I think separating the firewall and server functions into separate boxes is
a good idea just for security, though the whole project could be run out of
one box.
Why the need for a proxy? Why not just use masquerading instead? see the
MASQUERADING-HOWTO at your favorite linux docs depo, like linuxdoc.org.
It's easy to setup and maintain through firewall rules.
Use ipchains for a firewall. Get a good script and modify it to your needs.
See http://linux-firewall-tools.com/ and read his FAQ. Will also help you
set up masq through ipchains.
Run your DHCP, SAMBA, DNS, and other services from box 2. If you need the
DNS to be accessible from the outside world, look into ipmasqadm for
forwarding that port to box 2.
Hope this helps.
Drew
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]
> Sent: Sunday, February 11, 2001 7:03 PM
> To: [EMAIL PROTECTED]
> Subject: Basic Network Configuration and Software
>
> To All,
>
> I am looking for advice and links to more info on the following:
>
> My sons school has about fifty pc we need to network.
>
> We have a DSL line. We need to have web access and file services. E-mail
> is also a possibility.
>
> I think we need two linux boxes.
>
> Box 1 will be firewall/proxy server. Two NICs, one with IP from DSL
> provider, other to switch for network.
>
> Box 2 will be file server (running Samba) and DNS server (do I also need
> DHCP?)
>
> Workstations are mostly Win95/98 but also have a few macs.
>
> I am looking for software suggestions for firewall/proxy server (Squid?
> Socks?).
>
> Should I split firewall and proxy between two boxes? If so I have an older
> pentium I could use for firewall.
>
> If we go with e-mail should I put that on a seperate server? If so what
> type of hardware?
>
> I have found information on the detailed setup issues involved with some
> of the software (squid, socks,firewall) and have experience with SAMBA.
> What I need is real world experience on what works best and/or is easy to
> set up and maintain.
>
> Any links or advice is greatly appreciated.
>
> TIA.
>
> David Brenner
winmail.dat
