spam, The
>--> > technique simply delays the mail 300 seconds and forced the original
>--> > mail server to attempt redelivery.  Spammers will generally never
>--> > attempt redelivery so their mail messages will not get through.  Once
>--> > the greylisting process is complete future email messages from the
>--> > usernames/ip will immediately be delivered to the destination.
>--> 
>--> -
>--> To unsubscribe from this list: send the line "unsubscribe linux-admin" in
>--> the body of a message to majordomo@vger.kernel.org
>--> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>--> 

------- 
Web Hosting at cheep price, stating at $1 per moth with your own domain, .COM, .NET, .LK, .ORG etc..
PHP, CGI, Perl, MySQL, Cpanel 9, POP3, POP3s, SMTP, IMAP, FTP,
http://www.orbitsl.net

Re: Linux Help

[Eric Bambach]

On Monday 19 July 2004 12:59 pm, Ray Olszewski wrote:
> Responses interspersed below.
>
> At 11:09 PM 7/19/2004 +0600, Kev wrote:
> >Hi,
> >
> >I'm new to Linux, so i'm paling to install a gateway, with the following,
> >
> >1. Firewall
> >2. DNS
> >3. DHCP
> >4. SMTP (relay only)
> >5. Email Virus Scaning
> >6. Gray Listing (email)
> >7. NAT
> >8 Web Cashing
> >9. Web Based Configuration tool for all above.
--Snip--
> Whatever distro you use, though, there are two constants:
>
> 1. Use an up-to-date version.
> 2. Use whatever system it has for tracking and installing security updates.
>

Agree.

> OK. Item by item ...
>

> >5. Email Virus Scaning
>
> I don't know of any packages that do this on Linux. Perhaps someone else
> can jump in here. (I did just search the Debian packae list, and I saw
> several possibilities there, but I'm not familiar with any of them in
> detail.)
>
> In any case, what you do here depends on how you are receiving e-mail, and
> your "relay only" comment above leave me uncertain about what you want to
> accomplish.

This is tough. How you chose to accomplish this will affect what SMTP/Mail 
client you choose. Ive seen some anti-viurs tools that only work with q-mail, 
or that only work with sendmail, or they work for one, but are extremely 
difficult to configure for another. My best advice, for tackling gray-listing 
and antivirus and an e-mail setup, look deeply into all three before you pick 
any one package. Eg. look at what qmail has to offer and the solutions for 
greylisting and antivirus, then check out sendmail etc. If you settle on any 
one mail package, then, as a novice, you might limit yourself too much on 
choosing a decent or compatible greylisting and antivirus solution.

> >6. Gray Listing (email)
>
> Please explain this one better. I'm used to grey lists working as part of
> an smtp aemon setup. But if you get your e-mail via POP or IMAP (again,
> that "relay only" comment leaves me at a loss), I don't know what you want
> "grey listing" to do.

Gerylisting solutions can be found here for various mail servers.

http://projects.puremagic.com/greylisting/links.html
 
> >8 Web Cashing
>
> I'm a bit out of date here. The usual way to do this is with a caching (not
> "cashing") proxy server like junkbuster or squid. There are a lot of them
> around; squid is probably still the standard.

Go with squid. It has a good default configuration and you will only need to 
change a few things to get it started on your network. That is the allow/deny 
lines i believe, and maybe set your cache directory.

> >9. Web Based Configuration tool for all above.
>
> Good luck. One place where Linux is weak is on unified configuration
> systems of any sort, and Web-based ones in partcular. In any case,
> Web-based configuration requires Web access to the host, and you won't get
> that out of the box with any distro ... they all require some console-based
> setup, if only to assign the IP address to the internal interface.

Look at Webmin. 
http://www.webmin.com/
Great web-tool that supports SSL, and third party modules to configure any 
type of daemon or system operation. Not quite a do-it-all-in-one-wonder tool 
all by itself, but its pretty darn good. Webmin can help you set up qmail, 
sendmail, squid, bind, dhcpd and more.

> >the Box will be a P2 with 256MB ram but if i can get it to work on a P1
> >166Mhz that would be great....
>
> Probably a P1 will serve ... at least if we are talking about typical
> connection speeds (an external interface between 100 Kbps and 1.5 Mbps) and
> a 100 Mbps LAN. Here, for example, I've used a 486 with 32 MB RAM as
> dedicated firewall for years. Just a NAT'ing firewall, though ... no SMTP
> relay or Web caching.
>
> Issues that might arise for you are:
>
> 1. Complexity of the firewall ruleset. Longer rulesets take more time to
> scan, and every packet has to traverse them until it matches a rule (or
> reaches the end). This is likely to be a problem only with very complex
> rulesets and high traffic volume.
>
> 2. Size of the Web cache. More RAM will matter here more than CPU type and
> speed. And if you're caching to a hard disk, you'll want one with DMA
> support (standard on modern systems, but I don't know about old P1s).

Pick up a cheap ( $20? ) PCI IDE card. Now they will support up to 133 MB/s 
and are supported esily by linux drivers.

-- 

-EB
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: Linux Help

[Art Wildman]

Kev wrote:
> I'm new to Linux, so i'm paling to install a gateway, with the following,
> 
> 1. Firewall
> 2. DNS
> 3. DHCP
> 4. SMTP (relay only)
> 5. Email Virus Scaning
> 6. Gray Listing (email)
> 7. NAT
> 8 Web Cashing
> 9. Web Based Configuration tool for all above.
> 
> can any one tell me the best Linux version to use, (RedHat, Debian, etc)
> and the software i can use, like DNS = BIND, some thing simple to use...
> 
> the Box will be a P2 with 256MB ram but if i can get it to work on a P1
> 166Mhz that would be great....

You'll get 10 different answers to the distro question. I suggest you 
research the individual documentation and packages you need & decide 
which is best supported for you application. I have found the major 
distros to have the best documentation, and have used RedHat/Fedora for 
many years. Debian, Suse, Mandrake, and Gentoo have their stong points 
as well. As long as you disable Xwindows, you should be able to setup a 
minimal mail-server on that hardware, debian may be your best bet for this.

Here are some links to get your started...

Shorewall, IPCop, IPtables Firewall Scripts
http://shorewall.sourceforge.net/
http://www.ipcop.org/cgi-bin/twiki/view/IPCop/WebHome
http://www.linuxguruz.org/iptables/
http://www.liniac.upenn.edu/sysadmin/security/iptables.html

DNS - The Name Service HOWTO
http://www.cryptnet.net/fdp/admin/nameservice.html
http://www.rscott.org/dns/
http://bind8nt.meiway.com/itsaDNSmess.cfm

RH9 Customization Guide: Dynamic Host Configuration Protocol (DHCP)
<http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-dhcp-configuring-server.html>

Postfix
http://www.postfix.org/
http://www.postfix.org/STANDARD_CONFIGURATION_README.html#intranet
LJ: Using Postfix for Secure SMTP Gateways
http://www.linuxjournal.com/article.php?sid=4241

Linux-sec.net: Mail/AntiSpam
http://www.linux-sec.net/Mail/AntiSpam/

Configuring a mail server with 
Postfix-Procmail-Fetchmail-SpamAssassin-ClamAV-Courier IMAP
http://www.jennings.homelinux.net/mailserver_config.html

Squid & Squidguard
http://www.tldp.org/HOWTO/TransparentProxy-4.html
http://www.unixreview.com/documents/s=8989/sam0402c/

AntiVirus
http://www.clamav.net
http://www.amavis.org
http://drivel.com/clamassassin
http://sourceforge.net/projects/klamav/

Webmin
http://www.webmin.com/webmin/

http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/
http://www.tldp.org/HOWTO/HOWTO-INDEX/howtos.html

--
Art Wildman/ITO - art.wildman@noaa.gov
National Weather Service Office (WFO-JAX)
http://www.srh.noaa.gov/jax
"The contents of this message are mine personally, and
do not reflect any position of the Government, NOAA or NWS."

Re: Re[4]: Linux Help

[Glynn Clements]

Kev wrote:

> i was just saying what i will be running on the server, i was asking if
> i can run all that on a P1/166Mhz

It depends upon the amount of network traffic.

Networking daemons (and the IP filtering code) only consume CPU time
when they're actually doing something, and the amount of CPU time used
is roughly proportional to the amount of work they have to do.

Try it. If the load average is consistently high, you need a faster
CPU. If the hard disk is always busy, you need more RAM. If the box is
mostly idle but it still seems too slow, you need a faster Internet
connection.

-- 
Glynn Clements <glynn.clements@virgin.net>

Re: Linux Help

[Skylar Thompson]

[-- Attachment #1: Type: text/plain, Size: 3171 bytes --]

On Mon, Jul 19, 2004 at 10:50:07PM +0600, Kev wrote:
> Hi,
> 
> I'm new to Linux, so i'm paling to install a gateway, with the following,
> 
> 1. Firewall

On Linux, your choices are pretty limited: ipchains or iptables. On a new
installation, I can see of no reason not to go with iptables.

> 2. DNS

Without more information, I'd say BIND 9 (http://www.isc.org/sw/bind/).
It's stable, secure, and full of nice features.

> 3. DHCP

Again, without more information, the obvious choice is ISC-DHCP 3
(http://www.isc.org/sw/dhcp/).

> 4. SMTP (relay only)

Here you've got lots of options. I personally maintain Sendmail
(http://www.sendmail.org) on a variety of platforms (OS/2, Red Hat Linux,
Debian GNU/Linux, Solaris, FreeBSD, and NetBSD) and find it to be full of
features, but a real PITA when it comes to debugging. Since all you want to
do is relay, and for reasons I'll explain in the next point, I'm going to
recommend Exim (http://www.exim.org).

> 5. Email Virus Scaning

If all you are doing is virus scanning, I'd suggest using ClamAV
(http://www.clamav.net). To avoid needing to use a milter (I can't recall
whether Exim supports milters), I'd highly recommend MailScanner
(http://wwww.mailscanner.info). It uses a two-queue solution that obviates
the need for milters, and in my experience increases mail throughput by as
much as 10x compared to milters. It can be easily setup to call a spam
filter such as SpamAssassin (http://www.spamassassin.org) and a virus
scanner such as ClamAV (http://www.clamav.net).

> 6. Gray Listing (email)

SpamAssassin or MailScanner can do this.

> 7. NAT

This is done with iptables.

> 8 Web Cashing

Squid (http://www.squid-cache.org) is the best one I've used. I use it on a
NetBSD box in front of a cable connection to do transparent proxying, and
it works marvelously.

> 9. Web Based Configuration tool for all above.

Definitely Webmin (http://www.webmin.com).
 
> can any one tell me the best Linux version to use, (RedHat, Debian, etc)
> and the software i can use, like DNS = BIND, some thing simple to use...
 

While I've been a devout Red Hat user for years, I've been shying away from
Red Hat on new installs because they've been moving away from personal
users and concentrating almost exclusively on the commercial customers.
Fedora isn't (and wasn't intended to be) as well-polished as Red Hat 9, so
I'd go with Debian. It has a large user and developer base, so it's not
going south any time soon.

> the Box will be a P2 with 256MB ram but if i can get it to work on a P1
> 166Mhz that would be great....

Especially for mail filtering, you're going to want as much CPU power and
RAM as you can throw at it. Go SMP if you can. You might even want to run
that P1 for DHCP, DNS routing if you can, so that those services don't get
slowed down significantly if you suddenly get a huge spike in mail traffic.
Web caching benefits from having as much RAM and hard drive space as
possible, but CPU power isn't as much of a concern for it.

-- 
-- Skylar Thompson (skylar@cs.earlham.edu)
-- http://www.cs.earlham.edu/~skylar/

[-- Attachment #2: Type: application/pgp-signature, Size: 187 bytes --]

Re: Linux Help

[Skylar Thompson]

[-- Attachment #1: Type: text/plain, Size: 776 bytes --]

On Tue, Jul 20, 2004 at 09:27:04AM +0600, Kev wrote:
> now i'm going with Debian
> 
> if i install minum installation of debian and i can install other things by downloading them (Sendmail, Squid etc) ?

apt-get is probably one of the coolest features of Debian. It will download
any packages you need, along with all their dependencies. The days of
hunting for huge dependency trees of RPMs are over. Do an "apt-cache search
<string>" to figure what the package name is called, and then do "apt-get
install <package-name>" to install it. A lot of the configuration is
automated through dialogs, so almost everything should be pretty easy. Let
me know if you need any help.

-- 
-- Skylar Thompson (skylar@cs.earlham.edu)
-- http://www.cs.earlham.edu/~skylar/

[-- Attachment #2: Type: application/pgp-signature, Size: 187 bytes --]

Re[6]: Linux Help

[Kev]

Hi guys...

i'm going to do the follwing as a 1st step,

i got a Debian 3 (woody) basic 1 CD and i'm going to have postfix as the
SMTP relay.... the BOX is a Cyrix 233Mhz with 64MB ram, (Compaq Presario)
4GB HDD with 2 Lan Cards

i'm going to install Webmin 1.5, and also DHCP for Debian that comes
with Debian (on the web site) 

do you gusy thing i can do this with a basic Debian instalation or
should i download all other CD's from the site ? now the commands like
setup on Redhat dont work, how come ? do i need to install any thing
else ?

leter on i'm going to install a 2nd HDD and Squid and BIND and some AV
for the email relay, and the RAM to 256MB.

if any one can give me the basic how to do this, or a link to some sites
(Linux for Dummies :-)

i know i sound really dumb, well i really dont know much about linux
sorry !!! 






On Tue, 20 Jul 2004 00:07:44 +0100
Glynn Clements <glynn.clements@virgin.net> wrote:

>--> 
>--> Kev wrote:
>--> 
>--> > i was just saying what i will be running on the server, i was asking if
>--> > i can run all that on a P1/166Mhz
>--> 
>--> It depends upon the amount of network traffic.
>--> 
>--> Networking daemons (and the IP filtering code) only consume CPU time
>--> when they're actually doing something, and the amount of CPU time used
>--> is roughly proportional to the amount of work they have to do.
>--> 
>--> Try it. If the load average is consistently high, you need a faster
>--> CPU. If the hard disk is always busy, you need more RAM. If the box is
>--> mostly idle but it still seems too slow, you need a faster Internet
>--> connection.
>--> 
>--> -- 
>--> Glynn Clements <glynn.clements@virgin.net>
>--> 

------- 
Web Hosting at cheep price, stating at $1 per moth with your own domain, .COM, .NET, .LK, .ORG etc..
PHP, CGI, Perl, MySQL, Cpanel 9, POP3, POP3s, SMTP, IMAP, FTP,
http://www.orbitsl.net

-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: Re[6]: Linux Help

[Sascha Retzki]

Am Di, 2004-07-20 um 17.20 schrieb Kev:
> Hi guys...
> 
> i'm going to do the follwing as a 1st step,
> 
> i got a Debian 3 (woody) basic 1 CD and i'm going to have postfix as the
> SMTP relay.... the BOX is a Cyrix 233Mhz with 64MB ram, (Compaq Presario)
> 4GB HDD with 2 Lan Cards
> 
> i'm going to install Webmin 1.5, and also DHCP for Debian that comes
> with Debian (on the web site) 
> 
> do you gusy thing i can do this with a basic Debian instalation or
> should i download all other CD's from the site ? 

I think so, firewall, dns, dhcp, smtp, squid should really be there.

> now the commands like
> setup on Redhat dont work, how come ? do i need to install any thing
> else ?
> 

RedHat may use scripts to "help" you that just work on Red Hat. tldp.org
and similar offer the "everywhere-working" Documents :)

> leter on i'm going to install a 2nd HDD and Squid and BIND and some AV
> for the email relay, and the RAM to 256MB.
> 
> if any one can give me the basic how to do this, or a link to some sites
> (Linux for Dummies :-)
> 

tldp.org :) .. or google.com/linux

> i know i sound really dumb, well i really dont know much about linux
> sorry !!! 
> 
> 
> 

Everybody is new sometimes. Nice that you ask for documentation-sites ;)

> 
> 
> 
> On Tue, 20 Jul 2004 00:07:44 +0100
> Glynn Clements <glynn.clements@virgin.net> wrote:
> 
> >--> 
> >--> Kev wrote:
> >--> 
> >--> > i was just saying what i will be running on the server, i was asking if
> >--> > i can run all that on a P1/166Mhz
> >--> 
> >--> It depends upon the amount of network traffic.
> >--> 
> >--> Networking daemons (and the IP filtering code) only consume CPU time
> >--> when they're actually doing something, and the amount of CPU time used
> >--> is roughly proportional to the amount of work they have to do.
> >--> 
> >--> Try it. If the load average is consistently high, you need a faster
> >--> CPU. If the hard disk is always busy, you need more RAM. If the box is
> >--> mostly idle but it still seems too slow, you need a faster Internet
> >--> connection.
> >--> 
> >--> -- 
> >--> Glynn Clements <glynn.clements@virgin.net>
> >--> 
> 
> ------- 
> Web Hosting at cheep price, stating at $1 per moth with your own domain, .COM, .NET, .LK, .ORG etc..
> PHP, CGI, Perl, MySQL, Cpanel 9, POP3, POP3s, SMTP, IMAP, FTP,
> http://www.orbitsl.net
> 
> -
> To unsubscribe from this list: send the line "unsubscribe linux-admin" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> 
> 

Re[6]: Linux Help

[Ray Olszewski]

At 09:20 PM 7/20/2004 +0600, Kev wrote:
>Hi guys...

Kev -- It's generally considered discourteous to cross-post messages to 
multiple mailing lists. In this instance, I've removed the linux-admin 
posting from my reply.

>i'm going to do the follwing as a 1st step,
>
>i got a Debian 3 (woody) basic 1 CD and i'm going to have postfix as the
>SMTP relay.... the BOX is a Cyrix 233Mhz with 64MB ram, (Compaq Presario)
>4GB HDD with 2 Lan Cards

If you plan to add Web caching to this system (as you mentioned in an 
earlier emssage), I think you'll find 64 MB to be too little memory for 
good performance.  Everything else should be fine.

In Linux, default installs do NOT automatically enable DMA on hard disks. 
You'll want to do that in an init script (using the app hdparm, from the 
Debian package hdparm).

In my prior reply, I didn't list postfix among the SMTP candidates, but it 
is another good one, so should be fine for your purposes (though I myself 
have no recent experience using it).

>i'm going to install Webmin 1.5, and also DHCP for Debian that comes
>with Debian (on the web site)
>
>do you gusy thing i can do this with a basic Debian instalation or
>should i download all other CD's from the site ?

The usual way to maintain a Debian system after setup is by doing online 
updates. In fact, unless you have an awful Internet connection, that's 
usually the best way to install. That is, get a set of boot floppies (or a 
boot CD, depending on your hardware), install the (very small) Debian base 
from it, then use apt-get to add the packages you need from an online 
repository.

This approach will assure that you get the latest versions of things 
(Debian CDs, like pretty much all Linux distro CDs, aren't updated anywhere 
nearly as regularly as the online repositories). In particular, it will 
makes sure that you get all security upgrades ... VERY important for any 
system that is connected directly to the Internet (as a router is).

>now the commands like
>setup on Redhat dont work, how come ? do i need to install any thing
>else ?

If you are asking why a particular command specific to Red Hat doesn't work 
on a Debian install, then the answer is probably that Debian doesn't 
include the app or the script that implements the command. Not being a Red 
Hat user, I don't know what "setup" on a default RH install does.

If you are asking a more general question, you'lll have to be more clear 
... I have no way of knowing what Debian commands you think are "like setup 
on Redhat". Also what "now" referred to, and if "dont work" means anything 
more subtle than that the command itself is not present.

>leter on i'm going to install a 2nd HDD and Squid and BIND and some AV
>for the email relay, and the RAM to 256MB.

All easy to do using Debian's apt-get and apt-cache package management 
system. (Except I don't know what "some AV for the email relay" means ... I 
can't parse "AV" in this context.) The extra RAM should handle your Web 
caching needs quite nicely. I'm not sure if you'll need the second hard 
disk ... it depends on traffic volumes (SMTP and Web caching).

>if any one can give me the basic how to do this, or a link to some sites
>(Linux for Dummies :-)

The Debian installer itself should walk you through the installation 
process. The big gotcha to watch out for is NIC modules ... you don't say 
what NICs you are using, and stock Debian Linux kernels only support the 
most common ones directly. For others, you'll have to install kernel 
modules ... the installer prompts you to do this, but it doesn't help you 
identify the ones you need.

Last time I checked, the Debian install process still used an old kernel 
(2.2.something). Once you have the system configured, and before you set it 
up to route and firewall, you'll want to update to a newer kernel ... at 
least 2.4.whatever_is_current, maybe even 2.6.something. Unless you want to 
compile you own kernel (a good idea for a router, but maybe not such a good 
idea for a beginner), you apt-get install a suitable kernel-image-* package.


>i know i sound really dumb, well i really dont know much about linux
>sorry !!!


-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re[7]: Linux Help

[Kev]

sorry about the 2 maling lists :)

>--> If you plan to add Web caching to this system (as you mentioned in an 
>--> earlier emssage), I think you'll find 64 MB to be too little memory for 
>--> good performance.  Everything else should be fine.

will be going for 256MB once i install Squid

LAN Card are Realtec both same model , a comm one but cant remember the
exact model tho, sorry

>--> system. (Except I don't know what "some AV for the email relay" means ... I 
>--> can't parse "AV" in this context.) The extra RAM should handle your Web 

AV = AntiVirus for the SMTP relay.
but not sure what i'm going to use.





On Tue, 20 Jul 2004 08:55:32 -0700
Ray Olszewski <ray@comarre.com> wrote:

>--> At 09:20 PM 7/20/2004 +0600, Kev wrote:
>--> >Hi guys...
>--> 
>--> Kev -- It's generally considered discourteous to cross-post messages to 
>--> multiple mailing lists. In this instance, I've removed the linux-admin 
>--> posting from my reply.
>--> 
>--> >i'm going to do the follwing as a 1st step,
>--> >
>--> >i got a Debian 3 (woody) basic 1 CD and i'm going to have postfix as the
>--> >SMTP relay.... the BOX is a Cyrix 233Mhz with 64MB ram, (Compaq Presario)
>--> >4GB HDD with 2 Lan Cards
>--> 
>--> If you plan to add Web caching to this system (as you mentioned in an 
>--> earlier emssage), I think you'll find 64 MB to be too little memory for 
>--> good performance.  Everything else should be fine.
>--> 
>--> In Linux, default installs do NOT automatically enable DMA on hard disks. 
>--> You'll want to do that in an init script (using the app hdparm, from the 
>--> Debian package hdparm).
>--> 
>--> In my prior reply, I didn't list postfix among the SMTP candidates, but it 
>--> is another good one, so should be fine for your purposes (though I myself 
>--> have no recent experience using it).
>--> 
>--> >i'm going to install Webmin 1.5, and also DHCP for Debian that comes
>--> >with Debian (on the web site)
>--> >
>--> >do you gusy thing i can do this with a basic Debian instalation or
>--> >should i download all other CD's from the site ?
>--> 
>--> The usual way to maintain a Debian system after setup is by doing online 
>--> updates. In fact, unless you have an awful Internet connection, that's 
>--> usually the best way to install. That is, get a set of boot floppies (or a 
>--> boot CD, depending on your hardware), install the (very small) Debian base 
>--> from it, then use apt-get to add the packages you need from an online 
>--> repository.
>--> 
>--> This approach will assure that you get the latest versions of things 
>--> (Debian CDs, like pretty much all Linux distro CDs, aren't updated anywhere 
>--> nearly as regularly as the online repositories). In particular, it will 
>--> makes sure that you get all security upgrades ... VERY important for any 
>--> system that is connected directly to the Internet (as a router is).
>--> 
>--> >now the commands like
>--> >setup on Redhat dont work, how come ? do i need to install any thing
>--> >else ?
>--> 
>--> If you are asking why a particular command specific to Red Hat doesn't work 
>--> on a Debian install, then the answer is probably that Debian doesn't 
>--> include the app or the script that implements the command. Not being a Red 
>--> Hat user, I don't know what "setup" on a default RH install does.
>--> 
>--> If you are asking a more general question, you'lll have to be more clear 
>--> ... I have no way of knowing what Debian commands you think are "like setup 
>--> on Redhat". Also what "now" referred to, and if "dont work" means anything 
>--> more subtle than that the command itself is not present.
>--> 
>--> >leter on i'm going to install a 2nd HDD and Squid and BIND and some AV
>--> >for the email relay, and the RAM to 256MB.
>--> 
>--> All easy to do using Debian's apt-get and apt-cache package management 
>--> system. (Except I don't know what "some AV for the email relay" means ... I 
>--> can't parse "AV" in this context.) The extra RAM should handle your Web 
>--> caching needs quite nicely. I'm not sure if you'll need the second hard 
>--> disk ... it depends on traffic volumes (SMTP and Web caching).
>--> 
>--> >if any one can give me the basic how to do this, or a link to some sites
>--> >(Linux for Dummies :-)
>--> 
>--> The Debian installer itself should walk you through the installation 
>--> process. The big gotcha to watch out for is NIC modules ... you don't say 
>--> what NICs you are using, and stock Debian Linux kernels only support the 
>--> most common ones directly. For others, you'll have to install kernel 
>--> modules ... the installer prompts you to do this, but it doesn't help you 
>--> identify the ones you need.
>--> 
>--> Last time I checked, the Debian install process still used an old kernel 
>--> (2.2.something). Once you have the system configured, and before you set it 
>--> up to route and firewall, you'll want to update to a newer kernel ... at 
>--> least 2.4.whatever_is_current, maybe even 2.6.something. Unless you want to 
>--> compile you own kernel (a good idea for a router, but maybe not such a good 
>--> idea for a beginner), you apt-get install a suitable kernel-image-* package.
>--> 
>--> 
>--> >i know i sound really dumb, well i really dont know much about linux
>--> >sorry !!!
>--> 
>--> 
>--> -
>--> To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
>--> the body of a message to majordomo@vger.kernel.org
>--> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>--> Please read the FAQ at http://www.linux-learn.org/faqs
>--> 

------- 
Web Hosting at cheep price, stating at $1 per moth with your own domain, .COM, .NET, .LK, .ORG etc..
PHP, CGI, Perl, MySQL, Cpanel 9, POP3, POP3s, SMTP, IMAP, FTP,
http://www.orbitsl.net

-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re[7]: Linux Help

[Ray Olszewski]

At 10:26 PM 7/20/2004 +0600, Kev wrote:
[...]
>LAN Card are Realtec both same model , a comm one but cant remember the
>exact model tho, sorry

If memory serves (I'm not certain, though), the stock Debian install kernel 
does NOT contain support for NICs that use the rtl8139 driver (or the newer 
8139too driver). If that's the "comm one" you are referring to, you will 
need to add a module for it to do an online install.

> >--> system. (Except I don't know what "some AV for the email relay" 
> means ... I
> >--> can't parse "AV" in this context.) The extra RAM should handle your Web
>
>AV = AntiVirus for the SMTP relay.
>but not sure what i'm going to use.

Ah. I guess that's why words communicate better than made-up abbreviations 
(for me, AV = audio-visual, but that made no sense in context).

I just skimmed the Debian package list (for Sid; Woody will be less 
complete or current) and found that postfix has these associated packages:

         amavis-ng - AMaViS "Next Generation"
         amavisd-new - Interface between MTA and virus scanner/content filters
         amavisd-new-milter - Interface between sendmail-milter and amavisd-new

         postgrey - Greylisting implementation for Postfix
         webmin-postfix - postfix control module for webmin

Not having used any of this stuff myself, I can neither recommend nor 
criticize it ... just let you know it is (probably) there, for you to take 
a look at.



-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re[8]: Linux Help

[Kev]

>If memory serves (I'm not certain, though), the stock Debian install kernel 
>does NOT contain support for NICs that use the rtl8139 driver (or the newer 
>8139too driver). If that's the "comm one" you are referring to, you will 
>need to add a module for it to do an online install.

LAN cards are both, Realtek RTL8139

:(


On Tue, 20 Jul 2004 09:54:41 -0700
Ray Olszewski <ray@comarre.com> wrote:

>At 10:26 PM 7/20/2004 +0600, Kev wrote:
>[...]
>>LAN Card are Realtec both same model , a comm one but cant remember the
>>exact model tho, sorry
>
>If memory serves (I'm not certain, though), the stock Debian install kernel 
>does NOT contain support for NICs that use the rtl8139 driver (or the newer 
>8139too driver). If that's the "comm one" you are referring to, you will 
>need to add a module for it to do an online install.
>
>> >--> system. (Except I don't know what "some AV for the email relay" 
>> means ... I
>> >--> can't parse "AV" in this context.) The extra RAM should handle your Web
>>
>>AV = AntiVirus for the SMTP relay.
>>but not sure what i'm going to use.
>
>Ah. I guess that's why words communicate better than made-up abbreviations 
>(for me, AV = audio-visual, but that made no sense in context).
>
>I just skimmed the Debian package list (for Sid; Woody will be less 
>complete or current) and found that postfix has these associated packages:
>
>         amavis-ng - AMaViS "Next Generation"
>         amavisd-new - Interface between MTA and virus scanner/content filters
>         amavisd-new-milter - Interface between sendmail-milter and amavisd-new
>
>         postgrey - Greylisting implementation for Postfix
>         webmin-postfix - postfix control module for webmin
>
>Not having used any of this stuff myself, I can neither recommend nor 
>criticize it ... just let you know it is (probably) there, for you to take 
>a look at.
>
>
>
>-
>To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
>the body of a message to majordomo@vger.kernel.org
>More majordomo info at  http://vger.kernel.org/majordomo-info.html
>Please read the FAQ at http://www.linux-learn.org/faqs
>

------- 
Web Hosting at cheep price, stating at $1 per moth with your own domain, .COM, .NET, .LK, .ORG etc..
PHP, CGI, Perl, MySQL, Cpanel 9, POP3, POP3s, SMTP, IMAP, FTP,
http://www.orbitsl.net

-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re[8]: Linux Help

[James Miller]

On Tue, 20 Jul 2004, Kev wrote:

> >If memory serves (I'm not certain, though), the stock Debian install kernel
> >does NOT contain support for NICs that use the rtl8139 driver (or the newer
> >8139too driver). If that's the "comm one" you are referring to, you will
> >need to add a module for it to do an online install.
>
> LAN cards are both, Realtek RTL8139

I know I'm being timorous for questioning your memory here Ray, but I'm
almost sure when I did my Debian install here (starting from floppies) on
my machine that has an onboard rtl8139 NIC, I did get network support
without loading of additional modules.  If I'm wrong - well, what do you
expect from a newbie? :)

James
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re[8]: Linux Help

[Ray Olszewski]

At 12:08 PM 7/20/2004 -0500, James Miller wrote:
>On Tue, 20 Jul 2004, Kev wrote:
>
> > >If memory serves (I'm not certain, though), the stock Debian install 
> kernel
> > >does NOT contain support for NICs that use the rtl8139 driver (or the 
> newer
> > >8139too driver). If that's the "comm one" you are referring to, you will
> > >need to add a module for it to do an online install.
> >
> > LAN cards are both, Realtek RTL8139
>
>I know I'm being timorous for questioning your memory here Ray, but I'm
>almost sure when I did my Debian install here (starting from floppies) on
>my machine that has an onboard rtl8139 NIC, I did get network support
>without loading of additional modules.  If I'm wrong - well, what do you
>expect from a newbie? :)

About as much as I expect from an old timer with a failing memory. (That's 
why I said I wasn't certsin when I posted it ... being lazy, these days I 
*always* put a tulip-based NIC in any system I am setting up, then switch 
to its "real" NIC after I have the kernel I actually want to use on the 
system installed.)



-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re[9]: Linux Help

[Kev]

FOUND IT

> Realtec ? Maybe 8139too or 8139cp... RealTek RTL-8029 ? that is ne ... .
> ( ne is generally a module I constantly try because NE1/2000 are widely
> used :) ). 
> 
Oh well, command is "modprobe 8139too" or "modprobe 8139cp" or "modrpobe
ne" ... after you found out which one works, put it into /etc/modules.

THANKS GUYS !!!!!


On Tue, 20 Jul 2004 10:28:31 -0700
Ray Olszewski <ray@comarre.com> wrote:

>At 12:08 PM 7/20/2004 -0500, James Miller wrote:
>>On Tue, 20 Jul 2004, Kev wrote:
>>
>> > >If memory serves (I'm not certain, though), the stock Debian install 
>> kernel
>> > >does NOT contain support for NICs that use the rtl8139 driver (or the 
>> newer
>> > >8139too driver). If that's the "comm one" you are referring to, you will
>> > >need to add a module for it to do an online install.
>> >
>> > LAN cards are both, Realtek RTL8139
>>
>>I know I'm being timorous for questioning your memory here Ray, but I'm
>>almost sure when I did my Debian install here (starting from floppies) on
>>my machine that has an onboard rtl8139 NIC, I did get network support
>>without loading of additional modules.  If I'm wrong - well, what do you
>>expect from a newbie? :)
>
>About as much as I expect from an old timer with a failing memory. (That's 
>why I said I wasn't certsin when I posted it ... being lazy, these days I 
>*always* put a tulip-based NIC in any system I am setting up, then switch 
>to its "real" NIC after I have the kernel I actually want to use on the 
>system installed.)
>
>
>
>-
>To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
>the body of a message to majordomo@vger.kernel.org
>More majordomo info at  http://vger.kernel.org/majordomo-info.html
>Please read the FAQ at http://www.linux-learn.org/faqs
>

------- 
Web Hosting at cheep price, stating at $1 per moth with your own domain, .COM, .NET, .LK, .ORG etc..
PHP, CGI, Perl, MySQL, Cpanel 9, POP3, POP3s, SMTP, IMAP, FTP,
http://www.orbitsl.net

-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: Re[8]: Linux Help

[Peter Garrett]

On Wed, 2004-07-21 at 03:01, Kev wrote:
> >If memory serves (I'm not certain, though), the stock Debian install kernel 
> >does NOT contain support for NICs that use the rtl8139 driver (or the newer 
> >8139too driver). If that's the "comm one" you are referring to, you will 
> >need to add a module for it to do an online install.
> 
> LAN cards are both, Realtek RTL8139
> 
> :(
> 
> 
> On Tue, 20 Jul 2004 09:54:41 -0700
> Ray Olszewski <ray@comarre.com> wrote:
> 
> >At 10:26 PM 7/20/2004 +0600, Kev wrote:
> >[...]
> >>LAN Card are Realtec both same model , a comm one but cant remember the
> >>exact model tho, sorry
> >
> >If memory serves (I'm not certain, though), the stock Debian install kernel 
> >does NOT contain support for NICs that use the rtl8139 driver (or the newer 
> >8139too driver). If that's the "comm one" you are referring to, you will 
> >need to add a module for it to do an online install.
> >
> >> >--> system. (Except I don't know what "some AV for the email relay" 
> >> means ... I
> >> >--> can't parse "AV" in this context.) The extra RAM should handle your Web
> >>
> >>AV = AntiVirus for the SMTP relay.
> >>but not sure what i'm going to use.
> >
> >Ah. I guess that's why words communicate better than made-up abbreviations 
> >(for me, AV = audio-visual, but that made no sense in context).
> >
> >I just skimmed the Debian package list (for Sid; Woody will be less 
> >complete or current) and found that postfix has these associated packages:
> >
> >         amavis-ng - AMaViS "Next Generation"
> >         amavisd-new - Interface between MTA and virus scanner/content filters
> >         amavisd-new-milter - Interface between sendmail-milter and amavisd-new
> >
> >         postgrey - Greylisting implementation for Postfix
> >         webmin-postfix - postfix control module for webmin
> >
> >Not having used any of this stuff myself, I can neither recommend nor 
> >criticize it ... just let you know it is (probably) there, for you to take 
> >a look at.

If you are installing Debian, you might want to look here: 

>http://www.osnews.com/story.php?news_id=2016&page=1

and here:

http://www.debian.org/devel/debian-installer/

and I would recommend:

http://www.debian.org/doc/manuals/apt-howto/index.en.html
-

> 
> ------- 
-- 
Windows belongs to Microsoft: Linux belongs to humanity

-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: Linux Help

[chuck gelm]

Uh, I like bottom posting and removing unnecessary lines.
Kev wrote:
> I have installed Debina with out my LAN cards (Realtec) i did add the
> cards after the Denian installation, now i cant seem to get Debian to
> detect them :(

What did you do and how did it fail?

Rheorical:

  How does hardware detection fall into administration?
  I would have posted this topic on linux-newbie.

> On Tue, 20 Jul 2004 18:42:44 +0200
> Sascha Retzki <lantis@iqranet.info> wrote:

>>--> Am Di, 2004-07-20 um 18.27 schrieb Kev:
>>--> > how can you make Debian Detect hardware after the installation ?
>>--> 
>>--> This question is ( among many other debian-specific questions ) covered
>>--> by their documentations, but ok :)

>>--> "detect" hardware .. hm .. first of, /etc/modules is a
>>--> one-modulename-per-line file is loaded at boottime, so this is the place
>>--> where you put the module-names in ( without the path or the .o ). The
>>--> detection is imho manually done with debian. Tip is to use modprobe
>>--> instead of isnmod to load dependencies of modules, use lspci -v to find
>>--> out all pci/Isa/... adapters and chipnames in your computer ... . Linux
>>--> module-names are named after chipsetname, not that what the vendor tries
>>--> to tell you on the cage ;) ... .

modprobe 8139too

HTH, Chuck

Re: Linux Help

[joy]

Sascha Retzki wrote:

>Am Di, 2004-07-20 um 17.20 schrieb Kev:
>  
>
>>Hi guys...
>>
>>i'm going to do the follwing as a 1st step,
>>
>>i got a Debian 3 (woody) basic 1 CD and i'm going to have postfix as the
>>SMTP relay.... the BOX is a Cyrix 233Mhz with 64MB ram, (Compaq Presario)
>>4GB HDD with 2 Lan Cards
>>
>>i'm going to install Webmin 1.5, and also DHCP for Debian that comes
>>with Debian (on the web site) 
>>
>>do you gusy thing i can do this with a basic Debian instalation or
>>should i download all other CD's from the site ? 
>>    
>>
>
>I think so, firewall, dns, dhcp, smtp, squid should really be there.
>
>  
>
How about Courier for the smtp part?
As Kev said a web based config would be nice and courier  comes with
courier  webadmin - nice thing to get your setup up and running.
and it some graylisting facilities as well

Joy.M.M

Re[2]: Linux Help

[Kev]

Hiii guys................


i'm having pro with LAN cards on my Debian BOX, i did the installation 2-3 times but still fail to up the network but i can see form "lspci -v" that the card was detect,

Realtek 8139 both card;s are the same.... maybe a conflict ?

plz help



On Wed, 21 Jul 2004 08:39:21 +0530
joy <gracecott@sancharnet.in> wrote:

> Sascha Retzki wrote:
> 
> >Am Di, 2004-07-20 um 17.20 schrieb Kev:
> >  
> >
> >>Hi guys...
> >>
> >>i'm going to do the follwing as a 1st step,
> >>
> >>i got a Debian 3 (woody) basic 1 CD and i'm going to have postfix as the
> >>SMTP relay.... the BOX is a Cyrix 233Mhz with 64MB ram, (Compaq Presario)
> >>4GB HDD with 2 Lan Cards
> >>
> >>i'm going to install Webmin 1.5, and also DHCP for Debian that comes
> >>with Debian (on the web site) 
> >>
> >>do you gusy thing i can do this with a basic Debian instalation or
> >>should i download all other CD's from the site ? 
> >>    
> >>
> >
> >I think so, firewall, dns, dhcp, smtp, squid should really be there.
> >
> >  
> >
> How about Courier for the smtp part?
> As Kev said a web based config would be nice and courier  comes with
> courier  webadmin - nice thing to get your setup up and running.
> and it some graylisting facilities as well
> 
> Joy.M.M
> -
> To unsubscribe from this list: send the line "unsubscribe linux-admin" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> 

------- 
Web Hosting at cheep price, stating at $1 per moth with your own domain, .COM, .NET, .LK, .ORG etc..
PHP, CGI, Perl, MySQL, Cpanel 9, POP3, POP3s, SMTP, IMAP, FTP,
http://www.orbitsl.net

Re: Re[4]: Linux Help

[Jeff Largent]

Glynn,
  I'll let you correct me if I'm wrong, but isn't ip filtering also a
memory requirement?  I'm thinks specifically of connection tracking. 

Jeff

On Mon, 2004-07-19 at 19:07, Glynn Clements wrote:
> Kev wrote:
> 
> > i was just saying what i will be running on the server, i was asking if
> > i can run all that on a P1/166Mhz
> 
> It depends upon the amount of network traffic.
> 
> Networking daemons (and the IP filtering code) only consume CPU time
> when they're actually doing something, and the amount of CPU time used
> is roughly proportional to the amount of work they have to do.
> 
> Try it. If the load average is consistently high, you need a faster
> CPU. If the hard disk is always busy, you need more RAM. If the box is
> mostly idle but it still seems too slow, you need a faster Internet
> connection.

Re: Re[4]: Linux Help

[Glynn Clements]

Jeff Largent wrote:

>   I'll let you correct me if I'm wrong, but isn't ip filtering also a
> memory requirement?  I'm thinks specifically of connection tracking. 

All of them have memory requirements. Connection tracking is probably
going to be the least significant of those, although, unlike
user-space daemons, it requires physical RAM rather than swap. Even
so, connection tracking needs an extra few bytes per connection,
whereas a daemon which forks for each connection may require a few
hundred Kb or more per connection.

-- 
Glynn Clements <glynn.clements@virgin.net>

Re: Re[4]: Linux Help

[Jeff Largent]

Glynn,
   Thats good to know, for some reason I have always been under the
impression that connection tracking could have a significant memory
requirement.


Jeff

On Wed, 2004-07-21 at 15:02, Glynn Clements wrote:
> Jeff Largent wrote:
> 
> >   I'll let you correct me if I'm wrong, but isn't ip filtering also a
> > memory requirement?  I'm thinks specifically of connection tracking. 
> 
> All of them have memory requirements. Connection tracking is probably
> going to be the least significant of those, although, unlike
> user-space daemons, it requires physical RAM rather than swap. Even
> so, connection tracking needs an extra few bytes per connection,
> whereas a daemon which forks for each connection may require a few
> hundred Kb or more per connection.

Re: Re[4]: Linux Help

[Glynn Clements]

Jeff Largent wrote:

> > >   I'll let you correct me if I'm wrong, but isn't ip filtering also a
> > > memory requirement?  I'm thinks specifically of connection tracking. 
> > 
> > All of them have memory requirements. Connection tracking is probably
> > going to be the least significant of those, although, unlike
> > user-space daemons, it requires physical RAM rather than swap. Even
> > so, connection tracking needs an extra few bytes per connection,
> > whereas a daemon which forks for each connection may require a few
> > hundred Kb or more per connection.
> 
>    Thats good to know, for some reason I have always been under the
> impression that connection tracking could have a significant memory
> requirement.

It's potentially significant for a *router* which may be tracking a
substantial number of connections with minimal RAM.

Bear in mind that a basic router (or a router with only stateless
filtering) requires zero bytes per connection: routers deal with
packets rather than connections, and once a packet has been sent, it
(and any memory associated with it) is gone for good.

In that sense, even a few bytes per connection is an increase by a
factor of infinity over zero bytes per connection.

But, unless you're talking about a router which might have to track
tens of thousands of outstanding connections, or one which has very
little RAM, then it probably isn't significant.

-- 
Glynn Clements <glynn.clements@virgin.net>