AOA Forums

AOA Forums (http://www.aoaforums.com/forum/index.php)
-   OS, Software, Firmware, and BIOS (http://www.aoaforums.com/forum/forumdisplay.php?f=12)
-   -   Linus firewall / router etc.... (http://www.aoaforums.com/forum/showthread.php?t=27623)

jimbobaggies 29th October, 2004 08:11 AM

Linux firewall / router etc....
 
I'm just buying myself a little machine to run as firewall / mail server / print server / router (and possibly other stuff), and Im getting Mandrake 10 to put on it! I have 9.1 & 9.2, but I read that in versions earlier than 10 there are problems with shorewall setup (although I considered using IPCOP).

Anyways, the system is as follows;

ASUS Terminator A7VT DDR barebones system (w/ CD-ROM / Floppy Drive)
AMD Semperon 2200+ 1.5GHz
2*256Mb Crucial PC2700

Got a 20Gb hard disk to start with, will probably use this as dual boot, cause I'm learning networking at the moment, so I will need to load various OS, and I wouldn't mind having a go at Longhorn as well, later I might add a bigger hard disk so I can use it as storage when I expand my home network.

It has on-board LAN, which I will use to connect to my Windoze machine, then I've got an NIC to connect to my Ethernet modem, and I've purchased a KVM 2-Port switch so I can swap between the two boxes.

So, what do you guys think, anything I've forgotten, stuff I need to know, tips with set-up and software, help appreciated!!

Aedan 29th October, 2004 10:29 AM

Remember you should NOT expose any unprotected system to the internet, even during installation. It doesn't take long for a machine to be infected.

Personally, I'm using a mini-ITX board with a 600MHz processor (the slowest I could find!), and with just firewall/DHCP on the machine, I struggle to get the processor load above 2%. This is using OpenBSD rather than Linux however. This whole setup will fit happily in less than 128Mbyte of disk space, and really doesn't need much memory to run.

However, I used FWBuilder to build the ruleset for my OpenBSD firewall. I have a requirement for support for multiple IP addresses, and the OpenBSD firewall (pf) is pretty powerful.

Gizmo 29th October, 2004 03:44 PM

For maximum security, you should make sure that your policy is 'default deny'. In other words, if the firewall hasn't got a specific requirement in its rules to allow the packet, it should drop it.

GrahamGarside 29th October, 2004 07:06 PM

bsd is definately more secure but thats something you can move onto when you have some experience with linux
Are you only conecting the one system to it?
Also that system is quite powerful for those needs, I'm currently setting up my home to share with 2-4 systems and I'm only using a 400mhz celeron with 128mb of ram
even with print/mail/file server tasks that will still be overkill really
a refurbished pc may be a much better option, my celeron only cost me £18 and my switch 50p so I have a 7 port firewall router for less than the cost of an actual 4 port boradband router and much more flexability
if you want a new system then I recomend something like Áedán has done with a mini-itx board, it will use much less power be silent and save you quite a bit

jimbobaggies 29th October, 2004 07:38 PM

I plan on partitioning off the hard drive, and installing stuff like longhorn, and windows server software for playing around, and educational purposes, plus it will be portable if I want to take it anywhere (LAN's for instance), so it will be powerful enough to cope with games.

GrahamGarside 30th October, 2004 12:00 AM

maybe you could consider a refurbished pc as well to be the firewall/router and build the other sytem as a file/media/print server, it would only cost £10-20 for such a system and it could always be on rather than being disrupted when you take it to lans or dual boot


All times are GMT +1. The time now is 02:24 AM.


Copyright ©2001 - 2010, AOA Forums


Search Engine Friendly URLs by vBSEO 3.3.0