Re: [Soekris] Want to build a router
Been spending the afternoon reading about PF, it's really grabbed my attention! I think I'm going to play with this some more this weekend, looks extremely robust. I also found NSH on the flashdist site that was mentioned earlier, that looks pretty good as well. On Fri, May 23, 2008 at 3:15 PM, Chris Babcock <[EMAIL PROTECTED]> wrote: > Stephen Brown Jr wrote: > > > You may find that you prefer one of the BSDs. > > > > I was just sitting here playing with OpenBSD and it's been a hair > > raising experience so far :/ > > > > I set up a basic install in Vmware and the install was a little tricky, > > but I managed to get it. OpenBSD may be a little more for me to swallow > > right now as I'm only familiar with linux, but I'm not going to give up > > just yet. > > > > Does OpenBSD use iptables just like linux for packet filtering? Are > > there any good front ends for it? (I really like Firehol, Shorewall, or > > a web based frontend) > > > > Nope, OpenBSD uses a system called pf. You should be able to find some > pretty good documentation out there on setting it up. I'm not sure > about good GUIs for it, but in my experience it has far more readable > syntax than iptables. You may not need a GUI or wrapper once you get > familiar with the syntax. Also, you may want to read a bit about > "IPFilter" which is the system used by FreeBSD/NetBSD. There are a lot > of similarities between pf and IPFilter, and many of the same concepts > are applicable to both. > > An example page for pf can be found here: > http://www.openbsd.org/faq/pf/example1.html > ___ > Soekris-tech mailing list > Soekris-tech@lists.soekris.com > http://lists.soekris.com/mailman/listinfo/soekris-tech > ___ Soekris-tech mailing list Soekris-tech@lists.soekris.com http://lists.soekris.com/mailman/listinfo/soekris-tech
Re: [Soekris] Want to build a router
> You may find that you prefer one of the BSDs. I was just sitting here playing with OpenBSD and it's been a hair raising experience so far :/ I set up a basic install in Vmware and the install was a little tricky, but I managed to get it. OpenBSD may be a little more for me to swallow right now as I'm only familiar with linux, but I'm not going to give up just yet. Does OpenBSD use iptables just like linux for packet filtering? Are there any good front ends for it? (I really like Firehol, Shorewall, or a web based frontend) On Fri, May 23, 2008 at 12:32 PM, Chris Babcock <[EMAIL PROTECTED]> wrote: > Stephen Brown Jr wrote: > > Wow some awesome responses!!! Thanks guys! > > > > Seems like the consensus says that the 4801 is an obvious choice for me, > > I may focus my sights on that. Still not sure what firewall solution I > > am going to use yet, I'll admit I'm a little Debian biased, but playing > > with BSD may be advantageous as well seeing as how both my desktop and > > laptop are Mac's :) > > > If you like Debian, then try Debian on it. The "stable" version usually > works pretty well on router class devices, but you will want to build a > (newer) custom kernel with explicit support for the hardware of the 4801 > or 5501. Most stability issues people have with Debian (and other Linux > for that matter) are a direct result of _kernel_ version and settings. > I usually avoid putting Ubuntu on Soekris devices, because it is heavier > than a plain Debian install. > > Once you have the dhcp & tftp stuff working to do an install, playing > around with OpenBSD and FreeBSD on Soekris is fun and fairly easy. So, > if you are thinking about trying either of them, you may as well. You > may find that you prefer one of the BSDs. > ___ > Soekris-tech mailing list > Soekris-tech@lists.soekris.com > http://lists.soekris.com/mailman/listinfo/soekris-tech > ___ Soekris-tech mailing list Soekris-tech@lists.soekris.com http://lists.soekris.com/mailman/listinfo/soekris-tech
Re: [Soekris] Want to build a router
I saw that the other day, at least they fixed it quickly :D On Fri, May 23, 2008 at 9:06 AM, Trevor Talbot <[EMAIL PROTECTED]> wrote: > On May 23, 2008, at 5:43 AM, Marc Balmer wrote: > > If you go with Debian, don't use the latest version, the latest versions >> of any software are usually not so stable. I suggest take a Debian from >> like mid-2007 or early-2008. >> >> oh, and use ssh and certificates to secure your communications... >> ssh-keygen on your Debian will happily create your "security" certs. >> > > Cheap shot :) http://www.debian.org/security/2008/dsa-1571 > > ___ Soekris-tech mailing list Soekris-tech@lists.soekris.com http://lists.soekris.com/mailman/listinfo/soekris-tech
Re: [Soekris] Want to build a router
Wow some awesome responses!!! Thanks guys! Seems like the consensus says that the 4801 is an obvious choice for me, I may focus my sights on that. Still not sure what firewall solution I am going to use yet, I'll admit I'm a little Debian biased, but playing with BSD may be advantageous as well seeing as how both my desktop and laptop are Mac's :) Thanks to everyone that responded, I'm going to start shopping for a Net4801 and hope to get one soon. I'll undoubtedly have some more questions as time marches on! Thanks all, Stephen On Fri, May 23, 2008 at 4:30 AM, Adam Retter <[EMAIL PROTECTED]> wrote: > Hi Stephen, > > I was in the same situation as you previously a few years ago. I > bought a net4801 and have found it more than powerfull enough for my > 20mbit internet cable connection, it also has a Wirlesless Atheos card > in it and so acts as the WAP as well. Whilst I had previously a good > knowledge of Linux and FreeBSD, I decided to go for OpenBSD becuase of > its security standpoint, I really believe it is the best option for > this application. > > Otherwise if you want something like Smoothwall, you may want to take > a look at M0n0wall, which is based on FreeBSD but uses the same packet > filter (Firewall) application as OpenBSD which is very well respected. > > I am very impresed with both the net4801 and OpenBSD as a combination > and would happily recommend it to anyone else, with a bit of Googling > it is very easy to get started and get OpenBSD installed on a Soekris. > > Thanks Adam. > > On Thu, May 22, 2008 at 9:08 PM, Stephen Brown Jr > <[EMAIL PROTECTED]> wrote: > > I'm new to this platform, and embedded computing as well and I want to > build > > a router for my home network. Right now I'm using Smoothwall on an old > > Gateway system. > > > > I'd like to stay with that, or maybe try pfsense or possibly roll my own > > using Debian. I run a small network with about 3-5 machines which > includes a > > webserver, an iMac, two laptops, and another linux desktop. > > > > I also have a dedicated switch and WAP. Based on my needs, what would be > the > > best Soekris solution to get? I'm interested in the Net5501 but I feel it > > might be slightly overkill for what I need and it is a bit pricey > > > > Also, are there any guides out there on setting up linux, pfsense, or > > smoothwall on these devices? > > > > tnx > > Stephen > > > > > > ___ > > Soekris-tech mailing list > > Soekris-tech@lists.soekris.com > > http://lists.soekris.com/mailman/listinfo/soekris-tech > > > > > > > > -- > Adam Retter > > Software Pimp Extraordinaire > ___ Soekris-tech mailing list Soekris-tech@lists.soekris.com http://lists.soekris.com/mailman/listinfo/soekris-tech
Re: [Soekris] Want to build a router
Well I'm looking to get away from my old PC and jump into an embedded platform because I think it will be challenging, fun and educational while fullfilling a need at the same time, and I already have a dedicated switch so the 4 port card wouldn't help me. I have been running Smoothwall for a couple of years now with no hiccups, but would really like to try out building my own. The Net5501 looks like a nice platform, but it's not cheap and I want to justify the costs, not sure if I would take full advantage of all it's capabilities. [EMAIL PROTECTED] wrote: > On Thu, May 22, 2008 at 04:08:40PM -0400, Stephen Brown Jr wrote: > >> I'm new to this platform, and embedded computing as well and I want to build >> a router for my home network. Right now I'm using Smoothwall on an old >> Gateway system. >> >> I'd like to stay with that, or maybe try pfsense or possibly roll my own >> using Debian. I run a small network with about 3-5 machines which includes a >> webserver, an iMac, two laptops, and another linux desktop. >> >> I also have a dedicated switch and WAP. Based on my needs, what would be the >> best Soekris solution to get? I'm interested in the Net5501 but I feel it >> might be slightly overkill for what I need and it is a bit pricey >> >> Also, are there any guides out there on setting up linux, pfsense, or >> smoothwall on these devices? >> >> tnx >> > > Have you thought about getting a Soekris 4-port lan card, plugging it > into your old computer and running pf on OpenBSD as your > router/firewall? > >> Stephen >> > > >> ___ >> Soekris-tech mailing list >> Soekris-tech@lists.soekris.com >> http://lists.soekris.com/mailman/listinfo/soekris-tech >> > > ___ Soekris-tech mailing list Soekris-tech@lists.soekris.com http://lists.soekris.com/mailman/listinfo/soekris-tech
[Soekris] Want to build a router
I'm new to this platform, and embedded computing as well and I want to build a router for my home network. Right now I'm using Smoothwall on an old Gateway system. I'd like to stay with that, or maybe try pfsense or possibly roll my own using Debian. I run a small network with about 3-5 machines which includes a webserver, an iMac, two laptops, and another linux desktop. I also have a dedicated switch and WAP. Based on my needs, what would be the best Soekris solution to get? I'm interested in the Net5501 but I feel it might be slightly overkill for what I need and it is a bit pricey Also, are there any guides out there on setting up linux, pfsense, or smoothwall on these devices? tnx Stephen ___ Soekris-tech mailing list Soekris-tech@lists.soekris.com http://lists.soekris.com/mailman/listinfo/soekris-tech
