Topic: firewall setup, VPN

[Peter Smithen]

I just set up e-smith the other day and it is truly awesome.  I've been looking a long time for a simple no frills gateway but with functionality.  It's great.
I would love to see more control over which services are offered by the gateway.  I would really love to have a firewall configuration - no mail, or web services.  Greater VPN services would be great too

[Jason Miller]

> I would love to see more control over which services are offered by the gateway.

We were already thinking along those same lines.  As part of the work for 4.1 we had introduced a services panel whereby you could selectively enable/disable services such as mail/web [to provide a firewall system].  The decision was made to pull the panel due to a lack of resources/time to put into making sure it worked flawlessly and improving it to be fancier.  It is conceivable that it will make its way back into the distribution.  In the meantime, feel free to download it and use it for your existing networks here as a contributed rpm:

ftp://ftp.e-smith.com/pub/e-smith/contrib/JayMiller/RPMS/noarch/
e-smith-service-control-1.1.0-01.noarch.rpm

Jason

[Prab Gill]

Hi Jason,

What is the syntex to configure this RPM? I will appreciate your reply.

Regards.

[Jason Miller]

No configuration required (for most cases).

To install the rpm try this:

FTPSITE=ftp://ftp.e-smith.com/pub/e-smith/contrib/JayMiller/RPMS/noarch

{or preferrably a local mirror}

rpm -ivh $FTPSITE/e-smith-service-control-1.1.0-01.noarch.rpm

Then a new panel should appear on your e-smith manager (I believe called "Services").

From there you will find a list of services to enable/disable and then can carry on through the instructions on the page to disable any unnecessary services.

If you need to do any customizations (to change the groupings) you'll have to learn some perl and take a look at /etc/e-smith/web/functions/services where the structure for those service-groupings is defined.

Hope that helps,

Jason

[Prab Gill]

Thanks for your help. I tried it a bit different way than you suggest because it did not work. So I tried it with the following command:

rpm -ivh ftp://ftp.e-smith.com/......

and it worked.

Regards,
Prab