SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Ok, a complete kinda/sorta newbie to FreeBSD, same with Slackware, but I've used various versions of Red Hat and Mandrake.
The question is this: What is the best way to make a DHCP/Gateway server? My mother has asked me to make a firewall for her small business. The choices I have is Slackware 9.2 and FreeBSD 5.2.1. The problem is that BSD is on the cutting edge, therefore there arent too many tutorials that I can find yet, and linux tutorials are so general, and usually lean toward Red Hat or something like that. The server computer is going to be a Pentium II with 256mb RAM and a 16mb video card.
So are there any tutorials/howtos that are geared toward these? I try not to be an idiot when it comes to these things, but I fall short of the mark.
Thanks a lot
FreeBSD has some of the best documentation around.
The FreeBSD manual on their site, also included in the installed docs. Real good stuff. www.freebsddiary.org/ www.freebsdforums.org/ www.freebsdportal.com/
The Complete FreeBSD 4th by Greg Lehey
Absolute BSD
Just to name a few.
Thanks for your fast replies, guys.
I got a little mixed up on the 9.2/9.1 thingie Sorry bout that.
Tell me, why would 4.10 be better for my computer? 5.2.1 installed without a single hitch. The only problem is that it keeps rejecting my client computer (win2k) from the dhcp server.
Another distro I ran across (literally tripped over it....teenagers have messy rooms) was 4.3. I'm reading the dhcpd.conf man page one more time before I try it out.
Any help?
Say with 5.x.x unless you see some problem you can't work around and then report the problem. FBSD 5.x.x has ACL with UFS2. Something you'll see more of in the future.
If you're leaning towards Slack (or whatever Linux distro for that matter), but feeling uncomfortable about configuring iptables manually for your mom's co's topology (I assume there is some sort of networking involved), I'd recommend using gShield to simplify the process.
It's kinda neat and easy for an iptables-challenged person like me... so in general I think it would help anyone who's trying to setup a router/gateway/firewall combo in a short time.
It took me about 20 minutes to get the router at my workplace working perfectly... and I'm only using a Celeron 366MHz with 128MB SDRAM
I had a similar problem needed a server/gateway firewall for my home network . I nstalled smoothwall on a spare machine did some simple configuring installed a couple of updates and I was in business with a firewall, dhcp server, web proxy, IDS (snort)
NAT and DNS all up and running. Just download the version with the docs read them and install.
Well, one last question before I go back to Slackware.
The Exact problem is this; I have three computers I'm trying to throw up into a network; the wannabe server, and two win2k clients.
When I hook the clients up to the server hub, and run ipconfig, all the settings come up fine.
But on the server side, these errors pop up:
fortress dhcpd: icmp_echorequest 192.168.4.253: permission denied
fortress dhcpd: send_packet: permission denied
fortress dhcpd: last message repeated 7 times
fortress dhcpd: last message repeated 10 times
and so on and so forth. Any more help? Thanks for everything so far, guys.
Well since everybody seems to be tossing out their favorite firewall scripts, I might as well suggest mine. But ill also tell you why its my favorite and that is because unlike all the other ones previously listed, it is NOT one huge monolithic bash script that you need to edit. Monolithic scripts are fine for a personal firewall, but when you get into gateways that need to do NAT and port forwarding and the like, it can get pretty messy. And unlike smoothwall, its not its own distro, its all in bash so you can run it on any distro you want. The firewall im talking about is called IPkungfu of which you can get at http://freshmeat.net/projects/ipkungfu. As mentioned, unlike the other scripts it breaks down the differnt aspects of a firewall into their own config files. For example:
So as you can imagine, hosts you always want to allow for incomming connections go in accept_hosts.conf, and vhosts.conf is for port forwarding, ipkungfu.conf is the main config file and custom.conf is so you can add your own raw iptables commands if IPkungfu doesnt do some tricky thing you are looking for. The rest ill leave for you to figure out.
IPkungfu will autodetect alot of things for you including both of your NIC's, and if it finds two, it will automatically set up NAT for you. The only things you really have to tell it is the internal IP address block, 192.168.1.0/255.255.255.0 for example and what ports to open on the FIREWALL if any. For example you would allow port 80 if your firewall also ran the apache web server etc. These options are found in the main ipkungfu.conf file.
As I mentioned earlier, vhosts.conf is for port forwarding, which you will most likly have to do when using NAT. Here is a small snippit of my vhosts.conf file
As you can see the syntax is MUCH easier than the raw iptables rule it creates. Its basically
Code:
Allowed Network in:Internal IP of server:Incomming Port:Forwarded Port:Protocol
Note that most of the time the incomming and forwarded ports are the same but dont have to be.
As for your "fortress dhcpd" issues, I haven no friggen clue. I did a google search for that phrase and it found nothing. But if your external interface cannot get an IP from your modem then no firewall in the world is going to work.
What I use is smoothwall. It is easy to setup and has a very nice webpage to configure it once it is installed. I use the red-green-orange network setup so the red is the internet, the green is the internal lan and the orange is the DMZ for servers. I connect a MAC OS X, slackware and a win 2k machine and it works perfectly eather with DHCP or static IPs. I used it with PPPoE and now on static hard coded IP and it is rock solid. It run's on a K6-2 500mhz with 128mg of ram.
Well then back to slackware go I! Probably for the best, I know every command in the book on slack, and in fbsd I was back to square one in learning.
Thanks for all your idea's guys, you've been a great help.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.