[TriLUG] Best appliance for Linux firewall?

Magnus magnus at trilug.org
Sat Aug 10 22:36:03 EDT 2013


Raspberry Pi with 1 on-board NIC, use a managed switch, and use 802.1q VLAN tagging will do it. USB WiFi if you need that. Talk about low power and zero noise! And it runs Debian. I'm half tempted to shut my Raspberry Pi down and plug it into the Kill-A-Watt to show what a low amount of current it draws.

Cisco has consumer level switches now that support 802.1q very well. I have their SG 300-10 at home and it works fine.

-M

On Aug 10, 2013, at 12:05 PM, Sean Alexandre <sean at alexan.org> wrote:

> On Thu, Aug 08, 2013 at 09:57:07AM -0400, Brian Henning wrote:
>> Hi Gang!
>> 
>> At home, pretty much all my services and stuff run on a single box, and that
>> box is starting to collapse under the weight.  I'm ready to start divvying
>> up functions across discrete devices.  First to go is the firewall; not a
>> heavy-hitter, but easy to carve off.  So, what do people suggest as the best
>> appliance-form-factor Linux computer?  Obviously 2+ NICs is the biggest
>> priority.  
> 
> I've been experimenting with this. I haven't found my ideal setup yet, though.
> Right now I'm running an Intel Atom box (2 cores) with 2 NICs on board, and
> a PCI card with 2 more NICs (for a WAN, LAN, and DMZ.) It's more than powerful
> enough, but consumes about 100w of power. I'd like to find something smaller,
> that uses more like 30w (similar to a small home router.) 
> 
> Ideally I'd like to find a box that:
> * Runs Debian with no binary blobs.
> * Has 3 NICs
> * Wireless
> * Low power
> * Low noise (no fans)
> 
> The MiraBox looks interesting, but I haven't looked at it too closely yet:
> https://www.globalscaletechnologies.com/p-58-mirabox-development-kit.aspx
> 
> Specs are:
> 1.2Ghz Marvell Armada CPU ARMADA 370 ARM v7 compliant
> 802.11b/g/n Wifi with Marvell 88W8787 and Bluetooth 3.0
> 1GB DDR3
> 1 GB NAND Flash
> 2 each 10/100/1000 Ethernet Ports
> 2 each USB 3.0 host
> 1 microsd card slot/reader, 1 additional Mini PCIe slot for expansion (internal)
> 
> I'd want to know if the Marvell wireless runs without binary blobs. If not,
> ThinkPenguin sells cards that run all free drivers:
> https://www.thinkpenguin.com/catalog/wireless-networking-gnulinux
> 
> -- 
> This message was sent to: Magnus <magnus at trilug.org>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that address.
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web	: http://www.trilug.org/mailman/options/trilug/magnus%40trilug.org
> Welcome to TriLUG: http://trilug.org/welcome



More information about the TriLUG mailing list