On Mon, 2011-03-14 at 09:38 -0400, Neo Taoist Techno Pagan wrote:
> It's time to rebuild the firewall since I am still running IPCop stable -
> and no updates since 2008. I have looked at many of the firewall distros and
> have not really found one that I just want to use immediately.
I used to mess with them long ago. I still have a zip disk with a
bootable copy of the old LRP[1] on it with a 2.2 kernel. Back when I
lived in California used that as a load balancing router with 2 SDSL
lines, and a third ADSL for surfing. Can't bring myself to toss out the
old box, p100, ran off ramdisk after booting from zip disk. Originally
used a floppy, but was to difficult to cram everything into 1.44MB.
I gave up on that stuff long ago and just elected to run a full distro.
Its been easier to maintain and keep current, but not as cool. Though
can't really run a full distro on everything. I still find myself at
times using stuff like DD-WRT, Cyanogenmod, etc. Though keeping it all
up to date, secure, etc, can be a pita.
> This is for a home office, nothing too fancy. One thing I think I will need
> since my kids' net usage is becoming more bandwidth-heavy is something that
> will let me limit their bandwidth and have proxy caching to same overall
> bandwidth - plus that should help when I have Windows PCs I need to fix
> since the updates from Microsoft would be cached too.
Something that ships with squid, has it packaged, or similar offerings.
The bandwidth stuff you can do with iptables, and they should make the
necessary kernel modules available. Worse case recompile kernel with
that stuff, etc.
> I have looked at Untangle, Endian, Astaro, Smoothwall, and a few others.
> What would some of you recommend?
Might want to look at OpenWRT. I have seen a number of documents on
running OpenWRT as a Xen domU guest[2]. Back in the day the big ones
were Leaf and Coyote Linux, but there are so many now[3]. Coyote seems
defunct, and leaf inactive.
Seems them being active or not is a primary concern. Maybe second would
be if they support like x86 vs just embedded processors, so you can
install/run on a full system or vm. Then of course your bandwidth
limiting and proxy caching requirements.
1. http://en.wikipedia.org/wiki/Linux_Router_Project
2. http://www.google.com/search?q=openwrt+xen
3. http://en.wikipedia.org/wiki/List_of_router_or_firewall_distributions
--
William L. Thomson Jr.
Obsidian-Studios, Inc.
http://www.obsidian-studios.com
---------------------------------------------------------------------
Archive http://marc.info/?l=jaxlug-list&r=1&w=2
RSS Feed http://www.mail-archive.com/[email protected]/maillist.xml
Unsubscribe [email protected]
