Zentyal - Ultimate Gateay/Fireall solution for beginners.

So I was up to my throat in trying to get a regular Debian distro to act as a firwall/gateway/dchp provider/network sniffer etc. I pretty much gave up after I could not get dnsmasq working properly.

So I researched a bit and came up with the Zentyal distro. I am currently running it on a single core Pentium 4 with a low grade mobo, and it does just fine. Load times are around 0.20.

The ease of use and intuitive user interface will have you set up in no time. Here's the LINK to their website. The paid version includes cloud services et.al but the standalone server is FREE.

Installing Zentyal 2.2.7

An old single core P4 machine with 2GB RAM

Not much in here, CD-ROM, IDE harddisk to boot from

Also installed 2x80 SATA disks in RAID0,
just to have some space for downloads.

The free version includes (among others)
No hassle network configuration
IDS
DHCP
NAT
Web Proxy Cache
Misc. Monitors.
GUI (XCFE i think)
Comes with Firefox to administer the firewall. It's implemented with jquery and scriptacolous. Nice work.
It's built on Ubuntu 10.04 LTS and comes with an LXDE interface. You can install Synaptic and install some apps, but do not expect the full Ubuntu Experience.

However, there is a way to install Zentyal packages from within an original Ubuntu. If you want that, check the Ubuntu forums. But this is a good and clean install.

I tried first IPcop and it's sublings and them I tried to customize Debian 6.04, only to end up with spasms, and then I found Zentyal. It pretty much worls out of the box for beginner-to intermdiate network administrators.

Keep up the good work, Zentyal devs!

The desktop itself, LXDE based.

Administration is performed within the web
interface in the pre-installed FireFox.

One great thing about keeping old hardware around!

ACER Tower

Other solutions like IPCop and MonoWall are great, but this makes a good multifunctional device:

• Cheap ISP routers are casually hacked. This will chase away most random hackers.
• The computer in question can be used for more than just a dumb dedicated firewall
• Traffic shaping can control bandwidth usage, if let's say, you have a neighbor who lends some internet from "time to time. (Meaning "I'll fucking kill you if I lose my XBox Live connection again").
• Intrusion detection and general bad packet warning

The Demise of a Harddisk

So, you don't need to be a computer expert to have realized that Maxtor harddisk are about the lowest quality disks you can buy. My stack here of about 7 broken Maxtor Disks, while almost every other disk (newer or older) works fine.

So here's how a Maxtor drive eels it way trough detection mechanisms before they go titsup without warning.

I had two 320GB Maxtor harddisks (salvaged from their horrible OneTouch external USB drives with notoriously faulty controllers)

So here is what's inside one of these:
Some custom IDE-2-USB interface
That disk is a regular 3.5" IDE drive.

When the controller fails (as both mine did about at the same time) you can take the disks out, they are still (Maxtorwize) ok.
It was two such disks that became one of the RAID0's in my file server.
I set up in RAID0 on a Medley RAID SiL controller. Suddenly my clients complain about the drive not beeing available.


Just some time before before this, I noticed that one of the drives had trouble syncing speed up to the other drive. I could hear it ticking, like 2-3 times per hour. That's how I got suspicious first. Since then, I proactively moved stuff from the drive to another drive (after a proper checksum check).

I then check out the fileserver with the RAID, and lo and behold, the controller software had issued warnings about a drive. Their SMART status was OK, but still the RAID controller was complaining.

So I am beginning to think that Maxtor drives fakes their SMART status and dies off without any warning.

Right now I am shuffling about as much as I can from the RAID :)

Anyway, after a 3rd reboot of the fileserver, and stopping other clients from accesing that RAID, I seem to be able to move files from it, uninterrupted, locally on the machine. I just hope this will hold until the disk dies. I'll reconfigure the two disks to RAID1 and wait for the first one to fail. At least then I've only lost 320GB of free space and not 640GB of stuff. (That particular RAID was purely a playground and download setup.)

I have a RAID10 setup of WD disks, let's just say I have a lot more confidence in that! Also I have a spare disk for that RAID should it ever become needed !

UPDATE: May 8th 2012:
The RAID10 actually failed! It went better than expected

So I had to do a summarization of the hardware we got going here.

CPU power:
AMD Turion(?)   x4  1.5Ghz (laptop)
AMD Phenom II x6, 3.4Ghz (game rig)
AMD Phenom II x4 3.4 Ghz (fileserver)
Intel Pentium 4         1.8Ghz (firewall)
Intel Celeron             1.4Ghz (sec)
Intel Celeron             1.5Ghz (offline)

=                                44.7Ghz

Memory:
4x1 Kingston HyperX 4.00GB
4x4 Kingston HyperX 16.GB
Laptop DDR                512 MB
Laptop DDR                512 MB
P4 DDR2                     1GB
Laptop                         6GB

=                                  28GB RAM

Disk:

320GB Raid 10
640GB Raid 0
320GB Raid 0
500GB Raid 0
5 TB External
80 GB SSD
250GB Sata
320 Sata
160 GB Samsung
30 GB Laptop
600 GB Laptop
+++

= 8,2 TB Space (More than that including Raid spares++, probably around 10TB total)

GPU: Any combinaton of these. I can run CrossFire CL and PhysX at the same time.
2x6790 2GB VRAM CF OPENCL
1x8800GT 512MB VRAM PHYSX
GeFore MX440 PCIe Edition, 64MB

Laptop GPUs
1xAMD Mobile CF2 512MB
2xIntel915 Some variants of therse 32MBx2

GigaBit Switched Network. JF4.
OS: Win7, Debian based security software, Several distros that follows rule #1 will be more than happy to accomodate your needs in case you break the ISP router. Here be dragons, if that wasn't obvious enough.

ISP 25/5 Line, no quota. :D
Power drain: Probably around 1KW per hour when all computers goes max settings and troughput.


Now the question is: Will it run Beowulf? Or skynet!