LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking > Linux - Wireless Networking
User Name
Password
Linux - Wireless Networking This forum is for the discussion of wireless networking in Linux.

Notices


Reply
  Search this Thread
Old 11-25-2005, 12:40 PM   #1
freshjones
LQ Newbie
 
Registered: Nov 2005
Posts: 6

Rep: Reputation: 0
Homenetwork with Wireless Router


Hi,

I'm new to all things Linux, and to networking in general, but we are setting up a small home network with 3 XP machines, one Mac and a Linux box we're going to be using for the most part as a file server, but we would also like to use the machine to run apache as a development webserver, and mysql database server (we're web developers). We will have 3 machines hard wired with cat5 ethernet, and one XP machine that will be wireless. We will be using a linksys wireless-G router and have comcast cable modem.

my question is what is the best way to set up the network? Originally I was going to have the cable go into the linux box through eth0 and than to the router through eth1 using the linux box as the firewall/router, but I don't know if that is the best way to do this, or if the wireless will work correctly this way?

OR

should I choose to have the cable go into the router first, using the routers built in firewall/routing capabilities and use the linux box as a proxy so that everything still goes through that box first before going out to the LAN.

Thanks for any suggestions anyone can offer.
 
Old 11-25-2005, 04:54 PM   #2
Sargek
Member
 
Registered: Jan 2003
Location: San Antonio, Texas
Distribution: Debian testing
Posts: 416

Rep: Reputation: 36
Re: Homenetwork with Wireless Router

Quote:
Originally posted by freshjones
Hi,

I'm new to all things Linux, and to networking in general, but we are setting up a small home network with 3 XP machines, one Mac and a Linux box we're going to be using for the most part as a file server, but we would also like to use the machine to run apache as a development webserver, and mysql database server (we're web developers). We will have 3 machines hard wired with cat5 ethernet, and one XP machine that will be wireless. We will be using a linksys wireless-G router and have comcast cable modem.

my question is what is the best way to set up the network? Originally I was going to have the cable go into the linux box through eth0 and than to the router through eth1 using the linux box as the firewall/router, but I don't know if that is the best way to do this, or if the wireless will work correctly this way?

OR

should I choose to have the cable go into the router first, using the routers built in firewall/routing capabilities and use the linux box as a proxy so that everything still goes through that box first before going out to the LAN.

Thanks for any suggestions anyone can offer.
Does everything need to run through the web server? I guess I mean, do you intend to make it a proxy in addition to its web /data serving duty? You can set up a proxy a couple of different ways, one by running 2 nics and forcing all traffic through it, but then it is a single point of failure, or you can just point each client machine's browser to it instead, and set it up as another machine on the LAN. I think the latter is called a transparent proxy.

If you only need it to serve web pages and data, you should just be able to set it up as another machine on the LAN. If it doesn't need to be visible to the outside world, this is an easy solution. The only reason I can think of why you might need a proxy on a home lan is to control user's access to the internet (content filtering).
 
Old 11-26-2005, 07:55 AM   #3
freshjones
LQ Newbie
 
Registered: Nov 2005
Posts: 6

Original Poster
Rep: Reputation: 0
Hi thanks for the advice,

yes, we would like to filter content which is why we'd like everything to run through a proxy.

I have everything very close to running now using the Linux box acting as a router the cable modem goes in through eth0 hits the firewall and goes out to the linksys router via eth1, and then into the LAN.

It seems like this method is perfectly acceptable practice? Even if the Linux machine is acting as router/firewall/file server/web server/etc?
 
Old 11-26-2005, 07:57 AM   #4
apepost
Member
 
Registered: Oct 2003
Distribution: Fedora core 4
Posts: 113

Rep: Reputation: 15
The common way to do this would be to connect the cable modem into the wan port of the router, and connect all the computers either by Wlan or by cable to the router. There is no need to use a computer as firewall/router when you have the linksys box.
 
Old 11-26-2005, 08:30 AM   #5
Sargek
Member
 
Registered: Jan 2003
Location: San Antonio, Texas
Distribution: Debian testing
Posts: 416

Rep: Reputation: 36
Proxy

Quote:
Originally posted by apepost
The common way to do this would be to connect the cable modem into the wan port of the router, and connect all the computers either by Wlan or by cable to the router. There is no need to use a computer as firewall/router when you have the linksys box.
There is if he wants to force all traffic through his proxy. He can use a transparent proxy, but then the clients can reconfigure their browsers to bypass it. This way, all traffic is forced through the proxy.
 
Old 11-26-2005, 12:16 PM   #6
freshjones
LQ Newbie
 
Registered: Nov 2005
Posts: 6

Original Poster
Rep: Reputation: 0
Thanks again for the help.

Is either way more secure than the other?

In other words would I be better off sercurity-wise to use my linksys as the router/firewall and put the server on the LAN and just proxy through it?

Or can I be confident that if I use the Linux box as teh router/firewall and my iptables firewall is setup correctly that it would be just as secure as using the linksys to route and firewall?

Seems as though for what I'd like to do with the server, file/print share, development web server/database server, email server and content filtering, I could go either way and have things work. I'd just like to know which way others would choose to go, or what would be considered best practice in this particular case.

I appreciate your comments and suggestions on this

thanks!

Last edited by freshjones; 11-26-2005 at 12:19 PM.
 
Old 11-26-2005, 12:35 PM   #7
Sargek
Member
 
Registered: Jan 2003
Location: San Antonio, Texas
Distribution: Debian testing
Posts: 416

Rep: Reputation: 36
security

Quote:
Originally posted by freshjones
Thanks again for the help.

Is either way more secure than the other?

In other words would I be better off sercurity-wise to use my linksys as the router/firewall and put the server on the LAN and just proxy through it?

Or can I be confident that if I use the Linux box as teh router/firewall and my iptables firewall is setup correctly that it would be just as secure as using the linksys to route and firewall?

Seems as though for what I'd like to do with the server, file/print share, development web server/database server, email server and content filtering, I could go either way and have things work. I'd just like to know which way others would choose to go, or what would be considered best practice in this particular case.

I appreciate your comments and suggestions on this

thanks!
Well, personally, I have no faith in my ability to configure iptables correctly, so I would rely on the firewall/router to handle security. I have used several firewall/routers, from different manufacturers, and have never had a security breach. If you feel confident in your ability to configure iptables, I see no difference with either setup. having a Linux box pull security duty probably gives you more flexibility, but it is easier to just plug in a firewall/router and go from there.

As for the proxy, you could still stick it between the firewall/router and the rest of your LAN to filter content. If you force the users through it by using 2 nics on the Linux box, you don't have to worry about configuring the client proxy settings, or worry the clients will configure to bypass the proxy. As I mentioned in an earlier post however, this creates a single point of failure: Linux proxy down, no internet. Also, you could potentially have the Linux box be a firewall and proxy, plus use the routers - having more than one firewall is probably not a bad thing, right? I have two - one for the wireless side, and one for the wired side. Overkill, perhaps, but hey, I LIKE doing this stuff...
 
Old 11-26-2005, 05:21 PM   #8
freshjones
LQ Newbie
 
Registered: Nov 2005
Posts: 6

Original Poster
Rep: Reputation: 0
I appreciate all the advice, and no I don't have that much faith in my ability with iptables at all! I'm only going on what I've read so far and thats about as novice as you can get.

I think I'll opt for going through the router first, and then through the server as a proxy just to be on the safe side of things!

thanks again
 
Old 11-26-2005, 05:36 PM   #9
freshjones
LQ Newbie
 
Registered: Nov 2005
Posts: 6

Original Poster
Rep: Reputation: 0
just out of curiousity, I have really only been trying to deal with the wired side of things, but my router is wireless, and I would like to get it going eventually. Can you describe the way you've set you network up with two firewalls?

is it modem into wireless router/firewall then to server as firewall/router/proxy then to LAN?

thanks
 
Old 11-26-2005, 05:50 PM   #10
Sargek
Member
 
Registered: Jan 2003
Location: San Antonio, Texas
Distribution: Debian testing
Posts: 416

Rep: Reputation: 36
Quote:
Originally posted by freshjones
just out of curiousity, I have really only been trying to deal with the wired side of things, but my router is wireless, and I would like to get it going eventually. Can you describe the way you've set you network up with two firewalls?

is it modem into wireless router/firewall then to server as firewall/router/proxy then to LAN?

thanks
Well, actually, my wireless router/firewall is set up as a device (on normal LAN port) off of my wired router/firewall. My laptop and my niece's machine are wireless, so the wireless router serves as their router, and the wired router/firewall provides IPs (hard-coded) to all of my machines and to the wireless router/firewall. I have the firewall turned on on the wireless router which I guess is overkill because it's running through the other firewall anyway, but it works. I don't have any servers set up yet, but once I get a dvd drive for my server, will install Solaris 10 to play around with it and maybe run a web/data server for experiments.

Hope that all made sense - hard to draw a diagram here, believe me, I tried...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Using Compex (NP16A) wireless router with USB wireless LAN atlantis8 Linux - Wireless Networking 1 09-19-2008 08:11 PM
want to setup homenetwork getinfo Linux - Networking 4 10-27-2004 05:26 AM
ppp drops out on homenetwork justwantin Linux - Networking 0 06-15-2004 05:03 PM
Linux Router & Netgear Wireless Router DMaCATO Linux - Wireless Networking 1 04-30-2004 09:16 AM
wireless router to wireless router connection questions mister_math Linux - Wireless Networking 0 08-06-2003 01:50 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking > Linux - Wireless Networking

All times are GMT -5. The time now is 04:22 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration