Printable View
Hi,
We are looking at setting up a server (nix) that will act as a proxy/filtering/firewall for a separate PDA network.
It's been a while since I've grabbed any linux distros (last one was redhat7!) and I'm out of touch of which would be the best to go for.
I'm not a beginner in linux but I'm in no way advanced either.
Am I best off going for Ubuntu or are there any other distros that I should look at that would handle Dans Guardian/Squid etc better?
Thanks in advance
Mike
We have a Linux based proxy/filter here. It's running Ubuntu 6.06 LTS, Squid and Dansguardian.
Some of us are using Ubuntu Server. They have a long-term support (LTS) version, currently 6.06, but another LTS is due in April this year (8.04).
I'd take a serious look at Ubuntu, if you want to stay with redhat the free version of their server is called Cent OS avaliable here: http://www.centos.org/
The desktop offering from redhat is Fedora avaliable here: http://fedoraproject.org/
i was just looking at the guides for ubuntu and squidguard.
should i go for the LTS or just the regular version? also am i ok going for the server version?
LTS is a better bet for servers, unless you have some reason for not using it. The server edition will not install too much cruft, which is what you want. As extra applications and services will waste resources and distract the machine from doing it's real job.Quote:
Originally Posted by MK-2
Quote:
Originally Posted by dhicks
however leaving compile tools on your servers is a bad idea and could even be considered a security risk. If possible your better off compiling on another machine and maintaining an internal repo with all your custom compiled software debs on.Code:apt-get install build-essential
Pretty much ditto for us (we're using 6.10 I think, and SquidGuard also). I set up Squid as a transparent proxy, which is a tad fiddly as (as far as I could figure out) to do that you had to compile Squid with appropriate switches yourself. This is a bit more fiddly with Ubuntu than with some other distributions as Ubuntu doesn't have the full set of compilers/runtime libraries/etc installed by default. They're easy enough to figure out (try and compile Squid, spot X-is-missing error message, figure out what package to apt-get install, repeat), but if you want to use Squid as a transparent proxy then maybe something like CentOS might be more appropriate.Quote:
Originally Posted by Geoff
--
David Hicks
Ok perhaps the question should be more what should i go for.
Just want the PDAs to be able to get online but be filtered, and also be able to block certain ports (msn namely).
I'm assuming squid would need to be transparent for DG to run?
Just want to do my homework before attempting it all
If you run squid transparently then there's no need to alter settings on the client devices to force them through squid. Dansguardian is unaffected by squid being transparent or not.
If you want to block ports you need to look at firewalling too. Ubuntu can do this out of the box, but I suggest you look at Shorewall to make the configuration easier.
Cheers Geoff.
By settings on client devices I assume you mean setting a proxy server to use in IE?
If possible I want as little setup on the PDAs as possible as they will be going to students so dont want things they can arse about with.
So Ubuntu server LTS, DG, Squid as transparent and then some form of firewall (which I had accounted for but was going to leave that until later....will look at shorewall though)
I'll have a look on Ubuntu forums and wikis for a guide on making squid transparent.
Cheers guys
Just as a sidenote, been told to put all this on hold because in 2 weeks we find out who our BSF contract is with and then the school can contact them for advice on whether to go ahead with this.
Oh well..........was a nice idea!
Please let us know what they 'recommend', I like a good laugh occasionally. :)
I'm going to go with a guess of Windows 2003, a top spec server with 5 HDDs, 8GB ram and at least two tape drives.
oh and minimum of OC45 or T3 line to connect via.....
:D
lmao Get good advice then? heh