[Cialug] firewall / router recommendation

Gavin Campbell gcampbell at internetsolver.com
Wed Jul 18 08:04:49 CDT 2012 

I'll second pfsense, it does a great job.

-----Original Message-----
From: cialug-bounces at cialug.org [mailto:cialug-bounces at cialug.org] On Behalf Of Sean Flattery
Sent: Tuesday, July 17, 2012 6:59 PM
To: cialug at cialug.org
Subject: [Cialug] firewall / router recommendation

I'd second the pfSense recommendation. They have plug in modules like snort and I've used them at several different locations. Also Aastaro has a free software version of their security gateway that will do virus scanning of your traffic that I've been meaning to try out.
On Jul 18, 2012 7:46 AM, <cialug-request at cialug.org> wrote:

> Send Cialug mailing list submissions to
>         cialug at cialug.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         http://cialug.org/mailman/listinfo/cialug
> or, via email, send a message with subject or body 'help' to
>         cialug-request at cialug.org
>
> You can reach the person managing the list at
>         cialug-owner at cialug.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Cialug digest..."
>
>
> Today's Topics:
>
>    1. firewall / router recommendations (ng0g at mchsi.com)
>    2. Re: firewall / router recommendations (Nicolai)
>    3. Re: firewall / router recommendations (Nathan C. Smith)
>    4. Re: firewall / router recommendations (Gavin Campbell)
>    5. Re: NAS Boxen (Theron Conrey)
>    6. Re: firewall / router recommendations (David Champion)
>    7. Re: firewall / router recommendations (Matthew Nuzum)
>    8. Re: firewall / router recommendations (Nicolai)
>    9. Re: firewall / router recommendations (David Bierce)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Tue, 17 Jul 2012 15:09:19 -0500 (CDT)
> From: ng0g at mchsi.com
> To: Central Iowa Linux <cialug at cialug.org>
> Subject: [Cialug] firewall / router recommendations
> Message-ID:
>
> <648757140.15183301342555758870.JavaMail.root at dsmdc-mail-mbs15>
> Content-Type: text/plain; charset=utf-8
>
> CIALUG,
>
> I am thinking seriously of replacing my aging home Linksys
> firewall/router, and looking for recommendations.  I don't need
> wireless as I have shielded cat5 running everywhere, even out to my
> garage.  Although I don't care if what ever I get has it as long as I can turn it off.
>
> Steve
>
> Steve Hawkins NG0G
> 73 49 111 01001001
>
>
> ------------------------------
>
> Message: 2
> Date: Tue, 17 Jul 2012 15:20:34 -0500
> From: Nicolai <nicolai-cialug at chocolatine.org>
> To: Central Iowa Linux Users Group <cialug at cialug.org>
> Subject: Re: [Cialug] firewall / router recommendations
> Message-ID: <20120717202034.GA23243 at vectra.student.iastate.edu>
> Content-Type: text/plain; charset=us-ascii
>
> On Tue, Jul 17, 2012 at 03:09:19PM -0500, ng0g at mchsi.com wrote:
> > CIALUG,
> >
> > I am thinking seriously of replacing my aging home Linksys
> > firewall/router, and looking for recommendations.  I don't need
> > wireless as I have shielded cat5 running everywhere, even out to my garage.
> > Although I don't care if what ever I get has it as long as I can
> > turn it off.
>
> Get an ALIX or Soekris and run your own preferred OS on it configured
> exactly as you like.  Better end product and higher satisfaction.
>
> Nicolai
>
>
> ------------------------------
>
> Message: 3
> Date: Tue, 17 Jul 2012 15:32:56 -0500
> From: "Nathan C. Smith" <nathan.smith at ipmvs.com>
> To: Central Iowa Linux Users Group <cialug at cialug.org>
> Subject: Re: [Cialug] firewall / router recommendations
> Message-ID:
>
> <8323ED225BEBC046B628272B5F21768B58F5157E at exchange2k7.ipmvs.com>
> Content-Type: text/plain; charset="us-ascii"
>
> That is what I was going to suggest.  I really like pfSense on my Alix
> from netgate.com.  I'll never go back to something like Linksys if I
> can avoid it.
>
> It costs a little more but the control you gain is worth it.
> Especially now with things like the Cisco/Linksys cloud managemnt debacle.
>
>
> -Nate
>
> -----Original Message-----
> From: cialug-bounces at cialug.org [mailto:cialug-bounces at cialug.org] On
> Behalf Of Nicolai
> Sent: Tuesday, July 17, 2012 3:21 PM
> To: Central Iowa Linux Users Group
> Subject: Re: [Cialug] firewall / router recommendations
>
> On Tue, Jul 17, 2012 at 03:09:19PM -0500, ng0g at mchsi.com wrote:
> > CIALUG,
> >
> > I am thinking seriously of replacing my aging home Linksys
> > firewall/router, and looking for recommendations.  I don't need
> > wireless as I have shielded cat5 running everywhere, even out to my
> garage.
> > Although I don't care if what ever I get has it as long as I can
> > turn it off.
>
> Get an ALIX or Soekris and run your own preferred OS on it configured
> exactly as you like.  Better end product and higher satisfaction.
>
> Nicolai
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>
>
> ------------------------------
>
> Message: 4
> Date: Tue, 17 Jul 2012 15:33:29 -0500
> From: Gavin Campbell <gcampbell at internetsolver.com>
> To: Central Iowa Linux Users Group <cialug at cialug.org>
> Subject: Re: [Cialug] firewall / router recommendations
> Message-ID:
>
> <FE9338D2C00DC54A9202CC6AAB08AF70D0445051D8 at EXCHANGE.isolver.local
> >
> Content-Type: text/plain; charset="us-ascii"
>
> I've heard good things about open ddwrt boxes as a stand alone network.
> In the past I had Linux servers(desktop) that were hooked up as my
> inline firewall/network server right after the modem.
> Modem->Linuxbox->Switch
>
> -----Original Message-----
> From: cialug-bounces at cialug.org [mailto:cialug-bounces at cialug.org] On
> Behalf Of ng0g at mchsi.com
> Sent: Tuesday, July 17, 2012 3:09 PM
> To: Central Iowa Linux
> Subject: [Cialug] firewall / router recommendations
>
> CIALUG,
>
> I am thinking seriously of replacing my aging home Linksys
> firewall/router, and looking for recommendations.  I don't need
> wireless as I have shielded cat5 running everywhere, even out to my
> garage.  Although I don't care if what ever I get has it as long as I can turn it off.
>
> Steve
>
> Steve Hawkins NG0G
> 73 49 111 01001001
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>
>
> ------------------------------
>
> Message: 5
> Date: Tue, 17 Jul 2012 14:34:50 -0700
> From: Theron Conrey <theron at conrey.org>
> To: Central Iowa Linux Users Group <cialug at cialug.org>
> Subject: Re: [Cialug] NAS Boxen
> Message-ID: <258FFA6C-D7AD-40E3-B9DA-18C13DE5ED33 at conrey.org>
> Content-Type: text/plain; charset=us-ascii
>
> But you can continue to use compression.  The impact on ZFS is
> negligible and actually makes some things faster.
>
> -Theron
>
>
> On Jul 17, 2012, at 8:05 AM, David Champion wrote:
>
> > If you use the de-duplication option on ZFS, then yes, you want more RAM.
> > You can run with de-duplication turned off if you have less RAM.
> >
> > -dc
> >
> > On Tue, Jul 17, 2012 at 8:55 AM, Claus Niesen <cniesen at gmx.net> wrote:
> >
> >>
> >> On 7/15/2012 Paul said:
> >>> On 7/16/2012 1:59 PM, David Champion wrote:
> >>>> I've been pretty happy with FreeNAS using ZFS RAID.
> >>>
> >>> Ditto that.
> >>>
> >>> -PG
> >>
> >> I've been eying FreeNas especially since I need larger and larger
> >> partitions for backup, and that's at home. :{  Currently I'm using
> >> an
> older
> >> computer, Pentium 3 698MHz, 512MB RAM with 6.4GB (for OS), 80GB,
> >> 250GB
> and
> >> 1.5TB drives. The 1.5TB drive needed to be split into three
> >> partitions
> to
> >> avoid OpenBSD system limitations.
> >>
> >> If I understand things correctly I still have limitations with
> >> FreeNAS
> as
> >> ZFS really needs 8GB of RAM.
> >> --
> >>
> >>
> >> _______________________________________________
> >> Cialug mailing list
> >> Cialug at cialug.org
> >> http://cialug.org/mailman/listinfo/cialug
> >>
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > http://cialug.org/mailman/listinfo/cialug
>
>
>
> ------------------------------
>
> Message: 6
> Date: Tue, 17 Jul 2012 16:35:36 -0500
> From: David Champion <dchamp1337 at gmail.com>
> To: Central Iowa Linux Users Group <cialug at cialug.org>
> Subject: Re: [Cialug] firewall / router recommendations
> Message-ID:
>         <CAJ7QWVNFQEkHQWN7YQ+JXzn6EO2tphU2smZAJ=
> NTZbN6-N7-bA at mail.gmail.com>
> Content-Type: text/plain; charset=ISO-8859-1
>
> I've been using an Asus WiFi router w/ DD-WRT at home, works great.
> Look on newegg, they often have them on sale, I've seen them as cheap
> as $25. Mine is a RT-N12, but that model has been discontinued.
>
> -dc
>
> On Tue, Jul 17, 2012 at 3:33 PM, Gavin Campbell <
> gcampbell at internetsolver.com> wrote:
>
> > I've heard good things about open ddwrt boxes as a stand alone network.
> > In the past I had Linux servers(desktop) that were hooked up as my
> > inline firewall/network server right after the modem.
> > Modem->Linuxbox->Switch
> >
> > -----Original Message-----
> > From: cialug-bounces at cialug.org [mailto:cialug-bounces at cialug.org]
> > On Behalf Of ng0g at mchsi.com
> > Sent: Tuesday, July 17, 2012 3:09 PM
> > To: Central Iowa Linux
> > Subject: [Cialug] firewall / router recommendations
> >
> > CIALUG,
> >
> > I am thinking seriously of replacing my aging home Linksys
> > firewall/router, and looking for recommendations.  I don't need
> > wireless
> as
> > I have shielded cat5 running everywhere, even out to my garage.
>  Although I
> > don't care if what ever I get has it as long as I can turn it off.
> >
> > Steve
> >
> > Steve Hawkins NG0G
> > 73 49 111 01001001
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > http://cialug.org/mailman/listinfo/cialug
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > http://cialug.org/mailman/listinfo/cialug
> >
>
>
> ------------------------------
>
> Message: 7
> Date: Tue, 17 Jul 2012 17:07:21 -0500
> From: Matthew Nuzum <newz at bearfruit.org>
> To: Central Iowa Linux Users Group <cialug at cialug.org>
> Subject: Re: [Cialug] firewall / router recommendations
> Message-ID:
>         <
> CAN+aQ9wApbb053zn4oTETHGS+h+GKuLxsHF1+Fy-6jOrhiVogg at mail.gmail.com>
> Content-Type: text/plain; charset=UTF-8
>
> They pretty much all have wifi these days but they all can be turned
> off too. I have the Linksys E2500 which I'll recommend for a few reasons:
>
> 1. Setup is easy
> 2. IPv6 out of the box is cake. Just sign up for a tunnel broker and
> you'll have IPv6 on your network in 15 min or less.
> 3. It has IPv6 firewall built in and easily configurable.
> 4. Fast. Handles many open streams and connections without problem.
> I've had cheaper routers that overheat and shut down when you push them.
> 5. Built in support for dynamic dns
>
> Something you don't care about:
> 6. Good, affordable, dual band wfi
> 7. Easy guest network setup so that visitors can get on wifi without
> accessing your computers.
>
> It does *not* work with dd-wrt though.
>
> One thing I consider a down-side is that there is a limit to the
> number of portforwarding assignments you can handle. (about 20)
>
>
> On Tue, Jul 17, 2012 at 3:09 PM, <ng0g at mchsi.com> wrote:
>
> > CIALUG,
> >
> > I am thinking seriously of replacing my aging home Linksys
> > firewall/router, and looking for recommendations.  I don't need
> > wireless
> as
> > I have shielded cat5 running everywhere, even out to my garage.
>  Although I
> > don't care if what ever I get has it as long as I can turn it off.
> >
> > Steve
> >
> > Steve Hawkins NG0G
> > 73 49 111 01001001
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > http://cialug.org/mailman/listinfo/cialug
> >
>
>
>
> --
> Matthew Nuzum
> newz2000 on freenode, skype, linkedin and twitter
>
> ? You're never fully dressed without a smile! ?
>
>
> ------------------------------
>
> Message: 8
> Date: Tue, 17 Jul 2012 17:21:43 -0500
> From: Nicolai <nicolai-cialug at chocolatine.org>
> To: Central Iowa Linux Users Group <cialug at cialug.org>
> Subject: Re: [Cialug] firewall / router recommendations
> Message-ID: <20120717222143.GA30339 at vectra.student.iastate.edu>
> Content-Type: text/plain; charset=us-ascii
>
> On Tue, Jul 17, 2012 at 05:07:21PM -0500, Matthew Nuzum wrote:
> > I have the Linksys E2500 which I'll recommend for a few reasons:
>
> > One thing I consider a down-side is that there is a limit to the
> > number
> of
> > portforwarding assignments you can handle. (about 20)
>
> What's the reason for this limitation?  I'd have a hard time believing
> it's technical.
>
> Nicolai
>
>
> ------------------------------
>
> Message: 9
> Date: Tue, 17 Jul 2012 18:45:16 -0500
> From: David Bierce <david at bierce.org>
> To: Central Iowa Linux Users Group <cialug at cialug.org>
> Subject: Re: [Cialug] firewall / router recommendations
> Message-ID: <36521DE0-5056-4109-9392-E84F305C13D9 at bierce.org>
> Content-Type: text/plain; charset="utf-8"
>
> I wouldn't recomend the E2500 series.  The antenna is very directional
> parallel to the box.
>
> I have an E2500, DD-Wrt works just fine, you just have to use the e2k
> build because there is a tiny, tiny amount of RAM in the thing and a
> slightly non standard wireless chipset.
>
> I just have mine in bridge mode, but even doing that, I occasionally
> get OOM due to many connections.
>
>
> On Jul 17, 2012, at 5:07 PM, Matthew Nuzum wrote:
>
> > They pretty much all have wifi these days but they all can be turned
> > off too. I have the Linksys E2500 which I'll recommend for a few reasons:
> >
> > 1. Setup is easy
> > 2. IPv6 out of the box is cake. Just sign up for a tunnel broker and
> you'll
> > have IPv6 on your network in 15 min or less.
> > 3. It has IPv6 firewall built in and easily configurable.
> > 4. Fast. Handles many open streams and connections without problem.
> > I've had cheaper routers that overheat and shut down when you push them.
> > 5. Built in support for dynamic dns
> >
> > Something you don't care about:
> > 6. Good, affordable, dual band wfi
> > 7. Easy guest network setup so that visitors can get on wifi without
> > accessing your computers.
> >
> > It does *not* work with dd-wrt though.
> >
> > One thing I consider a down-side is that there is a limit to the
> > number
> of
> > portforwarding assignments you can handle. (about 20)
> >
> >
> > On Tue, Jul 17, 2012 at 3:09 PM, <ng0g at mchsi.com> wrote:
> >
> >> CIALUG,
> >>
> >> I am thinking seriously of replacing my aging home Linksys
> >> firewall/router, and looking for recommendations.  I don't need
> wireless as
> >> I have shielded cat5 running everywhere, even out to my garage.
>  Although I
> >> don't care if what ever I get has it as long as I can turn it off.
> >>
> >> Steve
> >>
> >> Steve Hawkins NG0G
> >> 73 49 111 01001001
> >> _______________________________________________
> >> Cialug mailing list
> >> Cialug at cialug.org
> >> http://cialug.org/mailman/listinfo/cialug
> >>
> >
> >
> >
> > --
> > Matthew Nuzum
> > newz2000 on freenode, skype, linkedin and twitter
> >
> > ? You're never fully dressed without a smile! ?
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > http://cialug.org/mailman/listinfo/cialug
>
> -------------- next part -------------- A non-text attachment was
> scrubbed...
> Name: signature.asc
> Type: application/pgp-signature
> Size: 841 bytes
> Desc: Message signed with OpenPGP using GPGMail
> URL: <
> http://cialug.org/pipermail/cialug/attachments/20120717/4b340af2/attac
> hment.pgp
> >
>
> ------------------------------
>
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>
>
> End of Cialug Digest, Vol 87, Issue 10
> **************************************
>
_______________________________________________
Cialug mailing list
Cialug at cialug.org
http://cialug.org/mailman/listinfo/cialug

More information about the Cialug mailing list