I've been using Slackware for many years. It's the best choice for proxy etc. stuff just as you said. You can be sure there aren't any weird startup scripts or "intelligent" auto-detection systems changing your configs between reboots. It's so easy to install and practically just bunch of files put together. There are no package dependencies or "intelligent" package managers telling you that the software you want to install is conflicting with something else. It's so good system that you can use different library versions without breaking the package manager system - obviously because the packages are practically just bunch of files. It's so ingenious.
Unfortunately I'm not using Slackware for the CSS server. It's partly because the CSS server is quite simple system, and partly because Slackware isn't probably easy to set up from remote connection as Debian from clean install. With Debian it's easy to just write "apt-get install foo" and you get somewhat new version of foo. If I were to install real secure and "static" system, I would definitely go for Slackware. Even with my CSS server with web server and mysql I've couple times been puzzled why mysql loses connection - and it's because some weird script somewhere on Debian apparently deletes old "stale" files from /tmp/ every six months or so - removing critical /tmp/mysqld.sock in the process.
Here are couple good tips for resolving network problems. These are something that I've found useful through the times.
Print all network data except SSH:
Code:
tcpdump -n 'port not ssh'
When you're debugging protocols (or just sniffing passwords
), you can boost it with HEX+ASCII dump of packets:
Code:
tcpdump -n -s 0 -XX 'port not ssh'
In this case you might be interested only in UDP traffic to port 27015:
Code:
tcpdump -n 'udp and port 27015'
...or maybe you're interested only about what your server is sending:
Code:
tcpdump -n 'udp and port 27015 and src my-own-server-ip'
Sometimes the server sends data internally to itself, so make sure you sniff interface "lo" if that's the case:
Code:
tcpdump -i lo -n 'udp and port 27015 and src my-own-server-ip'
Here are couple for iptables.
Maybe you want to just log some packet data to syslog and go through the data later (note, it's TCP traffic so it's RCON connections):
Code:
iptables -I INPUT -p tcp --dport 27015 -j LOG
Or maybe you want to create real secure Slackware box like I've done, and use something like this:
Code:
TABLES=/usr/local/sbin/iptables
# log dropped connections chain
$TABLES -N LOGDROP
$TABLES -F LOGDROP
$TABLES -A LOGDROP -j LOG --log-level 5 --log-tcp-sequence --log-tcp-options --log-ip-options
$TABLES -A LOGDROP -j DROP
#... Other rules like BitTorrent (I've got around 15 of these)
$TABLES -A FORWARD -p tcp --dport 6881:6890 -j ACCEPT
# LAST ENTRY
# log+drop everything that doesn't match
$TABLES -A FORWARD -j LOGDROP
Now with this you've got cool system where you allow only those connections that you specify. If there's ever case when somebody tries to connect to port which you haven't allowed, you get log line to /var/log/syslog. Or you could specify to /etc/syslog.conf a line to output the iptables rules to separate /var/log/netfilter log file:
Code:
kern.notice /var/log/netfilter
If you've got physical access to the server, then this is MUST HAVE to syslog.conf. Set this to syslog.conf, restart syslogd and then press ALT-F12 (or CTRL-ALT-F12 from X):
Code:
*.*;mark.none;kern.!=notice /dev/tty12
Another MUST HAVE for all physical access (or maybe even remote) servers is
linux_logo banner utility. I've got
this old logo, but I've modified the letters and dots away from the picture. I had it like that on my first Slackware. It's classic.
I hope you get it from here. PM me if you've got questions about Slackware. I don't think other forum users really know how to appreciate the simplicity of Slackware
.
Here's picture:
![[Image: slacktuxvp8.jpg]](http://img258.imageshack.us/img258/8789/slacktuxvp8.jpg)
![[Image: w300.png]](http://img258.imageshack.us/img258/slacktuxvp8.jpg/1/w300.png)
![[Image: banner.png]](http://css.setti.info/stats/server/78.46.42.232:27015/banner.png)
![[Image: slacktuxvp8.jpg]](http://img258.imageshack.us/my.php?image=slacktuxvp8.jpg)
![[Image: w300.png]](http://g.imageshack.us/img258/slacktuxvp8.jpg/1/)