Open to all who use or are interested in Linux
By Alokalok94. Tuesday, October 18, 2011 7:48:23 AM
By Blaz(ž) Pristavitalianjob44. Monday, May 17, 2010 11:36:33 AM
By Drewdragonbite. Tuesday, January 27, 2009 2:57:03 AM
By Zakzakoz. Tuesday, October 7, 2008 3:28:58 AM
By Zakzakoz. Thursday, October 2, 2008 6:44:49 PM
By Zakzakoz. Thursday, September 18, 2008 3:47:50 AM
By Drewdragonbite. Wednesday, July 9, 2008 5:04:16 PM
A while ago I was struggling to get my old Dell GX110 CPU with 2 NIC cards to act as a firewall and DHCP server. I thought by using a full-fledged Linux distro I would be able to later on add such things as Squid, or DansGuardian proxy server and content management controls.
Content filtering and logging is something that software seem to do one one level or another. Microsoft Vista and the Trend Micro Internet security suite includes parental controls and content filtering options for Windows, plus DansGuardian can be installed on the kid's Edubuntu computer and even my laptop. That's not the issue. The issue is that the first one savvy enough to realize they can bypass it simply by running a LiveCD or a distro on a USB stick instead of the protected operating system wins! That is, of course, after thorough attempts at breaking into the controls on the system itself.
By placing these controls on a gateway for the entire household, not only do I protect my file server from being accessed by unwanted hackers, but I protect the entire household regardless of if the user is using the installed operating system or a LiveCD or even if somebody access the wireless network (which I hope to have in the near future). Combine this with making the modem and router physically inaccessible and then I can provide protected access through either the switch or wireless.
The people in the forums were very patient with me and tried to understand my questions as I muddled away trying to set up the gateway using the available documentation and miniscule networking knowledge. I got to the point where I almost had it, I think. That is until a friend at the computer club meeting told me about IPCop.
Actually he mentioned Smoothwall and IPCop, but admitted that he finds himself going back to IPCop. I took a look at it that night and saw the ISO download is rather small plus it facilitates DansGuardian and Squid as well as a scan utility. That night I downloaded version 1.4.18 and copied it onto my USB drive.
Thankfully this friend also gave me some advice on setting up the system, and told me about IPCop's "zones"
IPCop has a number of zones [1];
I don't have wireless yet, so I opted for Green + Red zones with one NIC being assigned to each. When I do get wireless then I can either add it to the Green zone and try to lock it down as much as possible, or add it to the Blue zone and lock the wireless access point to bare minimums.
The other piece of information he provided that was a big help is setting the IP address and range. I foolishly was trying to set up all of the IPs in the same sub-domain as the DSL modem (192.168.1.x). He gave me a suggested internal IP sub-domain of 10.0.7.x and leaving the external IP with 192.168.1.x.
IPCop also runs a DHCP server, so I can manage to have
With this knowledge in hand I gave installing IPCop a go, and installed it on over my previous attempt.
The installation was very easy, took less than 30 minutes and that's with the installer scanning the NICs to determine it the internal is eth0 or eth1. It helped that I already knew the static IP addresses for the router/gateway, the modem and the server.
Once it is installed and the passwords are set you don't need the keyboard or monitor hooked up to the gateway because it includes a web interface for configuring things. You just have to remember the passwords you entered for each of the different roles (3 I think).
I feel so much better knowing I've got the gateway and firewall up to protect my network. Now my next excursion is going to be installing DansGuardian content filtering and parental controls. This looks to need to install the (Unofficial) IPCop Firewqall Addon Server, which seems to include an easy manner to navigate the available addons which I see DansGuardian being listed as Cop+. Considering the added interest in the Internet by my son, I best get this installed and working quickly.
By PariahLadyArtane. Tuesday, June 24, 2008 1:01:29 AM
By PariahLadyArtane. Monday, June 9, 2008 11:37:10 PM
By Drewdragonbite. Thursday, May 29, 2008 4:29:01 PM
Yes, I was one of the throngs of people waiting for Ubuntu 8.04 LTS (or Hardy Heron) to become available to download and install. It was exciting to see what improvements they have come up with and what is new on this distribution!
The download took a while but finished without incident and burned onto the CD easily enough. I've been using wget for downloading instead of Mozilla Firefox lately because it seems to continue it's download even when I am not logged in which can be very handy if I need to get off the system and don't want to leave it logged in for security reasons (my now-6 years old is starting to scare me with his explorations into configuring his desktop).
I installed it onto my Dell Inspiron D400 and had it take over the entire disk since this has the best chance of being my "primary OS". It didn't go fully the first time but I believe it was the second time along that it worked without any issues, flaws or hiccups. For the record I have been checking the CD Media before installing and it passed with flying colors. After running installations with bad CDs (even from ShipIt!), you learn to take the time and check the CD because it's better to waste your time in the beginning than it is to try and try again.
So with my newly installed Ubuntu on my laptop I started the usual pre-flight.. does everything work?
Of course it doesn't, but that is expected because the wireless is provided by Broadcomm, whose drivers cannot be shipped with linux because it is not open source. I will say, though, that Ubuntu makes adding those drivers very easy with it's "Restricted Drivers" utility. As long as you have it plugged into the Internet (which I did) you just check the box and it will do the rest with a couple of prompts. Basically the prompts are for legal reasons, so it isn't something to worry about. After that was complete I had wireless available.
After updating Synaptic I was ready to start installing applications I want. The usual get-you-started applications are already installed; Firefox 3.5 beta, Pidgin, Evolution, Gimp, Open Office, etc. For people not in countries tied by patents on codecs and that whole mess there is an easy way to install what is needed to play common formats and it is available in Synaptic (or Adept or command line). Just pick the appropriate one for your system; ubuntu-restricted-extras, kubuntu-restricted-extras or xubuntu-restricted-extras.
I have run across only one issue so far. When I click on an application which requires sudo, if I don't get the prompt for the password right away, then the application never launches. To rectify this all I have to do is click on the application one more time and it comes up as expected. Not a killer, just a mild annoyance.
So as usual, other than having to kill yourself trying to figure out what you need to install to play one format or another (legally) you can have the whole system up and running without even having to go into the command line once! A definite improvement.
What distro do or have you used?
(16%)
(26%)
(10%)
(7%)
(1%)
(20%)
(13%)
(5%)
(8%)
(13%)
(14%)
(4%)
(12%)
(11%)
(21%)
(30%)
(11%)
(15%)
(10%)
(6%)
(0%)
(25%)
(55%)
(26%)
(13%)
(9%)
(4%)
(13%)
Total: 112 votes
Download Opera - Surf the Web with lightning speed, using the fastest browser ever.
My Opera is a blog and photo sharing community with millions of members. Join now to follow Linux Users's blog and get your own.
My Opera
