Shankar Viswanathan wrote: > Tom Metro wrote: >> Is there a router-oriented distribution built on >> *BSD with a web GUI? > > The two router-oriented distributions that I am aware of are: > pfSense: http://www.pfsense.org/ > m0n0wall: http://m0n0.ch/wall/
Ah, yes, of course. I'm familiar with both. I guess I don't have them filed well in my bookmarks. > A Google search also reveals: > BSD Router Project: http://bsdrp.net/ That one is new to me. http://bsdrp.net/documentation/faq?DokuWiki=9b797219d1cb6398006335f3656e77a2 What's the difference between BSDRP and m0n0wall or pfSense ? The main goal of BSDRP is not firewalling but routing. If you are looking for a firewall, or for sharing your Internet access, don't use BSDRP but use m0n0wall or pfSense instead. BSDRP doesn't have a Web GUI: It's to be configured from a CLI only (like Cisco/Juniper). BSDRP is not intended for home use, but for company use (small ISP for example). So they're aiming to replace "big iron" routers. Can I install BSDRP on a MIPS or ARM device (RouterStation, D-Link, etc..) ? BSDRP targets x86 and sparc64 architectures only. But ZRouter.org targets ARM and MIPS architectures. ZRouter (http://zrouter.org/) is also new to me. The about page doesn't say what the objectives are of the distribution, but does tell the history of how it came to be when the lead developer was working for D-Link Ukraine and decided to apply his embedded knowledge to porting FreeBSD to that hardware. Looks like they support a few D-Link models and the discontinued RouterStation boards. It looks like a pretty small community. There's also the FreeBSD/MIPS Project (http://www.freebsd.org/platforms/mips.html) previously mentioned on this list. But as I said earlier in the thread, the objective is to use something that is preferably open source, but has a substantial community around it, so that security update support is likely to happen, or failing that, a commercial vendor that supports an open source based firmware. This may be possible today with a distribution like pfSense, providing you are willing to run it on x86 hardware. The question is whether ARM will become a first-class architecture for FreeBSD (it has for Debian; per http://www.freebsd.org/releases/8.1R/hardware.html it has not for FreeBSD), whether that will then lead to an ARM version of pfSense, and low-friction flow of security updates from FreeBSD to pfSense. It doesn't look like this will be happening and production ready in the next 12 months. (Unless you know otherwise.) I asked a colleague about this thread topic: >> Do you still feel that FreeBSD provides an objectively better security >> environment? > > nah, I think it's all the same -- for my use the FreeBSD stuff is easy > because I can build and update them as an appliance > > >> Ubiquiti router...running a dressed up version of Debian. > > edgemax is a fork of vyatta (which yes is based on debian). > I use vyatta on some routers (on regular pc hardware); it's pretty good. > > and yes, definitely - having some of these network focused arm systems > coming out is interesting! If the security isn't superior, I'd just as soon stick with the more familiar Debian environment anyway. http://www.vyatta.org/ The free community Vyatta Core software(VC) is an award-winning open source network operating system providing advanced IPv4 and IPv6 routing, stateful firewalling, IPSec and SSL OpenVPN, and more. When you add Vyatta to a standard x86 hardware system, you can create an enterprise grade network appliance that easily scales from DSL to 10Gbps. But they also don't support ARM. A thread from a few years back on the topic: http://www.vyatta.org/node/5160 So it seems like Debian on ARM (without GUI) or the Ubiquiti flavor would be the way to go in the short term. -Tom _______________________________________________ Hardwarehacking mailing list [email protected] http://lists.blu.org/mailman/listinfo/hardwarehacking
