[buug] Convert Linux Gateway to OpenBSD

f.johan.beisser jan at caustic.org
Thu Oct 24 11:21:41 PDT 2002 

On Thu, 24 Oct 2002, Charles Howse wrote:

> I have a rather interesting task ahead...I currently have a small
> network here at home that I will describe shortly, and I would like
> to convert the gateway machine from Red Hat 7.3 to OpenBSD.

start here:

http://www.openbsd.org/faq/faq9.html

> Are you available for discussion and to otherwise help?

as much as ever, i guess.

> We have a Cable Modem CAT5'd to the gateway machine which runs Red
> Hat 7.3 and has 2 nics.
> The 1st nic connects to the Cable Modem, and gets a dynamic IP
> address from the ISP's dhcp server.

is the "dynamic address" just over DHCP? or is there PPPoE or something
else between them?

either is supported in OpenBSD.

> One VERY important service that I MUST have on the new gateway is
> DNS2Go.

never heard of it. but, google has.

they have a perl version, which should work in OpenBSD with no real
effort. their perl version requires perl 5.6, OpenBSD will be releasing
version 3.2 of the OS soon. it has perl 5.6.1. i don't remember the
version of perl in 3.1, off hand. i tend to use snapshots.

> Complete list of services that the new machine must provide:
> Http

it does web serving?

> Mail

it does SMTP? why not use your ISPs mail gateways?

> Stateful firewall w/nat

easy.

> Intrusion detection software (really need some input here...)

get a beafier machine. IDSs tend to use quite a bit of CPU time while
doing packet analisys. if you're wanting a firewall, it's already doing to
much.

> Automated retrieval and installation of security-related patches.

this is almost always a bad idea. well, automated installation is.

you can use wget to grab the latest patches, and probably script the
patching in to your local source tree.. but, this is a firewall right? why
would it have a compiler?

> Must print properly to the shared printer on the XP box.
> Unsuccessful so far...Print services for Unix is enabled.

samba. i'd suggest not printing from your firewall. no real reason to.

> #Lpc status all -> ..."waiting for Moe to come up."
> No gui needed, don't have the resources.  Curley is a P200 w/ 64MB
> ram, 8GB & 5GB HDD.

why bother with a GUI at all? useless except on workstations. servers
don't need them. by default, OpenBSD doesn't even start a GUI. you have to
A) install XWindows, and B) set it up to use it.

> I see that Midnight Commander is listed as broken in the ports/misc
> tree, I really need a Norton Commander clone.

why?

> Demos Commander is unacceptable, it needs terminal to be vct25 or
> something like that and doesn't work then.  Ytree takes forever to
> calculate the size of files in a big directory, and I just don't like it
> very much.  Any suggestions?

ls, df, du.

the command line is more powerful than any file manager.

-------/ f. johan beisser /--------------------------------------+
  http://caustic.org/~jan                      jan at caustic.org
	"Champagne for my real friends, real pain for
	  my sham friends." -- Tom Waits

More information about the buug mailing list