Re: How to configure a Home network?

[Cokey de Percin]

John Moore wrote:
> 
> Hello again
> 
> Here is the second version of this setup.  I have tried to include
> the suggestions from yesterday.  At the bottom I have included some
> questions which come up in the discussion.
> 
> ( NOTE: the changes begin with "Ver: 2", so we can do ASCII
> configuration control. ;-)  )
> 
> I appreciate the information provided about IP forwarding and Email
> below.  But I was looking for some more information about where to
> start and what to do.  So let me see if I can state what I think is
> the correct attack.  If something is missing or wrong, PLEASE correct
> me.  I will attempt to post a summary once I get this working.
> 
> Initial Setup:
> 
>   I have three computers, one running Redhat Linux 6.0, and two
>   running Windows 95, all with new unconfigured installations.  They
>   all contain ethernet cards,  and the cabling is in place.  The Linux
>   box has a modem attached to access the Internet.  I have a dialup
>   connect to my ISP which uses dynamic IP addresses.
> 
> Configuration Steps:
> 
>   1. Pick names for the computers, and a domain name for the
>      network.  These are private names, so they are not registered to
>      appear on the Internet.
> 
>      Ver 2.0: Comment: There was a suggestion to pick a machine.domain
>      name based on my ISP's domain, such as linux.jmoore.myisp.com .
>      I don't think this is useful since email must be masqueraded as
>      [EMAIL PROTECTED] and not [EMAIL PROTECTED] .  Besides
>      it is more fun to pick your own domain name since it will not
>      resolve under DNS anyway.
> 
>   2. Assign IP addresses to the machines using unrouted IP numbers
>      such as 192.168.10.1-3 .
> 
>   3. Configure the Windows boxes, in the networking section of the
>      control panel, for their name, workgroup, fixed IP
>      addresses, Wins lookup, no DNS, and no Gateway.  (I plan on using
>      Samba.)
> 
>      Ver 2.0: create a hosts file on each Win 95 system which is a
>      copy of /etc/hosts on the Linux box.  This allows internal name
>      resolution without configuring DNS.  Setup the Linux box as the
>      gateway, in the Win95 Network config panel.
> 
>   4. Configure the Linux box for it's hostname, domain name, and IP
>      address.  Create accounts on Linux for the users of the Windows
>      95 machines.  Confirm that they have mail boxes on the Linux
>      machine.
> 
>   5. Configure, start and test Samba.  Configure Sendmail for Envelope
>      masquarading using ISP domain name, and relay of internal
>      systems.  Configure the Windows 95 mail programs to use the Linux
>      box with IMAP.  Set up a procmail filter if you want the Windows
>      users to have internet email.  Send messages from each box to all
>      the users.  Configure PPP and diald for Internet access from both
>      Linux and Windows 95. Check that the Windows 95 browsers can
>      access the internet through the Linux modem.
> 
>      Ver 2.0: You need to define SMART_HOST in the sendmail config
>      file.  In addition you should setup relaying for your internal
>      machines.  Configure sendmail to make connections expensive,
>      `confCON_EXPENSIVE', `True'.  Configuration information for
>      sendmail, procmail, and fetchmail available at:
>      http://www.moongroup.com/unix/mailhelp.html
> 
>      Ver 2.0: Netatalk is also nice if you want to allow any Macintosh
>      users LAN or Internet to access your machine.
> 
>   6. Recompile the kernel to include IP Forwarding, set up IPchains to
>      protect the internet communication. Configure a Cron job to
>      exchange email with the ISP machine using fetchmail to get the
>      mail, with procmail filtering, and use sendmail -c to upload the
>      waiting email.
> 
>      Ver 2.0: No need to do a recompile, since IP Forwarding is
>      already included.  Configuration information on Linux is
>      available at the "Linux Administrator's Security Guide"
>      http://www.securityportal.com/lasg/ (this site seems like a lot
>      of good information, I just wonder if it would be overkill for a
>      new Linux admin?)
> 
> Questions:
> 
>   1. How to I get the Win95 boxes to trigger a PPP connection to the
>      Internet?  Some suggestions are: masqdialer, diald, and pppd.
>      Does anyone have experience with this configuration.  I have read
>      that masqdialer is the way, but I have no experience.
> 

Use diald.  It will automagically dial your isp when it gets an 'exterior'
packet; ie a packet that should go outside the network.  Works great!  I've
been using it for several years and never had a problem.  Your users don't
even know it's there.  

>   2. Would a dialup user be better using a Proxy like Squid rather
>      than IPchains?  I know that more security is better, but is a
>      Proxy overkill?  What are the pros and cons to the different
>      levels of security for a dial-up user?  I know firewalls are
>      COMPLEX to configure, like sendmail.  But for sendmail Chuck Mead
>      at www.moongroup.com has done a good job of creating cookbook
>      configuration.

For Firewalls, you might check out:

www.ecst.csuchico.edu/~dranch/LINUX/TrinityOS.wri
www.nerdherd.net/ipchains
 
>   3. What about allowing the Window PC to use telnet, ftp, chat, and
>      real audio through the Linux box?  Do these need some setup, or
>      can they simply work through the Linux interface to the Internet?
>

Telnet & ftp work with no setup (AFAIK); chat I don't know about and 
real audio needs something special (I think)

 
> OK, what have I forgotten, overlooked, or missed?
> 
> Yes I know this is a long list, but I think many people might not know
> what is involved in setting up this type of a system.  The easier we
> make it, the more people will catch on to the real power of Linux.
> 
> Help me get this right, and I will help spread the word.
> 

Best

Cokey

-- 
------------------------------------------------------------------
Cokey de Percin, DBA            Email:
Policy Management Systems Corp.  Work - [EMAIL PROTECTED]
Columbia, South Carolina         Home - [EMAIL PROTECTED]


-- 
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.