[KLUG Members] RE: Long live DL! It's not just your father's firewall anymore!

[Bob Kanaley]

Bruce,

Although I have a Postfix server humming away that I could migrate over to
Devil, I don't have a working Squid box.

I took a stab at setting up a Squid proxy back around the time Goose gave a
presentation on Squid. The only box I had to work with had RedHat 7.0
hardened with the Bastille Linux scripts because it had once been in a DMZ.
Try as I might, Squid kept squawking about file permission errors that kept
it from starting. Rich and I went over file locations and perms with a fine
tooth comb and couldn't find anything wrong. So, I had to drop the project.
Hence my interest in trying Squid from a Devil boot.

While I am trying to get the Squid proxy working with Devil, I will see how
far I can get on trying to replicate the OpenBSD anti-spam gateway setup. If
I get stuck, I will post my problem. If you get the configs migrated to
Devil before I get done then I will switch to your recipe. Either way, I
will do a write up and submit it to Linux Gazette.

Bob

Robert V. Kanaley
Manager Information Systems
Agdia, Inc.
rvk@agdia.com
http://www.agdia.com


-----Original Message-----

The same is basically true with squid.  All I did was to copy over my
squid.conf file from my Redhat box.  I had to make a couple tweaks, like
changing the directory/location where the cache is stored, and a couple
minor parameters that changed syntax (DL is running a newer version of
squid than my Redhat box was).

Squid on my DL server runs fine now.  The only reason I haven't put it
into production is because I have some time to spare, and I'm playing
around with some new features that I don't use on the Redhat box.

It will be a greater learning curve for me when I attempt running a mail
server on DL, since I've never used Postfix and most of other mail
addons included with DL.  But for someone who already runs Postfix, it
should be as easy as copying over config files, with minor tweaks.

> When you get Devil working with Squid I would love to hear what you had to
> do to get it working. I really need to implement a proxy on the firewall
for
> my cable connection to be shared. Right now only two of us are using it by
> setting it as a default gateway.

If you had a running squid box, you could do like I did and copy the
config to DL.  Otherwise, DL comes with the standard squid.conf file,
which is heavily commented.  Just go through the file and modify values
to fit your needs.

Adding a hard drive to DL is already well documented:
  http://www.devil-linux.org/newdoc/ch01s04.html

> I suspect you could read the published OpenBSD anti-spam anti-virus recipe
I
> was attempting to follow and adjust it for Devil Linux in no time
> http://lawmonkey.org/anti-spam.html. If you are interested and have the
time
> to do it, I would be glad to be your guinea pig to implement it with Devil
> Linux. I could then submit the results to someplace like Linux Gazette to
> promote Devil Linux.

Sure, that would be great.  I don't have much free time between now and
the end of this month, with DL 1.0 being released on Halloween.  But if
you want to attempt it now, I'd be glad to answer the simple questions
to keep you going.

--------------------------------------------
Bruce Smith                bruce@armintl.com
System Administrator / Network Administrator
Armstrong International, Inc.
Three Rivers, Michigan  49093  USA
http://www.armstrong-intl.com/
--------------------------------------------