Hey guys,

We are looking into getting a proxy server for the web at work due to some complaints about employees browsing facebook, myspace, and some other sites. I wanted to ask your opinions on a good software to run (free or not). Our network is about 60 computers, if that helps. I can do a google search and find plenty of proxy web server software, what I want is the software you have had experience with.

Thanks

it sounds like you need smoothwall (http://smoothwall.org). For that many computers, you'll need a relatively decent CPU and network adapters - smoothwall is web filtering, firewall, proxy. You'll need a dedicated PC with two NICs. But it works WELL, and it is free.

Wow that's huge! The software I've been looking at was about 1mb download and took 7mb ram, but this smoothwall thing looks like it does all I need an then some. Tomorrow I'll look into it more and maybe even begin setting it up to test. Thanks Prime

I think we're going to buy a new server just for it..and there's been mention of putting in one of those VelociRaptor drives :D

Oh and if anyone else has suggestions, I'd like to hear them still.

Smoothwall rocks :) Good luck!

Smoothwall is good stuff Prime; good suggestion.
It was easy enough to install, and I'm still going through some configuration steps right now. It isn't obvious (at least to me) where the option to block specific sites is exactly, so I guess my next step is to register on the smoothwall forum.

Right about now I'm glad I just got finished with a linux class :) without it I would be clueless about editing smoothwall through the unix interface.

WHEN you mention about proxy, firewall, I want a software that keep history of website that surf by my members, if it is bad site, I stop it, please tell what software can perform that works,


thankyou

I believe that Smoothwall does that Blue_Dog. I just remember reading about it, I won't be using it since our firewall already gives us a report like that.

You can do that with smoothwall

So I'm having some troubles with it.
I have two nics, one onboard and one is a pci card.
I believe I set the onboard to green and the pci to red (I might have to double check that).
Green's IP: 192.168.1.17
Red's IP: 192.168.1.201

The setup I'm describing is for testing only, this is not the permanent setup. Basically I set up a test network consisting of a switch, a desktop, and the smoothwall server.

If I plug from the wall into green, and then from red into a switch and from that switch into a desktop, the desktop cannot ping either interface and neither interface can ping the desktop. However, if I plug a different desktop into another wall port I can ping both interfaces and both interfaces can ping the desktop.

If I reverse the connections (wall into red and green into switch) then the situation also reverses: the desktop on the switch can ping both interfaces and vice versa, and the desktop on the other wall port can NOT ping either interface.

So it looks like the problem has something to do with the pci (red) port. It works since it can be pinged (through the green port I guess) but if you ping directly to it the card has no reply.

Any ideas? I imagine a good step might be making sure all of the drivers for the network ports are correct, but I might need a brief walkthrough on how to do that on a basic unix interface like what smoothwall offers.

BTW the machine is a Dell PowerEdge 500SC. The pic nic I put in is a generic intel card. I can get the exact specs on that tomorrow if you need it.

Thanks is advance for any advice :)

So I'm having some troubles with it.
I have two nics, one onboard and one is a pci card.
I believe I set the onboard to green and the pci to red (I might have to double check that).
Green's IP: 192.168.1.17
Red's IP: 192.168.1.201

The setup I'm describing is for testing only, this is not the permanent setup. Basically I set up a test network consisting of a switch, a desktop, and the smoothwall server.

If I plug from the wall into green, and then from red into a switch and from that switch into a desktop, the desktop cannot ping either interface and neither interface can ping the desktop. However, if I plug a different desktop into another wall port I can ping both interfaces and both interfaces can ping the desktop.

If I reverse the connections (wall into red and green into switch) then the situation also reverses: the desktop on the switch can ping both interfaces and vice versa, and the desktop on the other wall port can NOT ping either interface.

So it looks like the problem has something to do with the pci (red) port. It works since it can be pinged (through the green port I guess) but if you ping directly to it the card has no reply.

Any ideas? I imagine a good step might be making sure all of the drivers for the network ports are correct, but I might need a brief walkthrough on how to do that on a basic unix interface like what smoothwall offers.

BTW the machine is a Dell PowerEdge 500SC. The pic nic I put in is a generic intel card. I can get the exact specs on that tomorrow if you need it.

Thanks is advance for any advice :)

Whats your subnet mask set to ?

If its 255.255.255.0 both your networks are in the same network. One of the interfaces must be changed.

Whats your subnet mask set to ?

If its 255.255.255.0 both your networks are in the same network. One of the interfaces must be changed.

Okay, and that is true. I thought about that but I don't know enough about networking/IP stuff to have really been confident. So what do you suggest should be the other subnet? Something like 255.255.255.1 or something like 255.255.0.0? Or does it even matter?

Thanks for the help GrayFox, I'll report back when I give it a try later today.

It could be a driver issue, but if your box is seeing 2 nic's in the configuration settings then it should be fine.
From the box itself can you ping out to the various portions on the network?
Are you sure you are connecting a switch and not a router?
You should be fine with your 255.255.255.0 subnet just make sure that you have your internal routing setup correctly on that box. Furthermore 255.255.255.1 isn't a subnet. If you want to limit it to 1 ip you want 255.255.255.255, though I wouldn't recommend it.

The trick is that your proxy device is setup correctly to forward traffic between the two nics seamlessly and that it's got the correct information built into it so that it knows how to get to the internet.

From the box itself can you ping out to the various portions on the network?
Yes, but only when I plug the onboard port (green/1.17) into the wall. I can ping the smoothwall box from a desktop and I can ping the desktop from the smoothwall box.

Are you sure you are connecting a switch and not a router?
Yes


Today I found out that the nic on the pci slot was getting "unknown" from smoothwall. I installed a different nic and reinstalled smoothwall, and now it sees the nic just fine, so I think I'm okay with drivers now.

Just a note, I changed the ip of the green/onboard interface to 1.38 and the ip of the red/pci card interface to 1.39.

At this point I still had the same problem I described earlier.

I changed the ip of the desktop on the remote switch to 2.201 and the red/pci port on the smoothwall box to 2.39 and to my amazement they could ping each other at last. So the subnet had to be changed.

I still was not at the point where I could ping the smoothwall box through both interfaces. I even went and enabled dhcp on the red interface, and it grabbed an ip, but oddly enough I could not ping the laptop or the domain controller. :confused:

I have no idea what is going on here, but my guess is something is configured on the red interface that I need to change. Any ideas? If I should be taking these questions to the smoothwall forums, let me know; I'm just familiar with icrontic and I always get help here :) so I haven't bothered with the other forum yet.