Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Suggest HOWTO

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 26th October 2006, 05:04
Ka1N Ka1N is offline
Junior Member
 
Join Date: Oct 2006
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Smile The ultimate home server/gateway

Hi everyone.

I've been using custom Linux distros for the past 2 years for my home gateway/firewall (IPCop, SME Server, M0n0wall).

Tho they work quite well, I've always found it annoying when it came to managing or adding functionality to it. I've come to a point where I'd like to try and setup my version of the ultimate home server with Debian 3.1 (Sarge) for me and my fellow roommates. However my Linux knowledge, for the time being is quite limited to very simple administration of packages installed and configured by others. I'd like to start changing that and require your assistance.

I've checked and read a lot of guides on this site. And they are all very well written and maintained. However I find that many of them seem to be aimed at ISPs and others with fixed internet IPs. Which is not my case at all. Also,. I understand that by running everything off 1 machine is potentially dangerous (single point of failure). But hey, I only have 1 machine (2.8 ghz 1 gig RAM) that I'm willing to dedicate to it.

Here are some of the features I see this box doing. I'm sure I've missed things, please feel free to comment.

Stealth Firewall
DHCP server
DNS server (Update with dhcp leases and static hosts entry)
Proxy server
Bandwidth throttling
Web server
MySQL
ProFTPd + Web management interface
LDAP Server
SAMBA support
Mail server (Secure POP, SMTP & IMAP)
Anti-virus
Spamassassin (with reporting features per user account)
Fetchmail from different POP accounts and put in appropriate user accounts
VPN Server
Road Warriors VPN into Green
Road warriors VPN into Blue
Users VPN from Blue to Green

Web based stats (hardware & software monitoring, mail, dns, dhcp, ftp, spam, virus, etc.)
Critical Server Alerts sent to SMS device or if Asterisk is working, via voice msg.

Misc:
IDS
Rootkit
Dynamic DNS support
Captive portal for Wireless connections
Asterisk@home for VoIP (Would it be possible to send server stats to SMS via phone?)
Parental protection features

So that's it for now, I would like to read comments and suggestions. I'm also attaching a network topology of this, please let me know if there are changes I should bring to it.

Thanks.

-K

PS: Am I crazy?


Last edited by Ka1N; 26th October 2006 at 05:08.
Reply With Quote
Sponsored Links
  #2  
Old 27th October 2006, 15:20
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,747 Times in 2,578 Posts
Default

This clearly looks like a job for IPCop, and for all services not managed by IPCop I'd install another server. I think it will become too complicated to do it on one box, especially if you're no Linux expert.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 4th November 2006, 06:13
Ka1N Ka1N is offline
Junior Member
 
Join Date: Oct 2006
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hi Falko,

thanks for the reply. I've since been reading up on various parts of my initial post. You're right! I might have been a little out of my mind to think that I could so easily do this

So for the time being, I've decided to keep 1 machine running IPCop. And setup a seperate machine to run some lan services.

- Web (Apache, PHP, MySQL)
- Samba
- Mailserver with spam and antivirus + control panels or reporting pages

That should be enough to keep me busy for a little while...

I do have a few simple questions if you could point me in the right direction concerning the mail server.

I want to create a mailserver for my LAN users (4 roomates). So I want to create user account on the server, and configure fetchmail for each account to acquire the email from various POP servers, download, scan (Spam, Antivirus), deliver to each users's account.

Then allow each user to use their client software in a secure manner read their email either via POP or IMAP securely (SSL/TLS).

Is this complicated on a dynamic IP cable connection?

Thanks.

-K

Last edited by Ka1N; 4th November 2006 at 06:26.
Reply With Quote
  #4  
Old 5th November 2006, 17:38
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,747 Times in 2,578 Posts
Default

Quote:
Originally Posted by Ka1N
Then allow each user to use their client software in a secure manner read their email either via POP or IMAP securely (SSL/TLS).

Is this complicated on a dynamic IP cable connection?
Just configure fetchmail to fetch your users' mail from the mail boxes. Have a look here: http://www.howtoforge.com/forums/sho...ht=fetchmailrc

If your roommates are trying to fetch their emails from your mail server from within the local network, then they can use the mail server's internal IP address in their email clients. If they do it from the outside, you should get a dyndns.org domain name for your mail server that your roommates can use in their email clients.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 6th November 2006, 09:36
Ka1N Ka1N is offline
Junior Member
 
Join Date: Oct 2006
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hey Falko,
Was just reading another one of your tutorials "Virtual Users And Domains With Postfix, Courier And MySQL (+ SMTP-AUTH, Quota, SpamAssassin, ClamAV)" and was wondering if I can use that setup for my users and then configure fetchmail to "fetch" to their accounts.

If so, what is the proper way to configure users?
Reply With Quote
  #6  
Old 7th November 2006, 17:05
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,747 Times in 2,578 Posts
Default

I'm not sure if fetchmail works with virtual users...
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #7  
Old 8th November 2006, 22:03
Ka1N Ka1N is offline
Junior Member
 
Join Date: Oct 2006
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Ok... will test out a few things. I'm getting the hang of it, well... starting to

BTW, just got to say that your how-tos are really nice. Thanks so much for writing them its thanks to people like you that people like me improve their skills faster.

Thanks again!

-K
Reply With Quote
  #8  
Old 9th November 2006, 03:58
beast2k beast2k is offline
Junior Member
 
Join Date: Nov 2006
Location: Quebec Canada
Posts: 1
Thanks: 1
Thanked 0 Times in 0 Posts
Send a message via MSN to beast2k
Default

Quote:
Originally Posted by Ka1N
Hi everyone.

I've been using custom Linux distros for the past 2 years for my home gateway/firewall (IPCop, SME Server, M0n0wall).

Tho they work quite well, I've always found it annoying when it came to managing or adding functionality to it. I've come to a point where I'd like to try and setup my version of the ultimate home server with Debian 3.1 (Sarge) for me and my fellow roommates. However my Linux knowledge, for the time being is quite limited to very simple administration of packages installed and configured by others. I'd like to start changing that and require your assistance.

I've checked and read a lot of guides on this site. And they are all very well written and maintained. However I find that many of them seem to be aimed at ISPs and others with fixed internet IPs. Which is not my case at all. Also,. I understand that by running everything off 1 machine is potentially dangerous (single point of failure). But hey, I only have 1 machine (2.8 ghz 1 gig RAM) that I'm willing to dedicate to it.

Here are some of the features I see this box doing. I'm sure I've missed things, please feel free to comment.

Stealth Firewall
DHCP server
DNS server (Update with dhcp leases and static hosts entry)
Proxy server
Bandwidth throttling
Web server
MySQL
ProFTPd + Web management interface
LDAP Server
SAMBA support
Mail server (Secure POP, SMTP & IMAP)
Anti-virus
Spamassassin (with reporting features per user account)
Fetchmail from different POP accounts and put in appropriate user accounts
VPN Server
Road Warriors VPN into Green
Road warriors VPN into Blue
Users VPN from Blue to Green

Web based stats (hardware & software monitoring, mail, dns, dhcp, ftp, spam, virus, etc.)
Critical Server Alerts sent to SMS device or if Asterisk is working, via voice msg.

Misc:
IDS
Rootkit
Dynamic DNS support
Captive portal for Wireless connections
Asterisk@home for VoIP (Would it be possible to send server stats to SMS via phone?)
Parental protection features

So that's it for now, I would like to read comments and suggestions. I'm also attaching a network topology of this, please let me know if there are changes I should bring to it.

Thanks.

-K

PS: Am I crazy?

Didn't they do an "ultimate server" thing already ? and is the picture in your sig your network in your house ? good lord if thats your home network maybe you should be writing the how-to. impressive layout
Reply With Quote
  #9  
Old 18th November 2006, 08:32
Ka1N Ka1N is offline
Junior Member
 
Join Date: Oct 2006
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default

Thanks... but no. This is the layout I've been dreaming of having at my house. However, 2 weeks in, still having trouble with fetchmail lol... so you can imagine the rest. I don't know why, linux mail servers has always been a pain in the a$$ for me... maybe one day

Keep you guys posted.

PS. Just for you info, a lot of it can already be done with IPCop. Just that I've been looking for a way to do it with Debian...

Last edited by Ka1N; 18th November 2006 at 08:35.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Maildrop : unable to change to home directory HoUsECAt HOWTO-Related Questions 1 13th September 2006 13:03
ISPConfig Home Directory rlhesson Installation/Configuration 2 7th August 2006 13:44
mail problem - authentication (postfix,ISPconfig) marclar General 57 24th June 2006 17:24
home server questions chipw Server Operation 5 28th April 2006 13:56
POP3 : account unavailable : (+t bit set on home directory) drtrembath General 8 3rd April 2006 00:01


All times are GMT +2. The time now is 10:38.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.