Jump to content

paul

Admin
  • Posts

    5611
  • Joined

  • Last visited

  • Days Won

    8

Everything posted by paul

  1. huh ??? photos ???? ok hang on
  2. My idea. Use Mandrake MNF .. setup with your external proxy (it asks you during setup if you want to use a proxy) then configure Proxy Authentication on the MNF box, so access is username / password restricted. I haven't setup Proxy on my MNF ... but I've read the docs, and it all looks pretty easy
  3. :) I've got a webserver running at home now ... so I want to do some speed tests etc. so follow this link http://loudas.com and tell me how it goes (response time etc) my setup 2x desktops (1 P4 1.4 and 1 dual P3 1gig) on lan 192.168.x.x (Mandrake Workstation DVD) 1x web and mail server (celeron 733) on DMZ 10.0.x.x and 202.27.218.97 (MDK D/load edition) 1x firewall / router (celeron 333) with 3 NIC's --> WAN(202.27.218.96), LAN(192.168.x.x), DMZ(10.0.x.x) (Mandrake MNF) 2x DNS servers 202.27.218.96 (ns1.loudas.com) and 202.27.218.97 (ns2.loudas.com) 1x Webserver 202.27.218.97 (www.loudas.com) 1x POP3 server 202.27.218.97 (pop3.loudas.com) 1x SMTP server ...with no relaying 202.27.218.97 (smtp.loudas.com) and notice a completely Mandrake environment :D ... and the wife even likes it !!!!!! Mandrake MNF is Masq'ing 192.168.x.x as 202.27.218.96 all services are closed at the firewall except HTTP,HTTPS,POP3,SMTP,DNS (which are forwarded to the websever 202.27.218.97) and DNS ACCEPT'ed from 202.27.218.96 (so I can have Primary and secondary DNS) I've done a relay test on POSTFIX and all is well :P my bandwidth tests say my connection is 300kbits (which is pretty good for NZ) ... I'm getting download speeds of 65kbps (which is OK) I just want to know how it responds from outside. all this over a 15 kilometer wireless link !!!!!
  4. strange :?: I have 2 setups ... 1. .htacess and .htpasswd in the protected directory 1. .htaccess and .htpasswd in a seperate directory with require valid user setup in commonhttpd.conf both work fine. if it can't find the .htpasswd then put it in the same directory as .htacess, change the path in .htaccess then try it again. if it can read it, then it IS a permissions thing and you're on the right track
  5. you need to change the conf in httpd.conf or commonhttpd.conf or even maybe vhost/Vhost.conf and put in the <directory> tree AllowOverride All then .htaccess will work
  6. dnat wan dmx:192.168.02 http dnat wan dmx:192.168.02 https works for me
  7. /me drools :D but I can't get either to build on m computer :-( MDK 9.0 absolutely standard install I heard (on cooker) a while ago, that somebody had built RPMS, but they are not responding to my emails :-(
  8. whoa johnnyv .. I have haunting memories of Max Payne ---> baseball bat !!! :-) :P
  9. I prefer a good ol' desktop environment as well. but I've been using screen for a few years now (when an uber::geek show me how to use it) and it rocks !!! the detach is function is VERY cool example: I'm at work and want to compile a new xfree86, but stoopid people keep closing the window and I have to start again start screen --> start X compile --> detach screen come back tomorrow, re-attach screen, and its all finished !!! cool 8)
  10. paul

    Batch file

    you mean a shell script :-) and depends on what you want. ou can running any script (just about) in any languauge (just about) from the command line it can have any name, or any extension (it doesn't work like windows does) example: a perl script (thisismyscript.name) #!/usr/bin/perl insert perl stuff here a php script (thisismyscript.name) #!/usr/bin/php -q <? phpself(); ?> then to run it you will need to make it executable chmod 755 thisismyscript.name then you should be able to execute it by doing ./thisismyscript.name if that doesn't work try doing perl ./thisismyscript.name or php ./thisismyscript.name
  11. it does ... and it works perfect. theYinYeti is right. 2 processors = about 1.8 the speed I've got 2 1gig procs, and a sinlge 2.3 is faster :-(
  12. paul

    MNF, web hosting

    good news !!! :-) I'm trying to sell MNF's to clients with different setups .. .so hearing reports like this is great!!!
  13. paul

    MNF, web hosting

    yep ... but for security reasons I would do proxyarp 67.x.x.127 eth1 eth0 no (67.x.x.127 being webServer IP) rules ACCEPT wan dmz tcp http 67.69.40.126 don't forward UDP (big security hole) http only needs tcp port 80 (and 443 for https) if all you want is a webserver then then: rules ACCEPT wan dmz tcp http 67.69.40.126 ACCEPT wan dmz tcp https 67.69.40.126 I think ... you may have to specify then dmz ip address (try it without first) example: ACCEPT wan dmz:67.x.x.127 tcp http 67.69.40.126 ACCEPT wan dmz:67.x.x.127 tcp https 67.69.40.126 cool?
  14. paul

    MNF, web hosting

    correct ... I have 2 public IP's 202.x.x.1 and 202.x.x.2 firewall ip 202.x.x.1 DNAT tcp+udp wan:202.x.x.1 dmz:202.x.x.2 dns ACCEPT tcp+udp wan dmz:202.x.x.2 dns which mean my primary AND secondary DNS records can be on one machine :-) cheating I know (some bodies gonna give me the lecture about DNS records being on different subnets :-( ) have a read thru the docs at http://www.shorewall.net
  15. paul

    MNF, web hosting

    for http forwarding I did ACCEPT wan dmz:10.0.0.2 http and it worked fine. if you want to have public IP addresses in your DMZ its quite easy. put an entry in the proxyarp table, then change all your DNAT rules to ACCEPT rules. warning however, you may have to wait some time (in my case 2 days) for the ISP's arp table to update
  16. install a local imap server then use fetchmail daemon to get your mail from the ISP and store it in your local imap server
  17. remove the new drivers first cd /path/to/new_driver_src/ as root make uninstall should remove them then reinstall the 3.123 drivers
  18. The firewall by default has icmp_request turned off on all devices. Which means you won't be able to ping the firewall from anywhere a couple of points you should note if the network addresses are on the same subnet the firewall won't work example: eth0 192.168.1.1 eth1 192.168.1.2 <-- won't work !!!!! also MNF is NOT IE friendly (it just doesn't work with that stoopid browser) try accessing the firewall with mozilla (or pheonix) https://192.168.1.1:8443/ if you have a look at your routing tables on the firewall, you will see why it won't work when the devices are on the same subnet. also I had to generate new ssl keys as root on the firewall: /usr/lib/ssl/mod_ssl/gen( something like genratekey.sh) then cp server.key and server.crt to /etc/http/conf/ssl/ (overwrite existing keys) then /etc/init.d/http-naat restart then you should all be good! p.s. the shameless plug on NZLUG worked :-)
  19. get mozilla or pheonix or k-meleon for windows ....
  20. its feature of MNF not a bug :P
  21. paul

    SNF Issues

    perhaps you should try the new MandrakeMNF ... and when you're done, tick the box that say "start caching name server" you can get it here ftp://ftp.proxad.net/pub/Distributions_Li...ty-MNF.i586.iso
  22. this from deno and yes there is an ISO image !!! 8)
  23. don't turn it off !!!! instead put an internal DNS server in your network that resolves www.domain.com to 192.168.1.x (or whatever) Much safer ... and easier to get running
  24. look ... I'm a little green alien type thing !!!! :P
×
×
  • Create New...