Anyone try this? It's pretty cool...
I got it cuz in a couple of days I am going to have my DSL service turned on and I wanted a nice firewall. I have it setup now to connect with dial up.
I took my 56k modem out of my main machine an put it in the Coyote machine. It works, but my only problem is that the connection (from my main machine to the Coyote machine (back and forth (through ethernet))) is so slow!!
I know dial up is slow, but this is the same exact modem that i used before i had a coyote linux machine. Anyone know what I could do about it.
If I could get faster speeds from DSL w/out this I might do that, this is rediculous.

Here is the breakdown:
Main Machine (behind the firewall):
PIII 550
128 M RAM
100Mbit NIC
WIN2K/RH6.2

Firewall Machine:
P 133
32 M RAM
100 Mbit NIC
Coyote Linux

Any help is surely appreciated.

i have used coyote, but only to connect to ADSL (PPPoE-BellSouth)
i had no throughput problems

have you tried the forums at coyote?
http://www.coyotelinux.com/

BUMP

I have checked the forums, they weren't too helpful...
I am going back there to search again, in case i missed something.


If anyone has any suggestions, i would be grateful.


------------------
Never go up against a Sicilian when death is on the line!!
Hahahahahahaha***

Is the firewall proggy with Coyote the Seattle Firewall? If you like it (I do) you can dl it from www.seawall.org (http://www.seawall.org) and it is real easy to set up on a stand-alone machine.

------------------
We'll get thisright yet!

BUMP


I don't know if it is seattle firewall.

I did check to see if the latency was only a windows prob. I tried using RH6.2 (This is a dual boot machine) and it happens there also....

any suggestions?

------------------
Never go up against a Sicilian when death is on the line!!
Hahahahahahaha***

BUMP

Just for ****s and giggles I installed win 2k on the firewall machine (sllooowwwllly), and set up internet connectin sharing.. to see if the problem would be duplicated...
it wasn't....


If anyone has a clue about this...please tell me I don't wanna share internet w/a windows gateway....
http://www.linuxnewbie.org/ubb/frown.gif

Originally posted by drstrangelove:
BUMP

Just for ****s and giggles I installed win 2k on the firewall machine (sllooowwwllly), and set up internet connectin sharing.. to see if the problem would be duplicated...
it wasn't....


If anyone has a clue about this...please tell me I don't wanna share internet w/a windows gateway....
http://www.linuxnewbie.org/ubb/frown.gif

You could always run Win2K Advanced Server and use RRAS (Routing and Remote Access) instead of ICS. IMO, ICS sucks. I think I'm going to switch to a Linux firewall... I want my own webserver http://www.linuxnewbie.org/ubb/smile.gif As for now, I use a Windows2K Server as my gateway. I'm actually on a machine behind the firewall/router right now ... MDK 7.1 ...

http://www.linuxnewbie.org/ubb/cool.gif Linux Newbies http://www.linuxnewbie.org/ubb/cool.gif

Don't you have like a Network Tracker or Monitor or something on either of those computers? What happens if you ping them? I'd say if you don't get an error with Win2K, it's probably a driver that's wrong with your network cards in one of the machines. Try changing them around with other cards. It could be the cable too, but from the sounds of it I doubt if that's right. Just some suggestions...

How fast is your ping from your xyz box to your coyote box?
( you say it is slow between the two of them. )
If you mean your firewall is s.l.o.w then check to see if any external services you n.e.e.d ( like from your isp ) are being REJECTed or DENYed in the firewall. REJECT things like netbus and DENY others. It could be a timeout problem on the other end, waiting to see if you do or do not respond.

000000000000000000000000000

Well all here's the scoop....

I used Coyote Linux because I didn't think my skills were at the right level to undertake a firewall and ipchains ruleset So I just used Coyote hoping that it would take care of the nitty gritty for me. It would have been cool cuz it has VERY few services to exploit at all.


I had Coyote Linux as the firewall the ping times between the two (xyz and coyote) machines were fine... pinging from the coyote machine to the outside were cool, but pinging the outside world from the xyz machine was tooooooooooo slow.


I gave up on the Win2K for GP...

I then put RH 6.2 and spent the better half of 5 hrs working on GENERIC ipchains rules. Whew! Well, I did it and it works... just like it should.


I now have other questions...
Since this is a RH machine now, i went with a minimal install to keep space on the HD and to keep as few services as possible on the machine. Once I got IPChains working right i d/l'd some security software...
Is this enough or is there more I should do to lock it down even further?
IPCHAINS
Tripwire
Portsentry
Bastille Linux (Bastille Linux rocks, it fscking kicks ***!!!)

Also in the hosts.allow i have only two entries (only the internal network)
In the hosts.deny I have ALL: ALL
I only have one service in /etc/inetd.conf and it is commented out.

Are there any more things I could do to keep her more secure?

Oh and btw, here is another question/comment:
In Win, I can't receive files from ICQ I can send files, but after a while it just stops the transfer. I have yet to be able to send a complete file through ICQ, or receive one..
Anyone know what Icould do to fix this?
I am going to try it on Gnomeicu later tonight to see if there is any difference.

Thanks for the help in advance...

------------------
Never go up against a Sicilian when death is on the line!!
Hahahahahahaha***

BUMP

------------------
Never go up against a Sicilian when death is on the line!!
Hahahahahahaha***

Never used/tried coyote linux before, but I am assuming that it is specific to making a firewall and routing traffic....

With that in mind, does it have a traffic shaping type program in it?

If it does, it may be slowing down the important stuff and letting less important stuff go thru normally...

What I am getting at is limiting something such as napster to X bandwidth and allowing send mail y and icq z bandwidth, but user w can use this much at a time if it is available....

I know that this is muddled, but I'm not feeling good at the moment... I hope that somebody has the gist of what I am trying to say and can interpret for everyone else. http://www.linuxnewbie.org/ubb/smile.gif

------------------
Knute
Email: knuteh@yahoo.com
ICQ: 53979509
GAIM: knutehall

Im using the lrp (linux router project) for my router/firewall. if fits on a floppy and you just though it in a 486 or getter machine with 2 nic cards (preferable a common one 3c509 or similar) uncomment a few lines for you ip, network, port forwarding etc and bam, your set to go. mine set up with ssh forwarding, http, ftp and the rest is shut down. you can even disconnect the fan and hd since it is all loaded to the ram (12mb ram needed) thats it. www.lrp.cOwz.com (http://www.lrp.cOwz.com)