Bits & Pieces for Linux firewall?

w1z4rd said:
Does smoothwall have a mil mod? Without limitations?
Click to expand...

Can you clarify on what the mod must do?


As for ClarkConnect and DynDNS - CC have its own built-in dyndns service - and it works only via clarkconnect's site - and to activate it, you'll have to register your CC box.

Gay.

I prefer dyndns.org or any other service rather.


EDIT - just seen that it must be mail mod ... it only have an email filter, and not an email mod.
 
The_Librarian said:
Can you clarify on what the mod must do?


As for ClarkConnect and DynDNS - CC have its own built-in dyndns service - and it works only via clarkconnect's site - and to activate it, you'll have to register your CC box.

Gay.

I prefer dyndns.org or any other service rather.


EDIT - just seen that it must be mail mod ... it only have an email filter, and not an email mod.
Click to expand...

As below it only works if you already have a mail server behind Smoothwall:

1. What this mod provides

A Mail Filter add-on that currently only supports the SMTP protocol (but will be enhanced in the future).
This mod will intercept any incoming email messages and scan them for both Spam and Viruses.
It is based on the Dspam anti-spam implimentation

Please Note: this mod will only work if you have a mail server running that is behind smoothwall (either on the Green/Orange/Blue/Purple Network(s)).
Click to expand...
 
AirWolf said:
Sorted:)

1. Changed time in bios instead of Smoothwall browser interface.
2. Seemed to be a problem with URLfilter being "locked" up. Might have been a conflict between URLfilter and DansGuardian. DansGuardian stopped working, and problem solved.
Click to expand...

Glad to hear you've sorted :cool:
 
I need a clarkconnect box (with its sexy admin interface) without the 10 user limitation.

Basically a gateway/mail server. The reason I am trying to setup clarkconnect boxem and eboxem is to meet the customers needs.

I wont be around here forever, and the systems I need to provide need to be able to be managed by anyone with network experience, and not just linux network experience.
 
AirWolf said:
Two problems that have come up on Smoothwall:
1. The goes back two hours every time I reboot it. (solved)
2. The webproxy list doesn't show the ip of the machine accessing a particular site, but just the green ip of the Smoothwall itself.
Click to expand...

It is a limitation - you can view the full history in the Dansguardian logs.

I have played around with Dansguardian on Smoothwall v2.x - and its reporting function is very comprehensive. You can get a report on all denied sites (pr0n and the such) or all allowed sites, filter by IP and so on.

Dansguardian works very well filtering out pr0n content :D and pr0n addicts hate it :D
 
w1z4rd said:
I need a clarkconnect box (with its sexy admin interface) without the 10 user limitation.

Basically a gateway/mail server. The reason I am trying to setup clarkconnect boxem and eboxem is to meet the customers needs.

I wont be around here forever, and the systems I need to provide need to be able to be managed by anyone with network experience, and not just linux network experience.
Click to expand...

Wont SME Server perform the task just as well? There's no user limitation on it.
 
The_Librarian said:
It is a limitation - you can view the full history in the Dansguardian logs.

I have played around with Dansguardian on Smoothwall v2.x - and its reporting function is very comprehensive. You can get a report on all denied sites (pr0n and the such) or all allowed sites, filter by IP and so on.

Dansguardian works very well filtering out pr0n content :D and pr0n addicts hate it :D
Click to expand...

What I am doing now is getting Dansguardian.. or more specifically squid.. to communicate with a Windows domain controller. This way, when users want to use the Internet, it prompts them for their Windows Domain username and passwords, so I can get per user usage.

A little like using Clarks ldap.

ps.. Im sure everyone here has done this.. but I called my box.. superman.clarkconnect.tld :P
 
wiz - with the advanced web proxy with smoothwall you can also authenticate to a windows domain controller and control user access that way.
 
The_Librarian said:
wiz - with the advanced web proxy with smoothwall you can also authenticate to a windows domain controller and control user access that way.
Click to expand...

I've seen the option, but haven't tried it. How does it work exactly if the pcs boot into XP without requiring a password?

The_Librarian said:
It is a limitation - you can view the full history in the Dansguardian logs.

I have played around with Dansguardian on Smoothwall v2.x - and its reporting function is very comprehensive. You can get a report on all denied sites (pr0n and the such) or all allowed sites, filter by IP and so on.

Dansguardian works very well filtering out pr0n content :D and pr0n addicts hate it :D
Click to expand...

I don't see a section for Dansguardian under logs?:confused:
 
Last edited:
AirWolf said:
I've seen the option, but haven't tried it. How does it work exactly if the pcs boot into XP without requiring a password?
Click to expand...

You can choose between the following authentication methods :

1. None - free for all access

2. Local - Smoothwall will control user access

3. identd - logging only (but requires an identd service or daemon on the client)

4. ldap - works with the following ldap servers : Windows2k, 2k3, 2k8 Server with Active Directory, Novell eDirectory (Netware 5.x and 6), and OpenLDAP (versions 2 and 3).

5. Windows authentication - authenticates against a windows2k, 2k3 and 2k8 server with or without active directory. Can also use a Samba 2.x or 3.x server which's running as Domain Controller).

NOTE - workgroup based authenticaton may probably work, but is neither recommended nor supported.

6. RADIUS authentication - Users will have to authenticate when accessing web sites - and the credentials are verified against an external RADIUS server.

More documentation can be found here.

AirWolf said:
I don't see a section for Dansguardian under logs?:confused:
Click to expand...

It should be under the filtering tab. I have posted a query regarding this.

regards

Libs
 
I don't want to throw a spanner in your smoothwall setup, but you may want to look at FireStarter

Easy setup on Ubuntu.
 
Last edited:
The_Librarian said:
You can choose between the following authentication methods :

1. None - free for all access

2. Local - Smoothwall will control user access

3. identd - logging only (but requires an identd service or daemon on the client)

4. ldap - works with the following ldap servers : Windows2k, 2k3, 2k8 Server with Active Directory, Novell eDirectory (Netware 5.x and 6), and OpenLDAP (versions 2 and 3).

5. Windows authentication - authenticates against a windows2k, 2k3 and 2k8 server with or without active directory. Can also use a Samba 2.x or 3.x server which's running as Domain Controller).

NOTE - workgroup based authenticaton may probably work, but is neither recommended nor supported.

6. RADIUS authentication - Users will have to authenticate when accessing web sites - and the credentials are verified against an external RADIUS server.

More documentation can be found here.



It should be under the filtering tab. I have posted a query regarding this.

regards

Libs
Click to expand...

I'm trying out local access and I don't get any authentication window to enter access details:confused:. It does block the page with a Smoothwall one.
 
Last edited:
KobusDJ said:
I don't want to throw a spanner in your smoothwall setup, but you may want to look at FireStarter

Easy setup on Ubuntu.
Click to expand...

Will also have a look at that one.

I prefer that the users pick a distribution they're familiar with, one that works for them, not where the user have to work for it to work.

Best that way - to have something you know and is familiar with, and know how to use, rather than something unfamiliar and you've got a security hole without knowing it.
 
The_Librarian said:
Have you read the FAQ?
Click to expand...

I'm sorted :). I was using the wrong port for the proxy. 80 is the default; Smoothwall's is 800:o.

I've set IE to remember the log-in details on the bosses' pcs and a few other key employees. On other pcs with mulitple users I've instructed them not to save the passwords in. Hopefully the bosses won't be too irritated with the new setup:D.

I copied the urls for Windows update from the admin guide not to be proxied. The others I've added are for the updates for AVs. Anything else I should add?

Yahoo messenger seems unable to log-in even with the correct proxy settings entered?:confused:
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X