Set Up Ubuntu-Server 6.10 As A Firewall/Gateway For Your Small Business Environment - Page 4

Now edit /etc/apache2/sites-available/default. The top has to be changed so that it reads:

NameVirtualHost *:80
<VirtualHost *:80>

Edit /etc/apache2/sites-available/https as well, the top of the file should read:

NameVirtualHost *:443
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.pem

Edit /etc/squirrelmail/apache.conf It should look like this:

Alias /webmail /usr/share/squirrelmail

<Directory /usr/share/squirrelmail>
php_flag register_globals off
Options Indexes FollowSymLinks
<IfModule mod_dir.c>
DirectoryIndex index.php
</IfModule>

# access to configtest is limited by default to prevent information leak
<Files configtest.php>
order deny,allow
deny from all
allow from 127.0.0.1
</Files>
</Directory>
# users will prefer a simple URL like http://webmail.example.com
#<VirtualHost 1.2.3.4>
# DocumentRoot /usr/share/squirrelmail
# ServerName webmail.example.com
#</VirtualHost>
# redirect to https when available (thanks omen@descolada.dartmouth.edu)
#
# Note: There are multiple ways to do this, and which one is suitable for
# your site's configuration depends. Consult the apache documentation if
# you're unsure, as this example might not work everywhere.
#
<IfModule mod_rewrite.c>
<IfModule mod_ssl.c>
<Location /webmail>
RewriteEngine on
RewriteCond %{HTTPS} !^on$ [NC]
RewriteRule . https://%{HTTP_HOST}%{REQUEST_URI} [L]
</Location>
</IfModule>
</IfModule>
Share this page:

5 Comment(s)

Add comment

Comments

From: Chris Angelico at: 2011-02-25 05:28:11

You suggest in this howto that users 'sudo passwd' and then log in as root. There's an easier way, in the versions of Ubuntu that I've used: just use 'sudo -i'. It'll create an "initial login" system, which will give you bash and everything you need. Less fiddling, more safety.

From: at: 2007-01-30 17:28:02

Before this command can be done, you need to install mysql-server

apt-get install mysql-server-5.0

Now do:

mysqladmin -u root password yourrootsqlpassword ##USE A REAL PASSWORD HERE!

After this is done, then you can run the next command

Thanks

From: at: 2007-04-20 18:26:55

If the steps are followed and you install LAMP , it includes the installation of mysql.

From: at: 2007-04-20 18:34:47

This really doesn't have to happen. Later on this guide we compile dcc.

<quote>

cd /root

wget http://www.dcc-servers.net/dcc/source/dcc.tar.Z

gunzip dcc.tar.Z

tar -xvf dcc.tar

cd dcc-1.3.45     ##or whatever version is current.

./configure

make

make install

 </quote>

Simply add to the ./configure line  --bindir=/usr/bin , it should look like this:

./configure --bindir=/usr/bin

and everything should be fine. 

 

 

 


 

From: at: 2007-06-08 08:38:09

Sorry, I was not understandable and choose wrong place to comment.

A. When I wrote /etc/shorewall/rules exactly  as written here (Page 10, up to words:

To comlete this step, do:

/etc/init.d/shorewall restart)

- I couldn't establish connection to my VPN-server.

I had to add new zone "vpn" in such a way: in /etc/shorewall/interfaces before the last line:

vpn ppp0

 in

/etc/shorewall/zones before the last line:

vpn ipv4

in

/etc/shorewall/policy before the last line:

##### for VPN

vpn loc ACCEPT

vpn $FW ACCEPT

loc vpn ACCEPT

$FW vpn ACCEPT

and modify in /etc/shorewall/rules the line:

DNAT net loc:192.168.1.1 tcp 1723

to the line: 

DNAT net $FW:192.168.1.1 tcp 1723

After all that the connection to VPN-server started properly .

B. When I wrote in /etc/shorewall/rules first to other rules

LOG:warning:L2    net     loc:192.168.1.1    47 

I found nothing in kern.log           

So I wonder, is protocol 47 necessary here in /etc/shorewall/rules ?

I hope, my comments help you to improve your brilliant HowTo