[TriLUG] Best appliance for Linux firewall?
Greg Brown
gwbrown1 at gmail.com
Thu Aug 8 15:27:52 EDT 2013
I've *always* been a huge fan of Soekris hardware and m0n0wall software.
http://soekris.com/ and http://m0n0.ch/wall/. These aren't the least
expensive and you will need at least a Net-4801 (up to 20 meg) and a 5501
if you're into the 30+ range. I don't know what throughput the 5501 range
tops out at but I've tested on my outer banks public networks at 30 meg.
They make a 6xxx series.. no telling how much data you can push through
that because I've never tested one. Anyway, I'm a big fan, but I think I
said that already. I've been running this combination for at least a
decade.
Greg
On Thu, Aug 8, 2013 at 3:12 PM, Ken Mink <ken.mink at gmail.com> wrote:
> On 08/08/2013 09:57 AM, Brian Henning wrote:
>
>> Hi Gang!
>>
>> At home, pretty much all my services and stuff run on a single box, and
>> that
>> box is starting to collapse under the weight. I'm ready to start divvying
>> up functions across discrete devices. First to go is the firewall; not a
>> heavy-hitter, but easy to carve off. So, what do people suggest as the
>> best
>> appliance-form-factor Linux computer? Obviously 2+ NICs is the biggest
>> priority. Here's what I've considered so far:
>>
>> 1) WRT54GL + OpenWRT
>> Pros: Inexpensive, solid
>> Cons: Don't need another WAP
>>
>> 2) Globalscale Mirabox
>> Pros: Fast ARM CPU, could host additional services w/ outboard USB HDD
>> Cons: Globalscale's iffy reputation, relatively unproven product, more
>> expensive, possible to perma-brick
>>
>> 3) ???
>>
>
> I use a SheevaPlug with a cheap USB NIC for the second port. It runs DHCP
> and Bind as well as a home-grown firewall script. It uses an SD card as
> main storage, so you buy what you think you'll need. It's also has a
> built-in JTAG port, so it's difficult to brick.
>
> Ken
>
>
>
>> Enough storage to do traffic monitoring would be a plus as well.
>>
>> Cheers!
>> ~Brian
>>
>> ------------------------------**------------------------
>> Brian Henning, Software Engineer
>>
>> /\ Pine Research Instrumentation
>> //\\ 2741 Campus Walk Ave, Bldg 100
>> ///\\\ Durham, NC 27705
>> ////\\\\ USA
>> ||
>> || phone: 919.782.8320
>> fax: 919.782.8323
>> email: bhenning at pineinst.com
>> ------------------------------**------------------------
>>
>>
>>
>>
>>
> --
> This message was sent to: Greg Brown <gwbrown1 at gmail.com>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that
> address.
> TriLUG mailing list : http://www.trilug.org/mailman/**listinfo/trilug<http://www.trilug.org/mailman/listinfo/trilug>
> Unsubscribe or edit options on the web : http://www.trilug.org/mailman/**
> options/trilug/gwbrown1%**40gmail.com<http://www.trilug.org/mailman/options/trilug/gwbrown1%40gmail.com>
> Welcome to TriLUG: http://trilug.org/welcome
>
More information about the TriLUG
mailing list