Virtual OS/2 International Consumer Education
VOICE Home Page:
October 2002

[Newsletter Index]
[Previous Page] [Next Page]
[Feature Index]

How to create your own (small) ISP, in 3 easy (and 57,245 difficult) steps. Part 3

By Michael W. Cocke © October 2002

Part 3: In which we discuss what you do NOT want to do, and how not to do it.

This is NOT a technical step-by-step instruction manual - this is an overview, with assorted advice and some tips and pointers. You are assumed to be familiar with MPTS and TCP/IP.

Ok, you now have all the bits and bytes, er, pieces of a very small ISP in place. I bet you think you're finished. Nope. You'll need to get your system stable and crashproof.

First of all, if you've been putting all of this stuff in your startup folder, and it's worked OK so far, you've been lucky. The issue here is 'raceway', and it's pretty simple to understand. The startup folder starts everything at once in separate threads. What you've built here, on the other hand, needs to be done in a certain order or it won't work right.

Here's my startup.cmd file, with some annotations.

@if errorlevel 2 C:\IBMLAN\NETPROG\lserr.exe

call delay 3
start /min fxkernel
start /min dbserv -s:default.db
start /min portserv -s:default.db
call delay 2
start /min icgui

REM Start up Injoy Connect first, or it seems to have some problems starting at all.

start /min cron2

REM I use and recommend, available on hobbes. Exactly what I use CRON
REM for is outside the scope of this document, although if you poke around
REM for a little while, you can probably figure it out.

start /min timekeep

REM I use Timekeeper/2, available from BMT Micro, to keep the system clocks on
REM all of my servers synchronized. You'll understand why when your system clock
REM starts to wander, and you wind up running reindexes on one server while the other
REM server has the files you're trying to reindex open.

cd \firewall
start /min gateway
cd \

REM I recommend using the text mode firewall interface after you've fooled around
REM with the pretty graphics for a while. Those graphics take a lot more horsepower
REM than it appears. You can use that processor power in other places, believe me.

cd \weasel
start /min weasel

cd \apache
start /c /min httpd
cd \

REM I had some problems with CGI scripts when I didn't start Apache with the /C option.
REM I don't understand it, but that doesn't mean it's not a good idea.


You'll also want/need to make some changes to your config.sys file. These are in no particular order. Some of these lines will be new, and others changes to existing lines.

SWAPPATH=C:\OS2\SYSTEM 20480 20480
SET restartobjects=startupfoldersonly
set emxopt=-h1024

Last, but certainly not least, let me mention system security. This is a very complex subject, but I can (and will) offer a few very basic pointers. First, when you think you have everything set up, go to the Gibson Research web site and have your shields tested and ports scanned. If you've got anything (especially NETBIOS) exposed that you don't know about, this will tell you that you have a problem. Another good idea is to periodically check the Apache mailing list, to see if any particular security issues have arisen. You may also want to remember to change your telnet and ftp passwords periodically. I haven't even scratched the surface of this subject, but I hope that at least I've reminded you that it exists. 

Now, let me mention a few other things that I haven't mentioned yet. A news server - I've configured changi, and it works well. HOWEVER (you knew this was coming, didn't you?) keep your bandwidth firmly in mind. At this point, a normal impulse would be to say "what else can I hang on this system?" Let me tell you, catherders averages a good many thousands of hits per day, plus it's my email server and dial-in port. If I added everything that I could, how much bandwidth would be left? Right. A (nominally) complete news feed will consume an entire T1 line right now, and news volume is NOT decreasing. Job it out. There's a discussion of some of the alternatives available on catherders, in 'Mike's notebook'.

A DNS (Domain Name Server). This is on my list of things to do someday, but I'm generally acknowledged to be a lunatic. Tell you what: download BIND from hobbes and pick up a copy of the O'Reilly book "DNS and BIND". Look through it. Now tell me, with a straight face, that you really want to set up a DNS. Unless you do this stuff for a living (like I do), you really don't want to get involved with BIND. Even if you DO do this for a living, you probably want to avoid this.

That's about it. In closing, let me say this: much of the software that I've mentioned in this document is commercial and/or shareware. PLEASE register and/or purchase software that you use.
If no one pays for the stuff, pretty soon it won't be available. As for the freeware, open source ware, and other ware: I'd like to thank the authors for making it available, and so should you.

If you are associated with any of the companies or people who produce any of the software that I've mentioned and disagree with my views, please feel free to email me. This document is based on personal experience - what I said happened, happened. I have detailed what worked for me and, in some cases, what didn't. I'm always willing to learn, and usually willing to help debug (my time is limited).


Other links referenced:
  Apache for OS/2 -
  Weasel SMTP/Pop3 server -
  FX Communications - Injoy Firewall/Injoy Connect -
  Timekeeper/2 - -
  Bind -
  Mike's Notebook -

Mike's Notebook - web site contains an assortment of frequently updated articles and tips for OS/2 users.

[Feature Index]
[Previous Page] [Newsletter Index] [Next Page]
VOICE Home Page: