[plug] Configuring ipchains on potato

bob bob at contact.omen.com.au
Tue Jul 9 17:21:51 WST 2002 

I've been borked up by my ISP and it looks like I'm going to loose the
contact.omen.com.au sub-domain I've had for ~7 years in about 3 weeks.
This means that I'm going to have to bring forward the plans I have for
this Alpha running debian potato [1] I have here.

Anyway, long story short. I'd like to get up to speed on configuring a
firewall/gateway & DNS (I think I can handle most everything else but I
have 0 experience with ipchains or setting up a DNS [2] (I'll be 
registering an org.au ). The plan is to run all the services locally on
the alpha and only use the permanent dialup for the static IP so I may
need some hints here and there along the way on other things too.  

I'm feeling a bit over awed trying to get this all together and _secure_
in less than 1/4 the time I'd thought I was going to have, I'd already
been planing to leave relying on the ISP's services later this year by
doing all this [once woody had been released] but they got the first
punch in. The plan _was_ to get pieces setup and running, sort out bugs
and do the RTFMing before putting it all on-line. Now its all going to
happen far to quickly for that in terms of the hours I have available to
devote to this project so I'm going to have to ask for your help and try
and understand it as we go along, not my favourite way of doing things
:(. 

Ok, time for some details...

Things that I'll need to have pass through the firewall are DNS, email,
http and ssh. I'll also have a few things that'll need access to the LAN
running on the box so allowing 192.168... would be a good idea too :).

Oh, and any recommendations for a MTA? Something that can handle a mixed
environment so probably POP + SMTP to keep it simple (sendmail? or
something else?) and be capable of dealing with running small lists.

Of course anything else that I should be aware in the situation of would
be useful too :).

Thanks.

[1]potato? 'cause its the only distro I've been able to get working on
the box. Besides... its stable.

[2] at least not on Linux. I've done "stuff" with OS/2, running services
from a firewall/gateway etc etc so while basic principles should remain
the same it just doesn't translate that well that I can walk up to a
Linux box and...  

-- 
bob
Cave canem...te necet lingendo.

More information about the plug mailing list