Create a firewall, Load-balancing, traffic control / shaping, web, file server
Hi guys, (this is my first post and hope it is in the most relevant category).
Essentially my problem is this. I have been looking at all the firewall distros that are available and do not believe that any one of them have all the features I need. What I want to do is this...
I have a fairly low grade PC which "importantly" only has space enough for 2 network adapters and I want to turn it into a server for my network. I have two ISPs and a number of users and I want to do the following, (described using some information I have learnt recently, I'm fairly inexperienced):
1) Input to red interface, from switch where both ISP connections are connected. 1.1) This interface needs to support load-balancing across two virtual interfaces going out to two separate ISPs with different metrics/DNS servers etc.
2) Output from green interface to a network switch. single IP seen by our internal network
Inside the box:
3) Proxy server, transparent, with cacheing, I am thinking Squid? any thoughts?
4) Firewall + IP tables, not sure yet? power similar to smoothwall.
4.1) DNS + NTP +DHCP <-- should be simple, I have done this once before, any advice?
5) Webmin, I have used this before, any thoughts with this setup?
Not sure at all about these two...
6) IMPORTANT, block certain internal IPs/MACs accessing certain ports, and or IPs
7) IMPORTANT, limit bandwidth of certain internal IPs/MACs
8) I am thinking also about adding a simple apache web server showing basic status of server for accessing some services on the internal network both externally and internally
9) add a small space on the server to save critical network files sFTP
10) Snort IDS ?
Key note, I don't want to buy any new hardware (both because I am poor and because I am fairly certain what I want can be done with software, It would also be fun to set something like this up for the first time). [note I know you can buy network cards for very little that have more than one physical port but I was hoping that it would not come to that :P THIS WILL BE FUN :D]
Essentially do a little of everything :)
I have done quite a bit of research but this is a massive area and this project is a little over my head. There is a lot of stuff out there. I am not a complete novice but would love if anyone could point me in the right directions/give any advice.
The distribution I have had the most experience with is Debian and I think that it is a good choice for this project?
Stuart (Sorry long post)