LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Debian (https://www.linuxquestions.org/questions/debian-26/)
-   -   Advice on personal FW / Router. Proxies or Routing way to go (https://www.linuxquestions.org/questions/debian-26/advice-on-personal-fw-router-proxies-or-routing-way-to-go-236470/)

Vi-wi 09-29-2004 12:03 AM

Advice on personal FW / Router. Proxies or Routing way to go
 
I'm setting up a personal server to do everything.

I'm using Debian and have the Apache Server and Squid Web Cache running. Man o man Debian is a breath of fresh air after trying to squeeze Gentoo onto this laboured machine. (Pentium 133Mhz, Fujitsu Lifebook Laptop 80mb 1.5gb)

Anyhoo, I'm running in circles. I am feverishly trying to re-establish my wife's email client through this machine. At first I thought I would add a simple route, but that hasn't panned out. Next I thought I could add a socks proxy, but Debian doesn't seem to have any packages to do so (Dante and Socks4 are not available?)

So after a little research I thought I'd try IProute2. But the deb package doesn't install correctly. Squid is working and networking is OK.
I'm not even sure it's the right answer so I thought I'd pose the question.

What is the politically correct method for a quick dirty, moderately secure method of getting Thunderbird-win to work through this debian machine?

muchas gracias,
Billy

dalek 09-29-2004 04:27 PM

I am NOT a expert here. Just want to make that point right away.

You did open port 25 and 110 right? That is usually what they use for email, on mine at least.

I'm getting DSL soon and am setting up a router and firewall, running OpenBSD hopefully, so I may have the same issue. You guinie pig. Let me know how it goes.

BUMP

:D :D :D :D

Vi-wi 09-29-2004 06:57 PM

Routing ... goes thud
 
Here it is:

Code:

PC#1 (192.168.254.100)                                PC#2(192.168.254.50)
=================                                    ================
      \/                                                    \/
        |                                                    |
        --------------------      ----------------------------
                          |      |
                      -------------------
                      |      HUB      |
                      -------------------
                              |
                        ===============   
                        ETH1(192.168.254.69)
                        ---------------------------
                        ETH0(64.180.80.60)    (DHCP Supplied)
                        ===============
                              |
                          ^^^^^^^^^^ 
                          < Internet  >    (DHCP Gateway 64.180.80.254)
                          ^^^^^^^^^^

My Route Table for my gateway router is:

Code:

Kernel IP routing table
Destination    Gateway        Genmask        Flags Metric Ref    Use Iface
192.168.254.0  0.0.0.0        255.255.255.0  U    0      0        0 eth1
64.180.80.0    0.0.0.0        255.255.248.0  U    0      0        0 eth0
0.0.0.0        64.180.80.254  0.0.0.0        UG    0      0        0 eth0


Anyone see any problems yet?
Billy

funkydan2 09-29-2004 07:09 PM

Umm, can either of your PCs connect to the web? It's just that you've said nothing about Network Address Translation (NAT).

If you can connect to the web, it will be because the squid on the gateway machine fetches everything and then proxies onto your LAN. However, squid isn't doing the same for your email.

I think you have two choices (it's been a few years since I was studying network admin). Either you can setup your firewall (iptables, ipchains) to do Network Address Tranlation and allow your wifes PC to connect directly to your ISPs mail server or you can setup something like sendmail on your gateway and have it fetch mail from your isp and setup your wifes PC to fetch the mail from your gateway.

I'm not sure which would be easier or which would make you feel safer. The benefit of setting up sendmail is you could also put a SPAM filter and antivirus on your gateway to keep you 'safe' from mail harm.

Have a search around the HOWTOs on www.tlpd.org and you should find some good ones under 'networking'
http://www.tldp.org/HOWTO/HOWTO-INDEX/networking.html
or server apps
http://www.tldp.org/HOWTO/HOWTO-INDE...tml#SERVERAPPS

Daniel

jarib 09-29-2004 11:40 PM

I think your gateway should be 192.168.254.69.
(edit: never mind, I was thinking of the client gateway)

Why not use a distro like IPCop http://www.ipcops.net It's pretty much ready to go and has Squid and you can add Squid-guard as well. Comes with Snort a web admin page and all kinds of logging.

I just checked my routers route table. It looks about the same except I have a default gateway entry rather than 0.0.0.0


All times are GMT -5. The time now is 12:33 PM.