We currently have a machine running Server 2003 that we're using as a domain controller, among other things. We have VMWare running on top of that, with four virtual machines, two instances of Mikrotik RouterOS, a Smoothwall and one of Debian. The machine has three NICs, one connected to our internal lan, one connected to the internet, and one connected to our wireless network, VMWare is handling the internal networking between the lot, but I won't go into too much detail about that. Basically, Smoothwall just acts as a basic firewall and transparent http proxy, one of the Mikrotik vms is purely a separate Radius server for the other Mikrotik, which acts as a gateway for our wireless clients. Our wireless clients are authenticated by MAC address, and if someone hooked onto our wireless network that isn't a client of ours they're greeted with a page that allows them to browse several websites for free, and sign up for x amount of time through Paypal. Our internal network is on 192.168.0, wireless network 192.168.2 and our internet connection is 192.168.1. Over the weekend, we wanted to rebuild our server with 2008, and update Smoothwall and some other things, I had stumbled across Endian before and wanted to give it a go. So we setup Endian on a temporary box (P4 2.6Ghz, 512ram, 40gb hard drive) with three interfaces, Red, Blue and Green. After some initial troubles with our internet connection (We had our Linksys AM300 ADSL router setup in half bridge mode, it gives out an IP address of 192.168.10.2 with a 30 second lease until it gets an internet connection, where it actually passes on the IP address that is given to it by the ISP, Endian did not like this at all) we enabled DHCP on the Blue and Green interface, and everything 'Just Worked' for our own internal network, and our clients - Which was awesome. Then I started thinking that with some other configuration maybe we could do away with three virtual machines (mikrotikx2 and smoothwall) and replace entirely with Endian, so I got tinkering... 1) ntop. Ntop doesn't seem to be logging any traffic from the blue interface at all, only from the green, is this an ntop configuration issue? Or something with Endian? Is it a simple thing to fix? Can we easily get monthly traffic reports? 2) Outgoing Firewall rules. Are there default disallow all rules, or do I have to create these? I've got two rules at the moment, Green > Red, allow all, and then I've got a list of the MAC addresses of the clients that are on our wireless that I want to allow, the thing is if I hook onto the wireless and remove my MAC address from that list, I can still access anything HTTP. Is this because I have the proxy server enabled? 3) Is it possible to redirect people to another page on the blue interface if their MAC address ISN'T on the list? Also, how difficult would it be to script something to add a MAC address to that list without having to use the interface. I'm basically asking how are the firewall rules stored; Database? Plain Text? 4) How well does Endian run virtualized? I've read reports of issues on VMWare Server, what about XenSource? Thanks for any input, will be looking forward to it! :)
-James ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone _______________________________________________ Efw-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/efw-user
