Domain: clarkconnect.org
Stories and comments across the archive that link to clarkconnect.org.
Comments · 32
-
Clarkconnect
You just need to set up a Clark Connect server as your router. It can also run behind your router. I've used the road warrior VPN with the windows XP client, it works fine.
Don't complicate things, just set this up on your end, enable the road warrior VPN, and pass out accounts to family memebers with instructions for setting up the XP PPTP client. -
Re:NAS
For your requirements, I'd suggest ClarkConnect - http://www.clarkconnect.org/. Get the free/home version. I've used it for years - it's great.
Ironically, I spent the weekend playing with FreeNAS. I was able to get ~380Mbit/sec on my el-cheapo gigabit network. I'm quite impressed with FreeNAS. It's easier to setup/configure/manage than anything else I've worked with. -
Yep ..
I use an AOpen i855 motherboard w/ a Pentium M proc. There is a newer one from Aopen called i915 also. I use it as a gateway/firewall/server (use a distro called clarkconnect
.. http://www.clarkconnect.org/ works wonderfully). Low power, quiet, cool ... ** But why NFS? Just use Samba. -
A bevy of choices
http://www.astaro.com/
http://www.m0n0.ch/wall/
http://www.clarkconnect.org/
those few and some unused hardware will get you going. -
Get the best of two world...Clark Connect
That's a redhat-based distribution that let you install a web-managed router/gateway/proxy/name it.
The home edition is free, so if you have some old hardware, then you spare the hassle of the administration.
Of course, I own a d-link router as well, and it work without problem, but of course we do not do much p2p here.
Just choose your poison... But do not forget intermediate options. And no, I do not work@/for clark connect.
-
ClarkConnect
I have done several network installs for people who have kids, and want web content filtering. Generally what is set up a gateway machine with a distribution of linux called "ClarkConnect" clarkconnect.org which is designed specifically to be used as a gateway. It already has dansguardian and squid installed, as well as a iptables, dhcpd, and other various useful features. What I really like about it, is that it has a nice web interface which allows my customers to actually make changes to dansguardian/squid, the firewall, and other services without having to actually know any linux commands. It's very user friendly.
-
Simple solutionI had a similar issue with my DSL connection at home. Using SSH was really painful, when someone was downloading...
A lot of people got down to the nitty gritty technical details, but as I understand you want something simple that just works. Well, I use a Linux Firewall distro to do the routing in combination with a small script to configure the QoS.
Try Clarkconnect in combination with Wondershaper. Wondershaper uses some basic input parameter to configure the kernel to traffic prioritization. I found it very easy to define my available bandwidth, what services require a higher or lower priority.
-
Forget Game Clients, create a Server Distro!
First a bit of Linux history reiterated, just to set the scene... Linux has gained the widest adoption in the server arena, probably the largest segment being dedicated Internet/Firewall boxes. Running without a GUI or even headless (without attached monitor/etc), configured via Web interface, even using "lower end" hardware. These are perfect canidates for adding more server software to, in this case we'd add a simple way to install and configure game servers.
The advantages are obvious, we can sidestep the entire issue of "does Linux support the latest games" since most modern games come with a Linux server component that is superior to running a server/client at the same time on your Windows box. (added server overhead usually only if you are serving the game of course)
Considering the wide variety of dedicated firewall distros out there (my own favorite) and how easy they are for even Linux newbies to setup, there isn't much of a leap to create such a distro. One of the main issues of course is getting the needed copyrighted content from the game CD to the Linux box, something that is both a manual and painful process in many cases.
I've discussed this project with a few friends who are familiar with Linux firewalls/game servers also, but unfortunately we haven't had time to do more than brainstorm on it. If we do end up putting together a basic distro like this you can be sure I'll submit it to /. games section. Anyone super interested can email me.
Jonah Hex -
Server Distro First, grow installed Linux base!
First a bit of Linux history reiterated, just to set the scene... Linux has gained the widest adoption in the server arena, probably the largest segment being dedicated Internet/Firewall boxes. Running without a GUI or even headless (without attached monitor/etc), configured via Web interface, even using "lower end" hardware. These are perfect canidates for adding more server software to, in this case we'd add a simple way to install and configure game servers.
The advantages are obvious, we can sidestep the entire issue of "does Linux support the latest games" since most modern games come with a Linux server component that is superior to running a server/client at the same time on your Windows box. (added server overhead usually only if you are serving the game of course)
Considering the wide variety of dedicated firewall distros out there (my own favorite) and how easy they are for even Linux newbies to setup, there isn't much of a leap to create such a distro. One of the main issues of course is getting the needed copyrighted content from the game CD to the Linux box, something that is both a manual and painful process in many cases.
I've discussed this project with a few friends who are familiar with Linux firewalls/game servers also, but unfortunately we haven't had time to do more than brainstorm on it. If we do end up putting together a basic distro like this you can be sure I'll submit it to /. games section. Anyone super interested can email me.
Jonah Hex -
Thats pretty cool and all, but
I like my ClarkConnect box better. All it cost me was a pile of old parts that were headed for the dumpster and a ~300 MB download.
-
ClarkConnectMy personal favorite of the "turnkey" firewall distros. Great features, very robust and quick enough to run on my lowly P120-96MB.
I use it for FTP, WEB, SMB, AppleTalk and print server as well. Heck, they even give you a free dynamic DNS address.
They also have a commercial version that supports IPSEC and PPTP, although you can install that stuff yourself.
Check it out here for the hobbyist version, or here for the commerical version. Enjoy!
-Fordboy0
-
Re:I doubt they were filtering...Privoxy works great with Squid, as mentioned above I've got them chained with Squid running in transparent mode. Here's a relevant snip from their FAQ. (quote edited down slightly for space)
3.16. How can I make Privoxy work with other proxies like Squid?
Works great, however I would enable rules on privoxy slowly in order to avoid the "something broke with web browsing and I don't know which of these options I should turn back off" syndrome.This can be done and is often useful to combine the benefits of Privoxy with those of a caching proxy. See the forwarding chapter in the user manual which describes how to do this.
3.18. Can Privoxy run as a "transparent" proxy?No, Privoxy currently does not have this ability, though it is planned for a future release. Transparent proxies require special handling of the request headers beyond what Privoxy is now capable of.
Chaining Privoxy behind another proxy that has this ability should work though.
ClarkConnect comes with Squid/Privoxy/Snort/SpamAssassin setup and ready to go, although in an earlier version I installed Privoxy myself and chained it to Squid with no problem.
Jonah Hex -
Re:I doubt they were filtering...From the Privoxy documentation regarding filtering
Typical reasons for doing such substitutions are to eliminate common annoyances in HTML and JavaScript, such as pop-up windows, exit consoles, crippled windows without navigation tools, the infamous tag etc, to suppress images with certain width and height attributes (standard banner sizes or web-bugs), or just to have fun. The possibilities are endless.
Privoxy is a successor to Junkbuster, and I use it with the Squid Proxy server in transparent mode. Of course I don't bother filtering nasty bits of text here at home, however it can be used to do any type of replacement you want thanks to a very powerful Perl-compatible regular substitution system. You literally can do ANY type of replacement, text for text, text for image (or the reverse), anything for anything. Of course I'm using pretty much the defaults since it came pre-installed (but not on by default of course!) with my free download of ClarkConnect Linux Firewall Home Version. Maybe it's not what happened in this particular case, but I'm sure some companies out there are making full use of this.
Filtering works on any text-based document type, including plain text, HTML, JavaScript, CSS etc. (all text/* MIME types). Substitutions are made at the source level, so if you want to "roll your own" filters, you should be familiar with HTML syntax.
Jonah Hex -
My "must have" util Cds
"I'm buying a new mid-grade laptop computer, which I plan to dual-boot between Windows XP Home and Mandrake 9.x. Before its arrival in a few weeks I'm trying to think of what 'essential' software I'll need to make a usable home system. In general I'd like to spend as little money as possible (free is good). As far as my needs, think 'typical family PC' without an emphasis on gaming. I know I can get something like Open Office for word processing, presentation, etc. needs, but is there such a good thing as a good free virus checker? A good free email client? A handy web browser? What would you consider the top 10 (or so) pieces of software for a new home system, bearing in mind that I need software for both the Windows and Linux side of things?""
These are the files I keep on my "Esential CDs" that I bring around to help out other non-techs (Windows users) people. (Of course because they are financially broke after paying $200 for their Operating System, they want everything else to be free.) ;-)
Anti-Virus: The best free antivirus program I have found AVG Anti-Virus 6.0
Office Suite: (Word Processing, SpreadsThe quick brown fox jumped over the lazy dog.
The quick brown fox jumped off the edge. The quick brown fox ran off with all his toysheet, Slideshows, etc.)
Open Office 1.1
CD/DVD data/audio Burner: (and doubles as a CD image creator .ISO and .CUE)
BurnAtOnce 0.99a
CD/DVD image loader/emulator (perfect for people who often misplace their CDs): (loads .ISO, .CUE, .CCD, .CDI etc. files without burning them)
DAEMON Tools 3.41
MultiMedia Player (Mpeg, Mp3, AVI, etc.)Winamp Classic 2.91
or for audio only Foobar 2000 0.7
Zip Extractor:Ultimate Zip or7 Zip 3.11
Download Accelerator:Star Downloader v1.42
Internet Browser: (other than IE) Mozilla 1.4 or Opera 6.20
System Statistics: (Motherboard, Memory, BIOS, Video, Software info, etc)AIDA32 3.80
E-mail (other than Outlook Express)Thunderbird 0.2 or Pegasus Mail 4.12
Spyware/Adware killer:Ad-aware 6 or Spybot Search & Destroy 1.2
Pop-up Killer/Browser Enhancer (for IE)Google Toolbar 2.0.102
PDF document reader:Adobe Acrobat 6.0
FTP program (other than IE and the command line FTP)Winsock FTP LE 5.08 or FileZilla 2.2.1
Internet Chat Programs (other than Windows Messenger)Gaim 0.70or Trillian Basic 0.74E
Firewall Software:ZoneAlarm 3.7.211
or if you have Highspeed Internet, a spare 200mhz PC, and two network cards laying around...ClarkConnect 2.0
CD Ripper / MP3 Creator CDex 1.51
Graphics Editor (other than Paint) The Gimp
Graphics viewer (other -
Re:What is the power consumption
Power consumtion is simply not a problem for anything under the level of "major appliance", ie fridge, air cond, etc. Since my AC is off for the season (and my heat/stove is gas) my electric bills has dropped to around $30 a month, and that includes running 3 computers 24/7 with NO power management enabled. Of course my ClarkConnect firewall box rarely has a monitor attached to it, and my Video/Jukebox/eMule machine only has the monitor on for a few hours each day.
Jonah Hex -
Home Linux Firewalls
I'd much rather take an older computer and throw ClarkConnect on it. Comparing the feature list above with CC's features:
Security
* Stateful Firewall * Intrusion detection with Snort * Secure shell via SSH * IPsec VPN (Office Edition only) * PPTP VPN (Office Edition only)
Web Server
* Apache web server * Support for CGI and PHP * Secure/SSL support
File Services
* Journalled file system with ext3 * FTP server * Windows file server * AppleShare file server
E-mail
* POP and IMAP servers * SMTP server
Filtering
* Banner ad blocking * Web proxy * Content filtering (Office Edition only)
Printing
* Print server support * Printer sharing for Samba/Windows networks
Easy Configuration
* Web-based configuration* Optional Webmin package
Network Support
* DSL (including PPPoE) * Cable Modem * 802.11b Wireless (Office Edition only) * Internal DHCP server * Caching nameserver
There's a few not listed on the quick info page, such as Gallery and SpamAssassin, but you get the picture. Not to say that you couldn't add on to the software on the Rumba, after all it is Linux based, but who says they'll make it easy for you to do so. I have no problems adding new goodies to my ClarkConnect box, such as a NWN and TeamSpeak server for my gaming friends or SliMP3 server for around the house music, and I wouldn't give that up.
To give fair time to two other Linux firewall distros I've used in the past and like almost as much as ClarkConnect, check out Smoothwall and IPCop.
Jonah Hex -
ClarkConnect!
I think that ClarkConnect (free as in beer for the home edition) is exactly what the community needs to make inroads in the SOHO: take an old computer, put in two nic cards, pop the CD in the drive, answer about ten questions (mostly everything autodetects), and you've got a small business server.
Web based administration (you don't have to touch the cli), samba, firewire, vpn, antispam/anitvirus filters, apache, email/DNS backup. Best of all, there's a solid community behind it.
-
Bad practices all around...
checking for the domain names on the TLD servers once per second, downloading various files from the site once per second, and sending email to themselves once per second.
They obviously haven't been in the monitoring biz that long, at least not long enough to get a bill for all the bandwidth they're sucking down.Our first response was to talk to them and explain what we needed them to do, including a list of IPs that we used for customers so they could adjust their monitoring to suit what we thought was reasonable. They chose to ignore the first discussion and continued to abuse the servers. After the email server required a half-day of cleanup, the CTO simply shut them off at the firewalls. Rather than using the contact information they had, they chose to complain to our mutual customers instead. (I should note we do significant monitoring of the servers ourselves, and typically know if something is wrong within minutes of the event.)
Sounds like your company is reasonable, and therefore expecting this possibly "fly-by-night" monitoring company to also be reasonable.Is this typical behavior of monitoring service companies? I know some of them are not reputable at all (due to spamming) however these guys seem to know what they are doing, and yet managed to effectively attack our mail and web servers, as well as doing some things I would not do to the TLD servers.
I just checked out ClarkConnect's monitoring page (I use their free Linux firewall but not these pay services) and their lowest monitoring interval is 2 minutes for $45/mth, then 5 for $30/mth, 20 for $10/mth and finally 60 mins for $40/yr being the cheapest. Obviously they know such continuous monitoring justifies passing that cost along to the consumer.It is hard to feel justified to shutting off someone else's cash-flow, but at the same time we need to defend servers from over zealous monitoring."
Thier own biz practices will be the death of them, don't shed any tears over a company that makes this large of a mistake and uses dirty methods to contact customers. I wonder if your now going to have to charge your hosted sites that used the services for the excess bandwidth they used? Maybe cut them a "goodwill" deal on the excess charges?
Jonah Hex -
Bad practices all around...
checking for the domain names on the TLD servers once per second, downloading various files from the site once per second, and sending email to themselves once per second.
They obviously haven't been in the monitoring biz that long, at least not long enough to get a bill for all the bandwidth they're sucking down.Our first response was to talk to them and explain what we needed them to do, including a list of IPs that we used for customers so they could adjust their monitoring to suit what we thought was reasonable. They chose to ignore the first discussion and continued to abuse the servers. After the email server required a half-day of cleanup, the CTO simply shut them off at the firewalls. Rather than using the contact information they had, they chose to complain to our mutual customers instead. (I should note we do significant monitoring of the servers ourselves, and typically know if something is wrong within minutes of the event.)
Sounds like your company is reasonable, and therefore expecting this possibly "fly-by-night" monitoring company to also be reasonable.Is this typical behavior of monitoring service companies? I know some of them are not reputable at all (due to spamming) however these guys seem to know what they are doing, and yet managed to effectively attack our mail and web servers, as well as doing some things I would not do to the TLD servers.
I just checked out ClarkConnect's monitoring page (I use their free Linux firewall but not these pay services) and their lowest monitoring interval is 2 minutes for $45/mth, then 5 for $30/mth, 20 for $10/mth and finally 60 mins for $40/yr being the cheapest. Obviously they know such continuous monitoring justifies passing that cost along to the consumer.It is hard to feel justified to shutting off someone else's cash-flow, but at the same time we need to defend servers from over zealous monitoring."
Thier own biz practices will be the death of them, don't shed any tears over a company that makes this large of a mistake and uses dirty methods to contact customers. I wonder if your now going to have to charge your hosted sites that used the services for the excess bandwidth they used? Maybe cut them a "goodwill" deal on the excess charges?
Jonah Hex -
Re:I like
Oh yes, and sadly, as a follow up,
ClarkConnect includes RAV antivirus. I just read that on the http://www.clarkconnect.org website.
RAV was recently purchased by M$. So much for security.
I won't use or recomend any products based on M$ and most certainly won't use and products produced or owned by M$.. -
Re:New type of linux distro? (again)
ClarkConnect Its a Home server/gateway, works great.
-
The Easiest to Use Linux Distros...
...are the ones that have a stated purpose, and dedicate its entire user interface towards that one purpose, for example ClarkConnect is used by many of my non-Linux/Unix using friends, and the only questions they have are always in regards to using it in a manner it was never meant to be used.
-
Clarkconnect!
Clarkconnect is a robust "turnkey" server package that really kicks ass. I have used e-smith, Mandrake's SNF (Single Network Firewall) and Smoothwall.
I am running this firewall/fileserver on a P100 with 96M of ram, so performance was pretty important to me.
I run the following servers on the box...
Appletalk (netatalk), Samba, FTP (Proftpd), HTTP (Apache), SMTP (exim), DHCP, SSH, CUPS, WEBMIN and SQUID.
The performance of the box is outstanding and very robust. It has a really nice web-based interface for modifying the box's setup.
I'm not knocking any of the others... I still have an e-smith server running at a clients and it's been chuggin' along for a couple of years now.
Just my $.02
-Fordboy0
-
I tell you what...
I run ClarkConnect on my firewall. Redhat, Debian, Gentoo, Lunar and Slackware on my *personal* box. Lycoris on my wife's box (no humorous responses please).
While the individual merits of each distro can be argued to no end, I do have to note that only Lycoris and ClarkConnect (Based om RH 7.2) worked perfectly out of the box. (Inasmuch as Windoze does)
Noting that, I would say that if you want to learn the differences between the distros, you should first learn how to multi-boot your machine. The greatest learning experience for me has been to have a working distro available at all times, while I'm trying to get a new (to me) distro working that I'm not familiar with. (Such as linux-from-scratch)
Anyway, I hope I haven't strayed too far from the subject, but I had to add my $.02.
In short, IMHO, if you are a complete newbie, learn how to multi-boot, install Lycoris, Mandrake and Debian. (or go to DistroWatch and pick a couple.) Graduate from one to the next while keeping your working distro intact. Then, Paraphrasing another post I read "apt-get when you finally get it together" - lol.
Happy Thanksgiving!
-
Ripped from my bookmarks: other distrosSome other fits-onna-floppy distros; many of these are security-focused, firewall-appliance type efforts. Disclaimer, this list is of stuff I
/want; to check out when I get the time: I'vfe no idea how good or bad they are, beyond Theo's famous comment about entrusting the most important piece of one's network to the most unreliable piece of hardware in modern computers (approximately). Some of them may actually NOT be floppy-distros, I need to clean up these bookmarks... jesus where did the time go... *sigh*
- http://www.superant.com/smalllinux/
- http://ibiblio.org/vectorlinux/
- http://www.zelow.no/floppyfw/
- http://www.xandros.net/
- http://www.gentoo.org/
- Smoothwall
... - http://www.ipcop.org/
- http://www.mandrakesoft.com/products/snf
- http://www.freesco.org/
- http://www.coyotelinux.com/
- http://leaf.sourceforge.net/
- http://www.gnatbox.com/Pages/gblight.html
(this ones based on BSD IIRC) - http://www.bbiagent.com/
- http://www.clarkconnect.org/"
- http://www.linux-firewall-tools.com/
- http://www.superant.com/smalllinux/
-
Summary of mentioned firewalls, and a questionIt looks like a lot of the Linux-based firewalls I've seen recommended here use ipchains with the 2.2 kernel instead of iptables with the 2.4 kernel. As far as I understand, this would mean they can't do connection tracking for things like FTP and IRC. Here's what I'm able to figure out so far...
Firewalls using iptables with 2.4.x kernel:
- Astaro Security Linux: kernel 2.4.x
- BBIAgent: kernel 2.4.13
- ClarkConnect: iptables, kernel 2.4.9-31 (RH 7.2)
- Trinux: iptables, kernel 2.4.x (Slackware)
Firewalls using ipchains with 2.2.x kernel:
- Coyote Linux: kernel 2.2.19
- IPCop: kernel 2.2.x
- LEAF/LRP/Dachstein: kernel 2.2.19
- Mandrake SNF: kernel 2.2.19
- Smoothwall: kernel 2.2.19
Firewalls using ipfwadm with 2.0.x kernel:
My question is, isn't it best to use an iptables-based firewall on a 2.4.x kernel instead of an ipchains- or ipfwadm-based firewall on a 2.2.x or 2.0.x kernel? I definetely want the connection tracking capabilities in the 2.4.x kernel, especially for screwy things like FTP, IRC, etc. (Yes, I know there is an IRC connection tracking patch out now for 2.4 kernels...) Is a kernel that doesn't support connection tracking for firewalls a reasonable option these days? -
Re:Clarkconnect
pentium 90 at a yard sale - 30$
2 cheap PCI NIC's from Fry's electronics - 16$
Single blank CD-R for the distro 50cents
Setting up Clarkconnect as a firewall and NAT router - Priceless.
There are some things money can't buy... -
ClarkConnectI have been using ClarkConnect for quite some time, and have been very impressed.
It is a full linux distribution, based on redhat 7.2, and is your typical linux firewall/router, but also comes with Snort, SSH, Junkbuster, Apache, proftpd, samba, cups, webmin, MRTG, etc.
The interface is web-based or commandline-based.
I am currently running it on a 486-66, 20M ram system, and the routing is very quick (I don't notice any slowdowns at all), but administration is a bit slow with this old box.
I'd highly recommend it.
-
ClarkConnect is Easy and Free...
Please check out ClarkConnect... it's a great little firewall based on RedHat 7.2. It gets regular updates, and has an active user community.
-
Re:Alan Cox Says It BestWhat you say is a problem, but it will not be a dealkiller until Microsoft drops support for it's previous methods of authentication.
XP can see samba on my little ClarkConnect box and connect no problem (OK, so I haven't waded through the morass of actually making it authenticate yet, but I know it can be done). If NT6 comes out with basic SMB authentication dropped like MS dropped Java (one more reason why the settlement is meaningless), that's when the lights go out. Quite a bit can happen between here and there, and most of it rests on how the corporate IT world reacts to Microsoft.
-
Old PC
Count me in the "old pc running *nix" camp though I know it's not for everybody. I set up RH6.2 about 18 months ago with ipchains and Roaring Penguin PPPoE. Have since done the same thing twice more for friends and family. Works fine on everything from a 486SX25 with 8MB RAM to a 486DX2/66 with 16MB RAM using 3Com 3C509, SMC and NE2000 NICs. Average cost per machine was probably $50.
Anybody had experience with ClarkConnect? -
Re:Take a look at Smoothwall, perhaps?
Also, Point Clark Networks has a similar, very excellect package. You burn a CD, create an installation disk using a GUI, pop both in an old boxen... you're off to the races. It does web serving, local file sharing, ad blocking, etc.
Here's the URL: