Question Linux dhcp, firewall and mail server on the same box, simplest combination?

PB97 · Jun 8, 2023

I'm looking to set up a Linux based dchp, mail server and firewall under "less than ideal" circumstances, including a budget that is effectively zero, and the stipulation that everything be handled on a single server that is little more than a repurposed desktop pc.

I've considered multiple options to put these on different boxes, including the availability of actual space to put them and cables to connect them, and this what I need. Even if it's not the best idea.

Could someone please recommend an open source solution that's easy to install and maintain as my experience is mainly with exchange and the system will be used by people with near enough zero Linux experience.

It's for a small network that has about 20 mixed device on it, half wired, half wireless with data stored on a synology nas which is too old and slow to cope with dhcp and mail any more (and is no longer receiving security updates). I need only basic features, simplicity and low system requirements are a priority. Internet is provided by a virgin media connection, wireless by two draytek AP currently with their dhcp turned off as they only have a very basic set of functions and lack the granularity required.

The ability to release or re assign ip addresses manually is important, as the network will be used to setup all sorts of smart home devices that needs to operate on a limited address range, the smtp server will be used to setup the email facilities on these devices rather than for actual emails between people. The firewall will be used to determine what is going out or coming in to the home automation devices, on top of an existing install of wireshark.

Does anyone have any recommendations?

ex_bubblehead · Jun 10, 2023

We'll start with the firewall. The firewall should NEVER run on the same hardware as everything else, it requires it's own dedicated hardware for security reasons. That said, there are a multitude of firewall distributions out there.

This is just a sample of what's available:

List of router and firewall distributions - Wikipedia

en.wikipedia.org

There's also no need to run a separate SMTP server if you already have a working email system.

This leaves DHCP. You've already indicated that you have at least one device that can provide DHCP and that the service has been disabled. Just enable that service and configure to suit your needs.

Basically, use your hardware for the firewall and use what already exists for services for everything else. You're needlessly complicating things.

USAFRet · Jun 10, 2023

ex_bubblehead said:
The firewall should NEVER run on the same hardware as everything else, it requires it's own dedicated hardware for security reasons.

This x10000

PB97 · Jun 10, 2023

ex_bubblehead said:
We'll start with the firewall. The firewall should NEVER run on the same hardware as everything else, it requires it's own dedicated hardware for security reasons. That said, there are a multitude of firewall distributions out there.

This is just a sample of what's available:

List of router and firewall distributions - Wikipedia

en.wikipedia.org

There's also no need to run a separate SMTP server if you already have a working email system.

This leaves DHCP. You've already indicated that you have at least one device that can provide DHCP and that the service has been disabled. Just enable that service and configure to suit your needs.

Basically, use your hardware for the firewall and use what already exists for services for everything else. You're needlessly complicating things.

With all due respect, could I please could I just have an answer rather than a lecture.

I've already all of that that into considerations.

The firewall is inside an existing network and is being used for device setup rather than as a gateway.

The email server is insufficient for current needs. It's on an old NAS and the software is no longer supported so it's stopped receiving security updates and isn't powerful enough to run a modern anti-virus.

The DCHP on the AP lack the level of granularity required.

I need a single box solution that has a DHCP, Firewall and email server that can all run together on the same machine.

PB97 · Jun 10, 2023

USAFRet said:
This x10000

Only if it's on your gateway.

As stated above, this firewall is being inside a existing network, its just for use with devices being set up.

ex_bubblehead · Jun 10, 2023

PB97 said:
With all due respect, could I please could I just have an answer rather than a lecture.

I've already all of that that into considerations.

The firewall is inside an existing network and is being used for device setup rather than as a gateway.

The email server is insufficient for current needs. It's on an old NAS and the software is no longer supported so it's stopped receiving security updates and isn't powerful enough to run a modern anti-virus.

The DCHP on the AP lack the level of granularity required.

I need a single box solution that has a DHCP, Firewall and email server that can all run together on the same machine.

As you don't want to listen to 2 very experienced individuals, I wish you luck. I'm out.

PB97 · Jun 11, 2023

I'm a trained and experienced system administrator, but my background is in MS, not Linux.

I came here with a specific question and a specific set of requirements, and - again with all due respect - I had two people come along and tell me extremely obvious things that you could find out simply by Googling, and a link to a Wikipedia page that you could also have found by Googling.

I don't want to get off on the wrong foot, but neither of those comments helped me in the slightest, yes, there's a link to a wiki, but no guidance. Do any of those packages meet my needs, are any recommended for which to try or which to avoid?

I came here for help from people with more experience, and so far nobody has even asked obvious questions like what hardware am I running, or if I've even picked my Linux distro yet.

USAFRet · Jun 11, 2023

pfSense for the firewall.
Any standard Linux distro for the DHCP and mail server.

Obviously, that should be at least 2 different physical boxes.
But you coiuld, in theory, do it with VMs.

Or, a dedicated NAS box from QNAP or Synology.
That would also do these functiions in one small box.

PB97 · Jun 11, 2023

USAFRet said:
pfSense for the firewall.
Any standard Linux distro for the DHCP and mail server.

Obviously, that should be at least 2 different physical boxes.
But you coiuld, in theory, do it with VMs.

Or, a dedicated NAS box from QNAP or Synology.
That would also do these functiions in one small box.

These functions are already being performed by a single aging synology NAS that also handles all of the normal duties of a NAS. It's too old, too slow, and the software isn't supported any more so there are no more security updates.

In an ideal world I'd have a rack mounted server with separate hardware for each function running in a VM.

Being realistic, NAS boxes tend to perform all of these functions in a significant percentage of cases.

USAFRet · Jun 11, 2023

PB97 said:
These functions are already being performed by a single aging synology NAS that also handles all of the normal duties of a NAS. It's too old, too slow, and the software isn't supported any more so there are no more security updates.

In an ideal world I'd have a rack mounted server with separate hardware for each function running in a VM.

Being realistic, NAS boxes tend to perform all of these functions in a significant percentage of cases.

So then why not just a current model Synology or QNAP, to replace the ancient one?

PB97 · Jun 11, 2023

OK, I understand that you're trying to be helpful, but I would appreciate it if you could help with the original question that I asked, and not look for alternatives.

As was stated in the original question, there is a stipulation that this be done on existing hardware.

USAFRet · Jun 11, 2023

PB97 said:
OK, I understand that you're trying to be helpful, but I would appreciate it if you could help with the original question that I asked, and not look for alternatives.

As was stated in the original question, there is a stipulation that this be done on existing hardware.

Ubuntu Server.

Firewall

Security - Firewall | Ubuntu

Ubuntu is an open source software operating system that runs from the desktop, to the cloud, to all your internet connected things.

ubuntu.com

Mail

Email Services | Ubuntu

Ubuntu is an open source software operating system that runs from the desktop, to the cloud, to all your internet connected things.

ubuntu.com

DHCP

Dynamic Host Configuration Protocol (DHCP) | Ubuntu

Ubuntu is an open source software operating system that runs from the desktop, to the cloud, to all your internet connected things.

ubuntu.com

All in one box, on whatever this unknown hardware is.

Good luck.

PB97 · Jun 11, 2023

Thankyou.

Search

Question Linux dhcp, firewall and mail server on the same box, simplest combination?

PB97

ex_bubblehead

Titan

List of router and firewall distributions - Wikipedia

USAFRet

Titan

PB97

List of router and firewall distributions - Wikipedia

PB97

ex_bubblehead

Titan

PB97

USAFRet

Titan

PB97

USAFRet

Titan

PB97

USAFRet

Titan

Security - Firewall | Ubuntu

Email Services | Ubuntu

Dynamic Host Configuration Protocol (DHCP) | Ubuntu

PB97

TRENDING THREADS

Latest posts

Moderators online

Share this page