The Galway Home Brewers Club will be having their monthly meeting for the second time in 091 Labs on Wednesday, August 29 at 7pm. Last month’s meet up was a big success, with home brewers flocking from all over Galway to discuss the art of brewing. On display were some wonderful homemade ales, lagers, stouts, pilseners, ciders, wines and meads. Needless to say, we sampled each others’ wares.
The Galway Home Brewers Club is open to everyone interested in brewing, whether you’ve been doing it as long as you can remember or if you’re just curious and looking to start out. The members can offer you some great advice and explain where to begin.
When Aaron, Matthew and I incepted our Linux classes, we did so with a nebulous aim of offering a course of comprehensive beginner material, with our ultimate, nebulous goal being to offer “more advanced stuff”. Well, here we are. I dove into the basics of manipulating the Bash shell, simple scripting, SSH, and confidently administering a headless system as root. In the midst of my preparations for these classes, I had a theatric lightbulb-over-head moment: How hard would it be, really, to turn a desktop into a basic home server? Set aside performance and security concerns for a moment and just consider accessibility and turnaround time to live access on the Internet.
As it turns out, this takes about one hour. Maybe two if you are installing Linux from scratch. All you need to begin is a method to connect your dynamic home IP to a static domain and then a method to remotely access your home server:
Now give DynDNS and ddclient about five minutes (on the safe side) to update. Congratulations, you have a live Internet server for your file-access, media streaming, jerking-around-while-at-work, and general geek needs.
Now, we have a server. Locking down its Internet connection? Mmm, ten minutes. It was actually over an hour for me because I was engrossed in crash-learning netfilter/iptables syntax from scratch.
# Clear all existing iptable rules.
# Drop all incoming, outgoing and forwarded packets.
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
# Permit loopback activity (client and server programs on this machine).
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
# Permit TCP connections to and from this machine on port 22 (SSH).
iptables -A INPUT -p tcp -dport 22 -j ACCEPT
iptables -A OUTPUT -p tcp -sport 22 -j ACCEPT
You’ll eventually need to open up ports for NTP, mail, DNS and others, but really: This is all there is to it. And because I am awesome, I wrote all of this up on Google Docs and made it freely available for download. Any notes suggesting alterations, additions or deletions can be made directly on the document, or by email to me directly.