# Gentoo Router Suggestions Needed

## lordbelial

I'm in the process of building a Gentoo router box. I'm looking for cool extra things I do with it. Besides the basic router functions I'm going to install squid for a web cache. The router is only going to be for 4 people, so something like squid won't really help that much but its something cool I want to learn how to use. Are there any other programs or tweaks that even if not practical would be cool to include?

P.S. No SMTP/Mail servers. We all use GMail and don't really have a use for it.

----------

## adaptr

- groupware, like phpgroupware, for calenders and stuff

- cacti, mrtg, ntop, nagios and other system analysers

- samba, to share those essential mp3's

- might as well go the whole hog and install icecast and stream the buggers to your LAN.

- vnc to see each other's desktops and the routers'''s's

- h.323 gateway to phone home in digital form

The list is pretty endless...

----------

## Regor

Other things I'd put on there:

1. dhcp server so other machines can automatically get network config.

2. Caching dns server (I use pdnsd).

3. ntpd as a server so other machines in the network refer to it for time rather than having to all go out to the world.

4. If you've got more than one Gentoo box on your network, running an rsync server is a good idea too that way you only have to hit the gentoo servers once to update them all.

5. I'd also share distfiles over nfs so that you don't need to waste filespace on multiple machines.

----------

## Cocker68

dnsmasq is able to do both: caching DNS and DHCP.Once You have squid running, I would make it transparent (see http://en.tldp.org/HOWTO/TransparentProxy.html)get a dyndns-address and use ddclient to update itthis enables You to run Your apache and Your users can create their own home-pagesinstall mldonkey and Your users can remote-control it via its web-interfaceNFS-share the router's /usr/portage, so emerges stress the gentoo-servers only once per sync and per package (already mentioned) ...- Cocker :wq

----------

## adaptr

 *Quote:*   

> NFS-share the router's /usr/portage

 

You can't - the packages are machine-specific.

----------

## lordbelial

Thanks for all the great tips. I have alot of stuff I want to add to the server now. Now to just find the money for it.   :Sad: 

----------

## slimak

thx for the ideas if you have more please post them. i will install a miniserver as lordbelial do but it will by only for me. i wan't on it mascarade, ftp, www+php and... and i somthing more like maybe something you will post   :Twisted Evil: 

----------

## jevidl

After reading this thread I was a little worried about putting Apache/mysql/php, and an ftp server on the router. Am I just bein' paranoid?

----------

## lordbelial

Paranoid? I'd say yes. If my router got hacked or even my desktop computer I wouldnât care. Theyâre not going to find anything useful. I'm poor so there not going to find anything financial and I got a safe to keep personal stuff. I think 99% of people who get "hacked" is by someone who is looking through a random computer and not really interested in what they might have.

And as for the post you pointed out. He wasn't exactly security minded. As long as basic security is used, you'll keep 90% of "hackers" *cough* script kiddies *cough* out of your system.

----------

## monkey89

 *adaptr wrote:*   

>  *Quote:*   NFS-share the router's /usr/portage 
> 
> You can't - the packages are machine-specific.

 

Huh?  Isn't /usr/portage just the tree, which is identical across all architechures and computers?

----------

## Cocker68

 *monkey89 wrote:*   

> Huh?  Isn't /usr/portage just the tree, which is identical across all architechures and computers?

 Yes of course.  The only thing while NFS-sharing You have to take care of, is not to have more than one machine accessing it in a writing way.

- Cocker :wq

----------

## adaptr

 *monkey89 wrote:*   

>  *adaptr wrote:*    *Quote:*   NFS-share the router's /usr/portage 
> 
> You can't - the packages are machine-specific. 
> 
> Huh?  Isn't /usr/portage just the tree, which is identical across all architechures and computers?

 

No, any binary packages created (which would be the real timesaver) are stored in /usr/portage/packages.

These can only be used on identical hardware.

----------

## chunderbunny

You could always mount /usr/portage over nfs and then mount /usr/portage/packages locally.

----------

## yodi

could just mount his distfiles directory as all packages / work done is done in the portage tempory  directory. =) This would save time downloading packages to all workstations. 

Yet if squid is working in cache mode and portage downloads through squid, won't the packeage downloaded already be in the cache and thus the time saved through a sync wouldn't be worth the hassle of setting up a share?

----------

## EvaSDK

hum just to mention that make.conf can be configure to avoid that binary packages goes into  /usr/portage/packages.

You can set the packages dir to /var/tmp/packages which works fine for me on 5 box for 6 months

----------

## adaptr

 *yodi wrote:*   

> Yet if squid is working in cache mode and portage downloads through squid, won't the packeage downloaded already be in the cache and thus the time saved through a sync wouldn't be worth the hassle of setting up a share?

 

Sure, except that Squid by default only caches objects under 4MB.

So all the interesting source packages (i.e. those of 5MB or over) don't get cached.

And you really don't want to configure Squid to cache everything - there is a reason for the object size limit!

A local mirror shared over SMB or NFS will do fine.

----------

