First Linux Box

[Carp1812]

Hi all. I've recently acquired an old machine and want to set up my first Linux box. I want to set the box up as a proxy for my network. The basic point will be to filter internet content. I have a reasonably small network (<20 machines) on an Active Directory domain sharing a DSL account. The machine I want to use is a P 266 with 96 MB RAM, 2 GB hdd, onboard NIC, plenty of extra NICs laying around to add a second. What would you recommend for my situation? I know very little about Linux, but am very willing (and excited) to learn. Thanks in advance.

 

[cleverhandle]

Squid and Dan's Guardian is the usual Open Source combo for content filtering. I'm not sure how well the machine will hold up hardware-wise, though. Simple proxying, firewalling, and/or NAT'ing is very easy. But actually scanning content and using decent heuristics is not.

 

[Venner]

I know a guy who can set the whole thing up for you.

Ruhlen Leet Computer Services

He'll make you a great deal!

 

[Relayer]

maybe try clarkconnect

 

[Carp1812]

Originally posted by: cleverhandle
Squid and Dan's Guardian is the usual Open Source combo for content filtering. I'm not sure how well the machine will hold up hardware-wise, though. Simple proxying, firewalling, and/or NAT'ing is very easy. But actually scanning content and using decent heuristics is not.

I've heard Squid and DG is the way to go from several people. What distribution should I be installing it on though - Mandrake, Redhat, others? Would adding more RAM help me hardware-wise? That's about the only upgrade I can add at this point. Thanks for the help so far.

 

[cleverhandle]

Originally posted by: Carp1812
I've heard Squid and DG is the way to go from several people.

It really is very good. It was some time ago that I did a hands-on comparison - maybe 2 years - but back then DG was simply better and more accurate than any competitor, free or commercial. The only thing it still appears to lack is some kind of ACL support.

What distribution should I be installing it on though - Mandrake, Redhat, others?

Ultimately, it makes no difference - every piece of software runs on every distro if you know what you're doing. I don't see Mandrake as a server distro, though. Slackware or Debian would be my choices. Or a BSD.

Would adding more RAM help me hardware-wise? That's about the only upgrade I can add at this point.

That would be the most important part. I would set it up "as is" first - you might be OK, especially if you don't have much traffic. Just be prepared if testing shows that the proxy is getting hammered. Back when I looking at this stuff, some genius had set up a Celeron box of about the same vintage as yours as the filter for the high school I work at. We were just starting to get machines online, and once we hit around 50, the filtering box basically melted down and brought the whole building to a standstill.

 

[groovin]

my experience was with squid and squidGuard as the content filter. They worked very well. I ran them on an older computer, it was a PII class machine with 256MB RAM. I had 100+ users on it and it never had any problems. you might want to beef up the RAM on it, maybe give it some more HD space (newer HD is better anyways). I've run this set up off Red Hat Linux and FreeBSD 4.x. FreeBSD ran it better.<DISCLAIMER> this is only in my setup, im sure there are other guys who've gotten linux to run squid better than freebsd... real world results will always vary!! thats what tests and trials are for</DISCLAIMER>. i had cron jobs regulary update the ports/source tree. i would say the network usage was pretty moderate.. .low at times, high at others. squid in general is a good performer.

 

[Carp1812]

Thanks all for the suggestions. I think I'm gonna try to get it up and running this weekend with the hardware I have. If it really bogs down, I'll try adding more RAM. I'm hoping it won't be an issue though. My network has less than 20 client machines and will likely stay this size for quite a while. Thanks again.

 

[exx1976]

I prefer openbsd.. VERY stable, and very easy to set up.. Also, build Ethereal from the ports collection (You'll need to install X), and then run it on your external interface.. You get to see LOTS of fun stuff!