Keith Lofstrom wrote:
I have been using an old laptop as my firewall - running SL5
like all my other computers.
I recently purchased an ALIX 2D3 single board computer ( designed
by PC Engines of Switzerland, http://www.pcengines.ch/alix2d3.htm
and sold by netgate.com for $180 with case and power supply).
The board has 3 ethernet ports ( WAN, LAN, DMZ ), 256MB of RAM,
and uses a 500MHz AMD Geode X86-compatible processor with
built-in AES crypto engine (for speeding up VPN links). It uses
a Compact Flash card for "disk" though it also has a header that
can connect to a PATA hard drive. No video display, though there
are USB connectors and a mini-PCI slot on the board where a
display card can be added.
The board draws less than 4 watts operating. So it is about 3X
faster than the old laptop, and 10x less power. Some people are
setting these up with the OpenWRT distro, but that is optimized
for small flash footprint, and has too many bugs IMHO. I tried
that for a few frustrating days, and gave up.
I attached the CF card to a USB adapter, attached that to a
diskless desktop computer, and installed from the SL5 DVD. After
tweaking /etc/fstab , /boot/grub/menu.lst , and /etc/inittab for
a serial console and different drive names, the card booted fine
on the ALIX. I made some flash-friendly changes (noatime, remote
logging, ramdisk /tmp, etc). I also added a rc file to copy the
MAC address of my old WAN connection. I am moving the config
files from the old firewall laptop now, and will deploy soon.
Just a caution.
I don't use IPcop, but I did have a quick look at it, and a friend of
mine likes it.
It's been running from CF for years, there are CF->IDE adaptors around.
Apparently the IPCop folk have some CF-friendly kernel patches it might
be worth checking out for.
--
Cheers
John
-- spambait
1aaaa...@coco.merseine.nu z1aaaa...@coco.merseine.nu
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375
You cannot reply off-list:-)
