[TriLUG] Best appliance for Linux firewall?

Kevin Otte nivex at nivex.net
Wed Aug 14 16:52:21 EDT 2013 

Just a heads up on the WNDR3800: I've iperf'd the thing and can only 
crank it up to 160Mbps. If all you're worried about is monitoring 
traffic on the paltry excuse for an Internet connection here in the 
states you're probably OK. If you intend to do any kind of inter-VLAN 
routing within your site with it, you'll hit a bottleneck pretty quickly.

I have not had the pleasure of trying one of these, but I keep hearing 
good things: http://www.ubnt.com/edgemax#edge-router-lite  At that price 
point (US$99) it starts to look quite attractive.

-- Kevin

On 08/08/2013 04:06 PM, Brian Henning wrote:
> Hi Steve,
>
> I spy a USB port on the WNDR3800 as well.  That could prove very
> interesting.  I think I may go that route.  Thanks a lot!
>
> ~Brian
>
> -----Original Message-----
> From: trilug-bounces at trilug.org [mailto:trilug-bounces at trilug.org] On Behalf
> Of Steve Pinkham
> Sent: Thursday, August 08, 2013 10:50 AM
> To: Triangle Linux Users Group General Discussion
> Subject: Re: [TriLUG] Best appliance for Linux firewall?
>
> I would not go with the WRT54GL anymore as it's pretty slow these days
> and doesn't even route fast enough for many home connections. The
> WNDR3800 is well supported by openwrt and one often recommended at the
> moment.
>
> The ALIX line is another one to consider for your use case, or you could
> get one of many small atom computers.
>
>
> On 08/08/2013 09:57 AM, Brian Henning wrote:
>> Hi Gang!
>>
>> At home, pretty much all my services and stuff run on a single box, and
> that
>> box is starting to collapse under the weight.  I'm ready to start divvying
>> up functions across discrete devices.  First to go is the firewall; not a
>> heavy-hitter, but easy to carve off.  So, what do people suggest as the
> best
>> appliance-form-factor Linux computer?  Obviously 2+ NICs is the biggest
>> priority.  Here's what I've considered so far:
>>
>> 1) WRT54GL + OpenWRT
>>    Pros: Inexpensive, solid
>>    Cons: Don't need another WAP
>>
>> 2) Globalscale Mirabox
>>    Pros: Fast ARM CPU, could host additional services w/ outboard USB HDD
>>    Cons: Globalscale's iffy reputation, relatively unproven product, more
>> expensive, possible to perma-brick
>>
>> 3) ???
>>
>> Enough storage to do traffic monitoring would be a plus as well.
>>
>> Cheers!
>> ~Brian
>>
>> ------------------------------------------------------
>>            Brian Henning, Software Engineer
>>
>>      /\    Pine Research Instrumentation
>>     //\\   2741 Campus Walk Ave, Bldg 100
>>    ///\\\  Durham, NC 27705
>>   ////\\\\ USA
>>      ||
>>      ||    phone: 919.782.8320
>>            fax:   919.782.8323
>>            email: bhenning at pineinst.com
>> ------------------------------------------------------
>>
>>
>>
>>
>
>

More information about the TriLUG mailing list