On 14 September 2011 16:51, Ian Park <i.d.c.p...@ntlworld.com> wrote: > On 14/09/11 16:33, WESEMEYER STEPHEN wrote: >> Hi Ian, >> >> >> On 14 September 2011 15:09, Ian Park <i.d.c.p...@ntlworld.com >> <mailto:i.d.c.p...@ntlworld.com>> wrote: >> >> I've been running firewall distributions for a good few years now on an >> old Compaq low profile box (Pentium III, 500 MHz) which I bought from >> Jamie's. I started with Smoothwall v2.0, and added extra RAM when I >> upgraded to Smoothwall v3.0; it now has 512MB RAM and a 6.3GB HDD. >> <snip> >> Can anyone suggest an alternative route to where I want to be (i.e. the >> equivalent of IPCop with red, green and blue interfaces), please? I >> suppose in the end I could just stick a wired network card in the IPCop >> box and hook up to an external wireless access point, but that would >> mean using another power socket, and I already use about 18 in this >> room... >> >> Thanks in advance for any help >> >> Ian >> >> >> >> I haven't used it at all and hence don't know whether it is any good but >> have you looked at: >> >> http://www.ipfire.org >> >> which, I believe, is a fork IPCop and according to >> >> http://www.ipfire.org/about (click on firewall tab) >> >> supports what you want. Furthermore, it looks as if it gets updated >> regularly (unlike IPCop): >> >> http://downloads.ipfire.org/older >> >> >> Cheers, >> Steve >> >>
You could try to put some partial netboot method. I.e. Boots the kernel locally, but all the filesystem is loaded across the network. In this way, you can switch between configs very quickly. I used to work with a firewall provider where the firewall was a simple device, where you could not even log into it to make any configuration changes. It would not even respond to ARP. It was very nice indead. It worked by booting a small image, and this would then contact another management device on the network. It would then download its config from the management device.It was nice because you could place these firewall devices all over your network, and they would automatically boot up and work. It was extremely difficult to hack these devices because they litterally had zero ports open. -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --------------------------------------------------------------
