I currently have five PCs at home, three running WinXP and two running Ubuntu. They are set up like this:
ISP ----- Modem ---- Switch ---- Ubuntu1 -- B&W Printer
| |--WinXP1
| |--WinXP2
Wireless |--Colour Printer
|
|---------Ubuntu2
|---------WinXP3 (laptop)
The Ubuntu1 machine is set up as a PDC using Samba and runs fetchmail, procmail, dovecot to get my e-mail and allow me to access the e-mail via imap so I can read the e-mail on any PC. I'd like to set up the network like this:
ISP ----- Modem ---- Ubuntu1 ---- Switch ------WinXP1
| | |--WinXP2
B&W Printer Wireless |--Colour Printer
|
|---------Ubuntu2
|---------WinXP3 (laptop)
My questions are:
- How to configure Ubuntu1 to act as a firewall.
- How to configure Ubuntu1 to provide a consistant user authentication across the network, at the moment Samba provides roaming profiles for the XP machines but the Ubuntu2 machine has it's own user lists. I'd like to have a single authentication for both XP machines and linux machines so that users added to the server list will propagate to all PCs (i.e. new users can log on using any PC without modifying any of the client PCs).
- How to configure a linux client (Ubuntu2 above) to access files on the server (Ubuntu1), some of which are in user specific folders, effectively sharing /home/{user} per user (read and write access) and stuff like /home/media/photos with read access for everyone and limited write access.
- How to configure the XP machines (if it is different from a the Samba method).
- How to set up e-mail filtering. I'd like to have a whitelist/blacklist system for incoming e-mails for some of the e-mail accounts (mainly, my kids' accounts) with filtered e-mails being put into quaranteen until a sysadmin either adds the sender to a blacklist or whitelist.
OK, that's a lot of stuff. For now, I don't want config files*, rather, what services / applications to use and how they interact. For example, LDAP could be used for authentication but what else would be useful to make the administration of the LDAP easier. Once I have a general idea for the overall configuration, I can ask other questions about the specifics.
Skizz
- I have looked around for information, but most answers are usually in the form of abstract config files and lists of packages to install.
Best Answer
I would use pfSense as my router/firewall. I would also connect the wireless stuff through a separate network adapter, so that you can have more control over the network.
.---------------------. .---------------. | pfSense | | Switch | |---------------------| |---------------| .-------------. .-------. | .------. .-----. | | Ubuntu Server--->| B&W Printer | | Modem |<----| Wan | | Lan |----->| WinXP-1 | '-------------' '-------' | '------' '-----' | | WinXP-2 | | | | | Color Printer | v | .------------. | '---------------' .-----. | | Opt1 | | | ISP | | | (Wireless) | | .------------------. '-----' | '------------' | | Wirelessly | '--------|------------' | connected | | | Computers | '-------------->|------------------| | Ubuntu-2 | | WinXP-3 (laptop) | '------------------'This way you can easily control which computers can connect to the wireless Network, without having to worry as much about the wired connection. pfSense has an excellent, easy to use, web-based interface, just look at the screen shots.
(I made the diagram with Asciio)