 |
Linode.com Forum
Linode Community Forums
|
| Author |
Message |
autodmc
Joined: 01 Feb 2006
Posts: 40
|
| Posted: Wed Feb 01, 2006 10:56 pm Post subject: Setting up the "Web Hosting" package. |
|
|
OK. I've botched everything up. I'm gonna start all over again.
I'm installing Debian.
I want to install Zope. I will not be using Zope to run my actual web pages at this time. I will be using it to run some web applications, but not my site.
I want to install Lighttpd and PHP5 to run Mediawiki and to serve static content.
I want to install a SQL package. I've heard about SQLite is good for Linodes. This is so I can have a database store for Zope applications and Mediawiki. The main idea is to have a relatively zippy non hoggy SQL package.
BTPD - The BitTorrent Protocol Daemon. To run a guaranteed seed for some files of mine.
Some Kind Of Bittorrent Tracker.
However, I'm blowing up my installation every time I try to do anything. These are what I need to run my website.
Also, some security setup. I've been told to setup a software firewall, etc, etc... and I'm afraid that I'm going... what?
All my "life" I've used hosting from people who do all this stuff and it just "works" unless it doesn't. I got Gentoo installed happily on a box at home and on my workstation at work and thought, "Huh. Setting up a linux server can't be hard either." It's not really HARD... it's more DIFFERENT.
Help on getting this setup would be appreciated.
There's plenty of tutorials on setting up LAMP. But not so much on alternative stuff. |
|
| Back to top |
|
tronic
Joined: 04 Dec 2004
Posts: 123
|
| Posted: Thu Feb 02, 2006 6:52 am Post subject: |
|
|
If you want meaningful assistance, it would be good to provide meaningful error messages.... :-)
(Or problem reports with more details than "...I'm blowing up my installation every time I try to do anything.")
I have a rule of thumb: there is no such thing as too much detail. There is, however, such a thing as too little detail. Better to overdo it, and let people figure out what's relevant, than to underdo it and play a long-and-drawn out game of 20 Questions...
For a software firewall under Linux, you're looking at configuring something called iptables. There are a few nice front-ends that makes setup pretty easy for the novice iptables admin, but don't recall names or URLs offhand. Someone around here does, though. |
|
| Back to top |
|
autodmc
Joined: 01 Feb 2006
Posts: 40
|
| Posted: Thu Feb 02, 2006 10:26 am Post subject: |
|
|
I didn't get any real error messages. The reason why I said "everything go boom" is mostly because the errors I get are in my brain, trying to figure some of this stuff out. For example, I set up lighttp, configure it the way I think it needs be done, go to my linode's address... and my browser tells me that there's nothing there. And, had I not wiped out the disk image in frustration last night, I would post my config files, etc, here. XD
I wasn't really looking for "troubleshooting." I was looking for more a group of "how-tos" that could go into the Wiki along the lines of "how to setup IPTABLES with Shorewall," "how to setup lighttpd to serve static content from /var/www," "how to setup BTPD," etc, starting from a fresh distro disk image.
As for the errors I got, it's the errors you get when you tinker with directories and files with near-random "mv" and "rm" thinking you've figured out the world, and finding out... that all you've done is blow up this disk image.
I'll tinker some more, and when I get something working, I'll put it up on the Wiki. Honestly, the thing I'm worried about the most is the Firewall. Having never set up a firewall more complex than the "Windows" one or a point-and-click router version, when I look at IPTABLES (or the webmin shorewall), my head starts to spin. Eventually, I'll have this all figured out (discovery is 99% of the fun, right?), but I'd prefer to have at least my website up during that time.
Thanks for your response, though! As soon as I get an error message on stdout instead of brain I'll post profusely. :D |
|
| Back to top |
|
pclissold
Joined: 24 Oct 2003
Posts: 472
Location: Netherlands
|
| Posted: Thu Feb 02, 2006 11:16 am Post subject: |
|
|
| If Shorewall makes your head hurt, try Firehol. AFAIK, it doesn't work with webmin, but it is so easy to use and well documented that you won't care. There's a Debian tutorial by fellow Linoder Harry Sufehmi. |
|
| Back to top |
|
GaveUp
Joined: 03 Feb 2006
Posts: 15
|
| Posted: Fri Feb 03, 2006 1:24 am Post subject: |
|
|
| I'm not familiar with the above recommended FireHOL so I can't comment on how my recommendation compares to it, but for a simple firewall I recommend Arno's Firewall Scripts. I've been using it for a number of years and it's been able to do everything I've wanted on my home boxes and my linode. |
|
| Back to top |
|
autodmc
Joined: 01 Feb 2006
Posts: 40
|
| Posted: Mon Feb 06, 2006 12:38 pm Post subject: |
|
|
OK, I setup Arno's Firewall Scripts. Easy walkthrough kind of installation, it made sense. But now whenever I'm working at the terminal, I get these kind of messages that just suddenly dump onto the terminal:
Connection attempt (PRIV): IN=eth0 OUT= MAC=fe:fd:43:12:b0:72:00:02:fc:64:d8:af:08:00 SRC=65.19.178.245 DST=67.18.176.114 LEN=117 TOS=0x00 PREC=0x00 TTL=55 ID=0 DF PROTO=UDP SPT=58866 DPT=161 LEN=97
Connection attempt (PRIV): IN=eth0 OUT= MAC=fe:fd:43:12:b0:72:00:02:fc:64:d8:af:08:00 SRC=65.19.178.245 DST=67.18.176.114 LEN=117 TOS=0x00 PREC=0x00 TTL=55 ID=0 DF PROTO=UDP SPT=58866 DPT=161 LEN=97
::rubs eyes:: I knew I should have taken that Networking Basics elective at college.
Also, how can I test if firewall is "working?"
I might go ahead and look at FireHOL as well.
Thanks for pointers. Once I know what I'm doing, I'll know what I'm doing! |
|
| Back to top |
|
tronic
Joined: 04 Dec 2004
Posts: 123
|
| Posted: Mon Feb 06, 2006 12:46 pm Post subject: |
|
|
Regarding the messages being dumped to the console terminal... you probably need to adjust /etc/syslog.conf (or whatever the config file is for your syslog daemon).
You probably have a line in there that sends messages to root or *; adjust or disable these lines.
If you're not sure how, please post contents of your syslog config file, with the "code" html keywords surrounding it.
Regarding testing firewall... you'll obviously need to have access to a machine on the 'outside', and you'll most likely want a tool like nmap.
E.g. if you wanted to test port 9007/udp:
# nmap -P0 -sU -p 9007 <your Linode IP>
If you wanted to test, let's say, 1234/tcp:
# nmap -P0 -sT -p 1234 <your Linode IP>
You'll want to test each rule (port/proto/IP combo) to make sure it's responding in the desired and expected manner.
You can run nmap from either Windows CLI or an UNIX/UNIX-like box. |
|
| Back to top |
|
tony
Joined: 15 Feb 2006
Posts: 23
|
| Posted: Wed Feb 15, 2006 8:03 am Post subject: Re: Setting up the "Web Hosting" package. |
|
|
aptitude install webmin
(And when you login at webmin you use it to upgrade itself)
This won't help you with most of your problems, but it is a simple way to deal with firewallrules and a lot of different servers and useraccounts and so on. |
|
| Back to top |
|
stocksy
Joined: 24 Feb 2006
Posts: 6
|
| Posted: Fri Feb 24, 2006 9:40 am Post subject: |
|
|
autodmc wrote: I get these kind of messages that just suddenly dump onto the terminal:
Connection attempt (PRIV): IN=eth0 OUT= MAC=fe:fd:43:12:b0:72:00:02:fc:64:d8:af:08:00 SRC=65.19.178.245 DST=67.18.176.114 LEN=117 TOS=0x00 PREC=0x00 TTL=55 ID=0 DF PROTO=UDP SPT=58866 DPT=161 LEN=97
Connection attempt (PRIV): IN=eth0 OUT= MAC=fe:fd:43:12:b0:72:00:02:fc:64:d8:af:08:00 SRC=65.19.178.245 DST=67.18.176.114 LEN=117 TOS=0x00 PREC=0x00 TTL=55 ID=0 DF PROTO=UDP SPT=58866 DPT=161 LEN=97
Edit /etc/init.d/klogd and replace the line KLOGD="" with KLOGD="-c 5" Then
# /etc/init.d/klogd restart
If it helps, I followed this howto and found it explained things pretty well.
Good luck! |
|
| Back to top |
|
| |
|