I have been experimenting with linux-distros that act as routers and firewalls. The best one I've found is clarkconnect (supports scsi), but I'd like to build my own. I downloaded the Mandrake 9.1 isos, and started compiling a list of things I'd need. Basically, My setup is a server with 2 NIC's..one to the outside world and one to my network (10.0.0.*). I want the server to act as a firewall and route, webserv..etc..these are the packages I've come up with so far. I will need to run NAT obviously, as I only have one ip.

iptables - i can do port forwarding and open up incoming ports right?
ipmasquerading (do i need both iptables and ipmasquerading?)
apache
webalizer/awstats--any recommendations to which one??
webmin
SSH
ProFTP
Samba

I'm also going to be running a netware 6.5 server to do: DNS/DHCP
iFolder
Netstorage
iManager
iPrint

And then I'm going to build a w2k server to run my webcam, i use a program called webcamxp (for those of you who dont use it, you should, its awesome) to host my cam.

Is Mandrake 9.1 my best bet in this endeavor? Please let me know, I appreciate everyone's help. Thanks in advance!

Just thought I'd add..I'm also running groupwise 6.5 on the netware box....

no you dont need ipmasquerading if you have iptables installed, to nat with iptables u do something like the following:

iptables -A POSTROUTING -t nat -s $LAN -d ! $LAN -j SNAT --to $WAN_IP

where $LAN = 10.0.0.0/24, ! $LAN is the internet in your case and $WAN_IP is the ipaddress given to you by your isp. If your ip isnt static, then you simply change the end to:

-j MASQUERADE everything before the -j can stay the same.

also i'd recommend against straight ftp, i'd make all file transfers and remote logins secure by doing it all over ssh, if you have sshd running you can use scp (windows machines can use WinSCP) or sftp (windows machines can use the SSH option when doing FTP and connect to port 22 on your FTP server).

you may also want sql databases, mysql works a treat

I dont have any need for SQL, but about ftp.. I decided not to even use it at all. I can use iFolder instead. With concerns about being hacked, who knows how to hack any novell products anyways....I have been reading about iptables, its pretty confusing. Does anyone have any links to basic guides/how-to's.. I'm a netware person, im new to the linux world, this stuff is somewhat confusing to me. Thanks again

I have been reading about iptables, its pretty confusing. Does anyone have any links to basic guides/how-to's

Check out the LQ FAQ: Security references, post #2.