[KLUG Members] RE: Long live DL! It's not just your father's firewall anymore!

[Bruce Smith]

> I think the Devil made you say that!

Yeah, the devil made me do it ...   :-)

> The main reason I was trying to do the OpenBSD anti-spam gateway thing was
> because it was straight cookbook to implement. It just left out a couple of
> ingredients that my palette requires (MC and screen). Being the paranoid
> that I am, before I will deviate from a recipe, I have to read reams of man
> pages to be sure I am not screwing something up.
> 
> Actually I burned a Devil CD and have booted from it once or twice. Since I
> don't have a cookbook recipe to follow, I haven't had time to learn the
> configuration changes I need to make to implement all those wonderful
> features you have listed for the Devil, but I think I know someone one the
> list who could help if I get stuck :)

It's usually pretty easy if you're converting from a different Linux
server.  The services on DL are most setup to just run (many in a chroot
jail).  All you have to do is configure the service.

For example with I replaced my Redhat named/bind servers with DL, I
simply copied over the zone files, and the named.conf file from my
Redhat box, and told DL to start BIND upon boot.

The same is basically true with squid.  All I did was to copy over my
squid.conf file from my Redhat box.  I had to make a couple tweaks, like
changing the directory/location where the cache is stored, and a couple
minor parameters that changed syntax (DL is running a newer version of
squid than my Redhat box was).  

Squid on my DL server runs fine now.  The only reason I haven't put it
into production is because I have some time to spare, and I'm playing
around with some new features that I don't use on the Redhat box.

It will be a greater learning curve for me when I attempt running a mail
server on DL, since I've never used Postfix and most of other mail
addons included with DL.  But for someone who already runs Postfix, it
should be as easy as copying over config files, with minor tweaks.

> When you get Devil working with Squid I would love to hear what you had to
> do to get it working. I really need to implement a proxy on the firewall for
> my cable connection to be shared. Right now only two of us are using it by
> setting it as a default gateway.

If you had a running squid box, you could do like I did and copy the
config to DL.  Otherwise, DL comes with the standard squid.conf file,
which is heavily commented.  Just go through the file and modify values
to fit your needs.

Adding a hard drive to DL is already well documented:
  http://www.devil-linux.org/newdoc/ch01s04.html

> I suspect you could read the published OpenBSD anti-spam anti-virus recipe I
> was attempting to follow and adjust it for Devil Linux in no time
> http://lawmonkey.org/anti-spam.html. If you are interested and have the time
> to do it, I would be glad to be your guinea pig to implement it with Devil
> Linux. I could then submit the results to someplace like Linux Gazette to
> promote Devil Linux.

Sure, that would be great.  I don't have much free time between now and
the end of this month, with DL 1.0 being released on Halloween.  But if
you want to attempt it now, I'd be glad to answer the simple questions
to keep you going.

--------------------------------------------
Bruce Smith                bruce@armintl.com
System Administrator / Network Administrator
Armstrong International, Inc.
Three Rivers, Michigan  49093  USA
http://www.armstrong-intl.com/
--------------------------------------------