The "Mother of a Linux Server" Help thread!

[puddpunk]

Hey guys!

At home, we have 5 Computers in our household. One for each person, and a server. The Server is running Windows 2000 Pro and sits between our internal LAN and the Nokia ADSL modem. I'm trying to convince my father to throw the Win2k server away and slam Gentoo on it, but I have a few issues i need resolved before that goes ahead.

The Nokia modem is a router. The Win2k server has another NIC dedicated to the modem and they have their own IP address's set. The modem also has some kind of firewall on it (Actually, it may just be the modem acting as a router) so nothing can connect in. I want to disable that somehow. I've heard things about rpppoe and adsl modems, but i never could put all the peices together.

On the Win2k server, we run WinProxy (Isn't this website just WRONG???), which has recently become very unstable. This provides filtering (censorship, banner blocking etc...) and is a proxy for our entire network to access the internet. I was thinking of using Squid and SquidGuard to replace this software. Does anybody know much about this software?

The Win2k server also does email for our network using the slightly overkill program of MDaemon. We have it set up, so that we have 4 aliases, and our ISP puts all mail sent to these aliases in the one POP3 mail box. What MDaemon does at the moment, is collects that mail, inspects the <To> header, sorts it into the 4 different mail boxes and provides a POP3 server to collect the mail from our internal network. I was thinking of using something like fetchmail to grab the mail off the ISP, and Qmail or postfix to sort it. And since its an internal network, I think IMAP would be a good idea. Can anyone tell me what really needs to happen, and what programs are suitable for this?

Finally, The server is a File and Print server for all the LAN clients (All windows machines except my one ) So I Guess i'll need to set up cups and samba accordingly.

So yeah, could you post any information, ideas, software replacements or otherwise to help me sort this server out?

Thanks!
Chris.

[slyph777]

The nokia modem is probably running NAT, network address translation. Try practicallynetworked.com for more info. Basically, it lets more than one computer use the same globally routable IP, so that you don't have to pay the dsl people to route more IPs. You will need to look at the nokia modem docs to see if you can turn this off or not, but then you will need to do it at the router, unless you proxy everything.

Don't have much squid experience, so can't help you there.

For the mail, you will need 3 pieces, most of which it sounds like you have a pretty good handle on already. You will need fetchmail to grab the mail from the remote server and deliver it locally. fetchmail will also break up the account into its subaccounts and deliver them to separate users locally. fethcmail normally delivers it to the local SMTP port (25), meaning that you need a sendmail like daemon, such as postfix or qmail. I think that you might also be able to configure fetchmail to use procmail internally, which is useful when you are setting up filters, or when you want your new mail to be read to you when it arrives (IBM SDK). Then you need an imap server, the 2 most popular being cyrus and uw-imap. I like uw-imap because it is lightweight and plug-and-play, however the gentoo desktop doc tells a little about setting up cyrus and squirrelmail to provide webmail access, which is nifty.

I personally use fetchmail/procmail/sendmail/uw-imap/imp to provide my mail capabilities, similar to what you are doing.

[puddpunk]

Well, I want the nokia modem to forward all connections to it so i can let gentoo control all the security, and forward certain connections (like p2p software)

[mark_lagace]

If your DSL modem is acting as a router, it would be plugged in to your network hub, rather than the Win2K machine. Are you sure the DSL modem isn't in 'bridged' mode and your Win2K box is routing traffic from your network? Isn't that what "WinProxy" is doing?

If that's the case, it's very easy to set up NAT (or SNAT, or masquerading) on your Gentoo box using Linux's iptables command. There's a good tutorial on firewalling that includes how to do this on IBM's developerWorks Linux training page. (N.B. You have to register to view the tutorials.)

Don't worry about trouble setting up RP-PPPOE. It couldn't be more simple. Once you have it emerged, you just have to type adsl-setup and it will create all the config files it needs from the info you give it. adsl-start will then bring up your connection and adsl-stop will bring it down. Of course, if your modem IS in fact acting like a router, you don't need rp-pppoe at all... you can just set your modem up as your default gateway and you're good to go.

[puddpunk]

I think the adsl modem, and the ntserver are on their own network.

So basically I am behind two routers (i.e. if i connect to my external IP address, my Win2k box doesnt see the connection.

So the win2k box routes our internal traffic bound for the internet onto its private network with the modem, then the modem routes that traffic to the internet.

Overkill? probebly!

[choward]