# Establishing My Home Network

I presently have 5 PCs in the house, 3 running WinXP and also 2 running Ubuntu. They are set up similar to this:

    ISP ----- Modem ---- Switch ---- Ubuntu1 -- B&W Printer
|      |--WinXP1
|      |--WinXP2
Wireless  |--Colour Printer
|
|---------Ubuntu2
|---------WinXP3 (laptop)


The Ubuntu1 equipment is set up as a PDC making use of Samba and also runs fetchmail, procmail, dovecot to get my email and also permit me to access the email using imap so I can read the email on any kind of COMPUTER. I would certainly such as to set up the network similar to this:

    ISP ----- Modem ---- Ubuntu1 ---- Switch ------WinXP1
|            |      |--WinXP2
B&W Printer   Wireless  |--Colour Printer
|
|---------Ubuntu2
|---------WinXP3 (laptop)


My inquiries are:

1. Just how to set up Ubuntu1 to work as a firewall program.
2. Just how to set up Ubuntu1 to give a consistant customer verification throughout the network, presently Samba gives strolling accounts for the XP equipments yet the Ubuntu2 equipment has it's very own customer checklists. I would certainly such as to have a solitary verification for both XP equipments and also linux equipments to make sure that users included in the web server checklist will certainly circulate to all PCs (i.e. new users can browse through making use of any kind of COMPUTER without changing any one of the customer PCs).
3. Just how to set up a linux customer (Ubuntu2 over) to accessibility documents on the web server (Ubuntu1), several of which remain in customer details folders, properly sharing/ residence/ customer per customer (read and also write accessibility) and also things like/ home/media/photos with read accessibility for every person and also minimal write accessibility.
4. Just how to set up the XP equipments (if it is various from a the Samba method).
5. Just how to set up e-mail filtering system. I would certainly such as to have a whitelist/blacklist system for inbound emails for several of the e-mail accounts (mostly, my children' accounts) with filteringed system emails being taken into quaranteen till a sysadmin either includes the sender to a blacklist or whitelist.

OK, that's a great deal of things. In the meantime, I do not desire config documents*, instead, what solutions/ applications to make use of and also just how they connect. As an example, LDAP can be made use of for verification yet what else would certainly serve to make the management of the LDAP less complicated. As soon as I have a basic suggestion for the total arrangement, I can ask various other inquiries concerning the specifics.

Skizz

• I have actually checked out for details, yet the majority of solutions are generally in the kind of abstract config documents and also checklists of plans to install.
0
2019-05-07 09:06:20
Source Share

I would certainly make use of pfSense as my router/firewall. I would certainly additionally connect the cordless things via a different network adapter, to make sure that you can have extra control over the network.

                .---------------------.  .---------------.
|       pfSense       |  |    Switch     |
|---------------------|  |---------------|  .-------------.
.-------.   | .------.  .-----.   |  | Ubuntu Server--->| B&W Printer |
| Modem |<----| Wan  |  | Lan |----->| WinXP-1       |  '-------------'
'-------'   | '------'  '-----'   |  | WinXP-2       |
|       |                     |  | Color Printer |
v       | .------------.      |  '---------------'
.-----.    | | Opt1       |      |
| ISP |    | | (Wireless) |      |  .------------------.
'-----'    | '------------'      |  |    Wirelessly    |
'--------|------------'  |    connected     |
|               |    Computers     |
'-------------->|------------------|
| Ubuntu-2         |
| WinXP-3 (laptop) |
'------------------'


This means you can conveniently regulate which computer systems can connect to the cordless Network, without needing to stress as much concerning the wired link. pfSense has a superb, very easy to make use of, internet - based user interface, simply consider the screen shots.

(I made the layout with Asciio)

0
2019-05-17 22:03:17
Source

I'm simply mosting likely to address factors 2 and also 3, as I do not have anything valuable to claim on the various other factors.

< ol start = "2" >
• How to set up Ubuntu1 to give a consistant customer verification throughout the network, presently Samba gives strolling accounts for the XP equipments yet the Ubuntu2 equipment has it's very own customer checklists. I would certainly such as to have a solitary verification for both XP equipments and also linux equipments to make sure that customers included in the web server checklist will certainly circulate to all PCs (i.e. new customers can browse through making use of any kind of COMPUTER without changing any one of the customer PCs).
• I have no experience with this, yet PAM is really adaptable and also can be made use of to confirm the customers on your linux equipments to all sort of systems. So, you can as an example usage LDAP to store your customer accounts know Ubuntu1, and also have the pam arrangement on Ubuntu2 connect to that LDAP to confirm customers.

< ol start = "3" >
• How to set up a linux customer (Ubuntu2 over) to accessibility files on the web server (Ubuntu1), several of which remain in customer details folders, properly sharing/ residence/ customer per customer (read and also write accessibility) and also things like/ home/media/photos with read accessibility for every person and also minimal write accessibility.
• If you see to it the customer ids on both equipments suit (as an example by utilizing the solitary indicator - on making use of LDAP), after that the easiers is to make use of NFS. After mounting the nfs plans (do not neglect the "portmap" plan), enter "male exports" at a linux motivate to get going.

0
2019-05-12 02:18:06
Source
• How to set up Ubuntu1 to work as a firewall program.

You desire IPTables. I make use of shorewall to make it a lot easier.

• Just how to set up Ubuntu1 to give a consistant customer verification throughout the network, presently Samba gives strolling accounts for the XP equipments yet the Ubuntu2 equipment has it's very own customer checklists. I would certainly such as to have a solitary verification for both XP equipments and also linux equipments to make sure that customers included in the web server checklist will certainly circulate to all PCs (i.e. new customers can browse through making use of any kind of COMPUTER without changing any one of the customer PCs ).

You intend to have linux control windows logins? I assume the only manner in which can function is with some LDAP propogating to a directory site web server ... yet I'm negative. Not exactly sure below.

• Just how to set up a linux customer (Ubuntu2 over ) to accessibility documents on the web server (Ubuntu1 ), several of which remain in customer details folders, properly sharing/ residence/ customer per customer (read and also write accessibility ) and also things like/ home/media/photos with read accessibility for every person and also minimal write accessibility.

Samba. This shares residence directory sites :

[homes]
browseable = no
valid users = %S
writable = yes


And also you can set up.bashrc to auto-mount a homedirectory upon login. There could be a far better means yet this obtains you midway there.

• Just how to set up the XP equipments (if it is various from a the Samba method ).

Configure them to do what?

• Just how to set up e-mail filtering system. I would certainly such as to have a whitelist/blacklist system for inbound emails for several of the e-mail accounts (mostly, my children' accounts ) with filteringed system emails being taken into quaranteen till a sysadmin either includes the sender to a blacklist or whitelist.

I have no suggestion on this set.

0
2019-05-07 18:29:47
Source

Unless you intend to have the ability to accessibility components of your network from the outdoors, I would certainly transform points a little (and also also after that ). I assume that you are making use of Ubuntu1 as a workstation, and also not simply a print web server. Increasing up the duties of a computer system (specifically on something that is intended to be safe and secure like a firewall ) contrasts the standard, and also opens you up for even more troubles and also strike factors.

I would certainly place in a different linux box (possibly reduced end suffices, due to the fact that it does not have much to do ) to work as a the firewall - running something like IPCop.

ISP ----- Modem ---- IPCop ---- Switch ---- Ubuntu1 -- B&W Printer
|      |--WinXP1
|      |--WinXP2
Wireless  |--Colour Printer
|
|---------Ubuntu2
|---------WinXP3 (laptop)

0
2019-05-07 17:51:44
Source