Linux Nightmare

[Admiral Ross]

Hello All!

 

Attempting to expand my storage capabilities on my ClarkConnect Firewall last night broke it big time! I lost data across 3 hard drives. I was trying so carefully to preserve the mount points. It didn't work out the way I planned. Trying to force myself to learn Linux. I do have some knowledge but not enough to get out of the pickle I was in last night. Eventually, I reformated everything to NTFS 5, and install Win 2k Adv Srv.

 

-=-=- /etc/fstab -=-=-

/dev/hdb1 /data01 ext3 defaults 0 0

/dev/hdc1 /data02 ext3 defaults 0 0

-=-=- /etc/fstab -=-=-

 

For some strange reason the first mount point was in the root "/" and I know I had data on all of them. There were specific dirs in there that I made. They were gone after the mount. Umounted them and re-mounted them again, still I couldn't see anything. Where the hell did the data go! I was fustrated by this time, it was hours later.

 

The fiance was calling me to bed so it must've been late...

[rridgely]

Wow that sucks.

I'd attempt to offer some form of assistance but I don't know anything about linux.

 

Good luck on that one though.

[TheFiresInTheSky]

im pretty sure that eldamen or however you spell it, knows alot about linux.

you may want to ask him because i dont know of anyone else that knows linux good.

good luck!

[Eldmannen]

Hmm...

 

/etc/fstab is a configuration file for "file system table". (fstab)

 

/dev/hdb1 is the first partition on the secondary IDE harddisk.

/dev/hdc1 is the first partition on the third IDE harddisk.

 

ext3 is a journaling file system based on ext2.

 

You usually don't mount partitions in the root directory (/), you usually mount them under the /mnt/ directory, or if you mount many, then /mnt/disk1/ and /mnt/disk2/ or something similar.

 

You can try state your problem and ask for further information on the Clark Connect community forums.

 

Reformat everything was not a good idea if you cared for the data, as it makes recovery more difficult.

I wouldn't install Win2k Adv Srv, for a firewall, Linux or OpenBSD is really great.

[Admiral Ross]

You can try state your problem and ask for further information on the Clark Connect community forums.

 

Reformat everything was not a good idea if you cared for the data, as it makes recovery more difficult.

I wouldn't install Win2k Adv Srv, for a firewall, Linux or OpenBSD is really great.

 

Their forums for some reason are on slow response. Not like here.

 

As for the data. It was alot of muisc that can be restored just takes alot of time. Other stuff was docs, mail, things I had on my computer. 99% of the stuff could be downloaded again, but it's time consuming.

 

As for win 2k adv srv, it's only a file server for now. I'll be going back to using Endian Firewall v2 again, but on another computer.

 

Future objectives: Quad Nic card for the firewall., 512 mb ram, P3 1.2 ghz, 20 gb hdd. File Server, 1 gb ram, athlon 64 x2 3800 dual core, 2TB hdd.

 

Thanks,

[Eldmannen]

You can get try some help at some Linux-related channel on IRC.

Freenode (irc.freenode.net) has plenty of Linux-people.

 

You don't really need quad NIC firewall with 1.2 GHz and 512 mb RAM for a firewall, an old 486 would work just fine.

[Admiral Ross]

You can get try some help at some Linux-related channel on IRC.

Freenode (irc.freenode.net) has plenty of Linux-people.

 

You don't really need quad NIC firewall with 1.2 GHz and 512 mb RAM for a firewall, an old 486 would work just fine.

 

Wow! I haven't touched IRC in a long time. I used to chat, but not in recent years.

 

The quad Nic is for the following:

Nic 1 - Red - Internet

Nic 2 - Orange - Web Server

Nic 3 - Blue - Wifi WLAN

NIc 4 - Green - LAN (Wired)

 

I rather have all of them in one card then spread across 4 pci slots. As for a 486 I dont know. Why? I'll be running squid, dansguardian, pop, smtp proxying, HTTP / FTP virus scanning.

 

Cheers,

[Eldmannen]

IRC is old school, but its still alive and kicking!

 

What if you put webserver on the LAN, then you could live with only 3 ports, not 4. You could even put the Wi-Fi on the LAN too, then live with only 2 ports.

 

Though you were only using firewall, then a 486 would be adequate. Didn't know you intended to run Squid, Dansguardian, POP, SMTP proxying and HTTP/FTP virus scanning.

[Admiral Ross]

IRC is old school, but its still alive and kicking!

 

What if you put webserver on the LAN, then you could live with only 3 ports, not 4. You could even put the Wi-Fi on the LAN too, then live with only 2 ports.

 

Though you were only using firewall, then a 486 would be adequate. Didn't know you intended to run Squid, Dansguardian, POP, SMTP proxying and HTTP/FTP virus scanning.

 

Moving those objects as you suggested would defeat the purpose of the firewall. The Orange interface is designed for servers that accept incoming connections from the internet. So the Orange serves as the DMZ. As for the Blue it's for WiFi. At currently I have a pretty strong setup. But, what if my Access Point was compromised? The attacker would be locked into the blue (wifi) subnet.

 

Cheers,

[Eldmannen]

I am pretty sure you could have different sets of rules for different IP addresses and be able to have some computers protected while the servers have some ports open.

 

iptables is crazy awesome.

[Admiral Ross]

I am pretty sure you could have different sets of rules for different IP addresses and be able to have some computers protected while the servers have some ports open.

 

iptables is crazy awesome.

 

What you are describing is called a pinhole, if I'm not mistaken. All of those devices would be on different subnets. I'd have to agree, iptables is awesome! Unfortuanitly, I'm not too savvy on configuring iptables from scratch/by hand.

 

Cheers,

[Eldmannen]

You can read more about iptables in the manual page by typing "man iptables" in the shell.

 

http://en.wikipedia.org/wiki/Netfilter/iptables

http://www.netfilter.org/documentation/

 

There are documentations, guides, how-to, scripts, etc.

 

I like to write the configuration scripts by hand, because it gives me alot of flexibility, freedom and control to configure it in every aspect exactly as I want it to behave. I drop all packets except those which I allow.

I haven't used it for routing though, I've only used it for firewalling.

It was love at first eye-sight, I immediately fell in love with it!

[Admiral Ross]

You can read more about iptables in the manual page by typing "man iptables" in the shell.

 

http://en.wikipedia.org/wiki/Netfilter/iptables

http://www.netfilter.org/documentation/

 

There are documentations, guides, how-to, scripts, etc.

 

I like to write the configuration scripts by hand, because it gives me alot of flexibility, freedom and control to configure it in every aspect exactly as I want it to behave. I drop all packets except those which I allow.

I haven't used it for routing though, I've only used it for firewalling.

It was love at first eye-sight, I immediately fell in love with it!

 

Pretty impressive links! There is a whole lot of info in there that would take me at least a month to digust! As for playing with iptables I'd have to make a TEST subnet so that my PRODUCTION subnet won't get damaged. BTW Wikipedia is awesome! Thanks for the links too.

[Eldmannen]

Yeah, Wikipedia is awesome, I use it alot and I am also a avid contributor.

Iptables can be complex, but it sure does provide the possibility to configure it and control it in-depth to great extents.

And while using it, you hopefully learn a thing or two about routing, Internet, TCP/IP, etc.

[Admiral Ross]

Yeah, Wikipedia is awesome, I use it alot and I am also a avid contributor.

Iptables can be complex, but it sure does provide the possibility to configure it and control it in-depth to great extents.

And while using it, you hopefully learn a thing or two about routing, Internet, TCP/IP, etc.

 

Thanks again for your insight. I now have more projects to work on.