[Cialug] firewall / router recommendation
Nick Graber
nick at graber.me
Wed Jul 18 08:19:47 CDT 2012
I also have a pfSense firewall that I have been very happy with. I am
using a Neoware CA10 thin client with a pci network card. Here is a link
to a Neoware build that I found
http://www.kazame.net/2011/01/pro-firewall-with-pfsense/
On Wed, Jul 18, 2012 at 8:04 AM, Gavin Campbell <
gcampbell at internetsolver.com> wrote:
> I'll second pfsense, it does a great job.
>
> -----Original Message-----
> From: cialug-bounces at cialug.org [mailto:cialug-bounces at cialug.org] On
> Behalf Of Sean Flattery
> Sent: Tuesday, July 17, 2012 6:59 PM
> To: cialug at cialug.org
> Subject: [Cialug] firewall / router recommendation
>
> I'd second the pfSense recommendation. They have plug in modules like
> snort and I've used them at several different locations. Also Aastaro has a
> free software version of their security gateway that will do virus scanning
> of your traffic that I've been meaning to try out.
> On Jul 18, 2012 7:46 AM, <cialug-request at cialug.org> wrote:
>
> > Send Cialug mailing list submissions to
> > cialug at cialug.org
> >
> > To subscribe or unsubscribe via the World Wide Web, visit
> > http://cialug.org/mailman/listinfo/cialug
> > or, via email, send a message with subject or body 'help' to
> > cialug-request at cialug.org
> >
> > You can reach the person managing the list at
> > cialug-owner at cialug.org
> >
> > When replying, please edit your Subject line so it is more specific
> > than "Re: Contents of Cialug digest..."
> >
> >
> > Today's Topics:
> >
> > 1. firewall / router recommendations (ng0g at mchsi.com)
> > 2. Re: firewall / router recommendations (Nicolai)
> > 3. Re: firewall / router recommendations (Nathan C. Smith)
> > 4. Re: firewall / router recommendations (Gavin Campbell)
> > 5. Re: NAS Boxen (Theron Conrey)
> > 6. Re: firewall / router recommendations (David Champion)
> > 7. Re: firewall / router recommendations (Matthew Nuzum)
> > 8. Re: firewall / router recommendations (Nicolai)
> > 9. Re: firewall / router recommendations (David Bierce)
> >
> >
> > ----------------------------------------------------------------------
> >
> > Message: 1
> > Date: Tue, 17 Jul 2012 15:09:19 -0500 (CDT)
> > From: ng0g at mchsi.com
> > To: Central Iowa Linux <cialug at cialug.org>
> > Subject: [Cialug] firewall / router recommendations
> > Message-ID:
> >
> > <648757140.15183301342555758870.JavaMail.root at dsmdc-mail-mbs15>
> > Content-Type: text/plain; charset=utf-8
> >
> > CIALUG,
> >
> > I am thinking seriously of replacing my aging home Linksys
> > firewall/router, and looking for recommendations. I don't need
> > wireless as I have shielded cat5 running everywhere, even out to my
> > garage. Although I don't care if what ever I get has it as long as I
> can turn it off.
> >
> > Steve
> >
> > Steve Hawkins NG0G
> > 73 49 111 01001001
> >
> >
> > ------------------------------
> >
> > Message: 2
> > Date: Tue, 17 Jul 2012 15:20:34 -0500
> > From: Nicolai <nicolai-cialug at chocolatine.org>
> > To: Central Iowa Linux Users Group <cialug at cialug.org>
> > Subject: Re: [Cialug] firewall / router recommendations
> > Message-ID: <20120717202034.GA23243 at vectra.student.iastate.edu>
> > Content-Type: text/plain; charset=us-ascii
> >
> > On Tue, Jul 17, 2012 at 03:09:19PM -0500, ng0g at mchsi.com wrote:
> > > CIALUG,
> > >
> > > I am thinking seriously of replacing my aging home Linksys
> > > firewall/router, and looking for recommendations. I don't need
> > > wireless as I have shielded cat5 running everywhere, even out to my
> garage.
> > > Although I don't care if what ever I get has it as long as I can
> > > turn it off.
> >
> > Get an ALIX or Soekris and run your own preferred OS on it configured
> > exactly as you like. Better end product and higher satisfaction.
> >
> > Nicolai
> >
> >
> > ------------------------------
> >
> > Message: 3
> > Date: Tue, 17 Jul 2012 15:32:56 -0500
> > From: "Nathan C. Smith" <nathan.smith at ipmvs.com>
> > To: Central Iowa Linux Users Group <cialug at cialug.org>
> > Subject: Re: [Cialug] firewall / router recommendations
> > Message-ID:
> >
> > <8323ED225BEBC046B628272B5F21768B58F5157E at exchange2k7.ipmvs.com>
> > Content-Type: text/plain; charset="us-ascii"
> >
> > That is what I was going to suggest. I really like pfSense on my Alix
> > from netgate.com. I'll never go back to something like Linksys if I
> > can avoid it.
> >
> > It costs a little more but the control you gain is worth it.
> > Especially now with things like the Cisco/Linksys cloud managemnt
> debacle.
> >
> >
> > -Nate
> >
> > -----Original Message-----
> > From: cialug-bounces at cialug.org [mailto:cialug-bounces at cialug.org] On
> > Behalf Of Nicolai
> > Sent: Tuesday, July 17, 2012 3:21 PM
> > To: Central Iowa Linux Users Group
> > Subject: Re: [Cialug] firewall / router recommendations
> >
> > On Tue, Jul 17, 2012 at 03:09:19PM -0500, ng0g at mchsi.com wrote:
> > > CIALUG,
> > >
> > > I am thinking seriously of replacing my aging home Linksys
> > > firewall/router, and looking for recommendations. I don't need
> > > wireless as I have shielded cat5 running everywhere, even out to my
> > garage.
> > > Although I don't care if what ever I get has it as long as I can
> > > turn it off.
> >
> > Get an ALIX or Soekris and run your own preferred OS on it configured
> > exactly as you like. Better end product and higher satisfaction.
> >
> > Nicolai
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > http://cialug.org/mailman/listinfo/cialug
> >
> >
> > ------------------------------
> >
> > Message: 4
> > Date: Tue, 17 Jul 2012 15:33:29 -0500
> > From: Gavin Campbell <gcampbell at internetsolver.com>
> > To: Central Iowa Linux Users Group <cialug at cialug.org>
> > Subject: Re: [Cialug] firewall / router recommendations
> > Message-ID:
> >
> > <FE9338D2C00DC54A9202CC6AAB08AF70D0445051D8 at EXCHANGE.isolver.local
> > >
> > Content-Type: text/plain; charset="us-ascii"
> >
> > I've heard good things about open ddwrt boxes as a stand alone network.
> > In the past I had Linux servers(desktop) that were hooked up as my
> > inline firewall/network server right after the modem.
> > Modem->Linuxbox->Switch
> >
> > -----Original Message-----
> > From: cialug-bounces at cialug.org [mailto:cialug-bounces at cialug.org] On
> > Behalf Of ng0g at mchsi.com
> > Sent: Tuesday, July 17, 2012 3:09 PM
> > To: Central Iowa Linux
> > Subject: [Cialug] firewall / router recommendations
> >
> > CIALUG,
> >
> > I am thinking seriously of replacing my aging home Linksys
> > firewall/router, and looking for recommendations. I don't need
> > wireless as I have shielded cat5 running everywhere, even out to my
> > garage. Although I don't care if what ever I get has it as long as I
> can turn it off.
> >
> > Steve
> >
> > Steve Hawkins NG0G
> > 73 49 111 01001001
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > http://cialug.org/mailman/listinfo/cialug
> >
> >
> > ------------------------------
> >
> > Message: 5
> > Date: Tue, 17 Jul 2012 14:34:50 -0700
> > From: Theron Conrey <theron at conrey.org>
> > To: Central Iowa Linux Users Group <cialug at cialug.org>
> > Subject: Re: [Cialug] NAS Boxen
> > Message-ID: <258FFA6C-D7AD-40E3-B9DA-18C13DE5ED33 at conrey.org>
> > Content-Type: text/plain; charset=us-ascii
> >
> > But you can continue to use compression. The impact on ZFS is
> > negligible and actually makes some things faster.
> >
> > -Theron
> >
> >
> > On Jul 17, 2012, at 8:05 AM, David Champion wrote:
> >
> > > If you use the de-duplication option on ZFS, then yes, you want more
> RAM.
> > > You can run with de-duplication turned off if you have less RAM.
> > >
> > > -dc
> > >
> > > On Tue, Jul 17, 2012 at 8:55 AM, Claus Niesen <cniesen at gmx.net> wrote:
> > >
> > >>
> > >> On 7/15/2012 Paul said:
> > >>> On 7/16/2012 1:59 PM, David Champion wrote:
> > >>>> I've been pretty happy with FreeNAS using ZFS RAID.
> > >>>
> > >>> Ditto that.
> > >>>
> > >>> -PG
> > >>
> > >> I've been eying FreeNas especially since I need larger and larger
> > >> partitions for backup, and that's at home. :{ Currently I'm using
> > >> an
> > older
> > >> computer, Pentium 3 698MHz, 512MB RAM with 6.4GB (for OS), 80GB,
> > >> 250GB
> > and
> > >> 1.5TB drives. The 1.5TB drive needed to be split into three
> > >> partitions
> > to
> > >> avoid OpenBSD system limitations.
> > >>
> > >> If I understand things correctly I still have limitations with
> > >> FreeNAS
> > as
> > >> ZFS really needs 8GB of RAM.
> > >> --
> > >>
> > >>
> > >> _______________________________________________
> > >> Cialug mailing list
> > >> Cialug at cialug.org
> > >> http://cialug.org/mailman/listinfo/cialug
> > >>
> > > _______________________________________________
> > > Cialug mailing list
> > > Cialug at cialug.org
> > > http://cialug.org/mailman/listinfo/cialug
> >
> >
> >
> > ------------------------------
> >
> > Message: 6
> > Date: Tue, 17 Jul 2012 16:35:36 -0500
> > From: David Champion <dchamp1337 at gmail.com>
> > To: Central Iowa Linux Users Group <cialug at cialug.org>
> > Subject: Re: [Cialug] firewall / router recommendations
> > Message-ID:
> > <CAJ7QWVNFQEkHQWN7YQ+JXzn6EO2tphU2smZAJ=
> > NTZbN6-N7-bA at mail.gmail.com>
> > Content-Type: text/plain; charset=ISO-8859-1
> >
> > I've been using an Asus WiFi router w/ DD-WRT at home, works great.
> > Look on newegg, they often have them on sale, I've seen them as cheap
> > as $25. Mine is a RT-N12, but that model has been discontinued.
> >
> > -dc
> >
> > On Tue, Jul 17, 2012 at 3:33 PM, Gavin Campbell <
> > gcampbell at internetsolver.com> wrote:
> >
> > > I've heard good things about open ddwrt boxes as a stand alone network.
> > > In the past I had Linux servers(desktop) that were hooked up as my
> > > inline firewall/network server right after the modem.
> > > Modem->Linuxbox->Switch
> > >
> > > -----Original Message-----
> > > From: cialug-bounces at cialug.org [mailto:cialug-bounces at cialug.org]
> > > On Behalf Of ng0g at mchsi.com
> > > Sent: Tuesday, July 17, 2012 3:09 PM
> > > To: Central Iowa Linux
> > > Subject: [Cialug] firewall / router recommendations
> > >
> > > CIALUG,
> > >
> > > I am thinking seriously of replacing my aging home Linksys
> > > firewall/router, and looking for recommendations. I don't need
> > > wireless
> > as
> > > I have shielded cat5 running everywhere, even out to my garage.
> > Although I
> > > don't care if what ever I get has it as long as I can turn it off.
> > >
> > > Steve
> > >
> > > Steve Hawkins NG0G
> > > 73 49 111 01001001
> > > _______________________________________________
> > > Cialug mailing list
> > > Cialug at cialug.org
> > > http://cialug.org/mailman/listinfo/cialug
> > > _______________________________________________
> > > Cialug mailing list
> > > Cialug at cialug.org
> > > http://cialug.org/mailman/listinfo/cialug
> > >
> >
> >
> > ------------------------------
> >
> > Message: 7
> > Date: Tue, 17 Jul 2012 17:07:21 -0500
> > From: Matthew Nuzum <newz at bearfruit.org>
> > To: Central Iowa Linux Users Group <cialug at cialug.org>
> > Subject: Re: [Cialug] firewall / router recommendations
> > Message-ID:
> > <
> > CAN+aQ9wApbb053zn4oTETHGS+h+GKuLxsHF1+Fy-6jOrhiVogg at mail.gmail.com>
> > Content-Type: text/plain; charset=UTF-8
> >
> > They pretty much all have wifi these days but they all can be turned
> > off too. I have the Linksys E2500 which I'll recommend for a few reasons:
> >
> > 1. Setup is easy
> > 2. IPv6 out of the box is cake. Just sign up for a tunnel broker and
> > you'll have IPv6 on your network in 15 min or less.
> > 3. It has IPv6 firewall built in and easily configurable.
> > 4. Fast. Handles many open streams and connections without problem.
> > I've had cheaper routers that overheat and shut down when you push them.
> > 5. Built in support for dynamic dns
> >
> > Something you don't care about:
> > 6. Good, affordable, dual band wfi
> > 7. Easy guest network setup so that visitors can get on wifi without
> > accessing your computers.
> >
> > It does *not* work with dd-wrt though.
> >
> > One thing I consider a down-side is that there is a limit to the
> > number of portforwarding assignments you can handle. (about 20)
> >
> >
> > On Tue, Jul 17, 2012 at 3:09 PM, <ng0g at mchsi.com> wrote:
> >
> > > CIALUG,
> > >
> > > I am thinking seriously of replacing my aging home Linksys
> > > firewall/router, and looking for recommendations. I don't need
> > > wireless
> > as
> > > I have shielded cat5 running everywhere, even out to my garage.
> > Although I
> > > don't care if what ever I get has it as long as I can turn it off.
> > >
> > > Steve
> > >
> > > Steve Hawkins NG0G
> > > 73 49 111 01001001
> > > _______________________________________________
> > > Cialug mailing list
> > > Cialug at cialug.org
> > > http://cialug.org/mailman/listinfo/cialug
> > >
> >
> >
> >
> > --
> > Matthew Nuzum
> > newz2000 on freenode, skype, linkedin and twitter
> >
> > ? You're never fully dressed without a smile! ?
> >
> >
> > ------------------------------
> >
> > Message: 8
> > Date: Tue, 17 Jul 2012 17:21:43 -0500
> > From: Nicolai <nicolai-cialug at chocolatine.org>
> > To: Central Iowa Linux Users Group <cialug at cialug.org>
> > Subject: Re: [Cialug] firewall / router recommendations
> > Message-ID: <20120717222143.GA30339 at vectra.student.iastate.edu>
> > Content-Type: text/plain; charset=us-ascii
> >
> > On Tue, Jul 17, 2012 at 05:07:21PM -0500, Matthew Nuzum wrote:
> > > I have the Linksys E2500 which I'll recommend for a few reasons:
> >
> > > One thing I consider a down-side is that there is a limit to the
> > > number
> > of
> > > portforwarding assignments you can handle. (about 20)
> >
> > What's the reason for this limitation? I'd have a hard time believing
> > it's technical.
> >
> > Nicolai
> >
> >
> > ------------------------------
> >
> > Message: 9
> > Date: Tue, 17 Jul 2012 18:45:16 -0500
> > From: David Bierce <david at bierce.org>
> > To: Central Iowa Linux Users Group <cialug at cialug.org>
> > Subject: Re: [Cialug] firewall / router recommendations
> > Message-ID: <36521DE0-5056-4109-9392-E84F305C13D9 at bierce.org>
> > Content-Type: text/plain; charset="utf-8"
> >
> > I wouldn't recomend the E2500 series. The antenna is very directional
> > parallel to the box.
> >
> > I have an E2500, DD-Wrt works just fine, you just have to use the e2k
> > build because there is a tiny, tiny amount of RAM in the thing and a
> > slightly non standard wireless chipset.
> >
> > I just have mine in bridge mode, but even doing that, I occasionally
> > get OOM due to many connections.
> >
> >
> > On Jul 17, 2012, at 5:07 PM, Matthew Nuzum wrote:
> >
> > > They pretty much all have wifi these days but they all can be turned
> > > off too. I have the Linksys E2500 which I'll recommend for a few
> reasons:
> > >
> > > 1. Setup is easy
> > > 2. IPv6 out of the box is cake. Just sign up for a tunnel broker and
> > you'll
> > > have IPv6 on your network in 15 min or less.
> > > 3. It has IPv6 firewall built in and easily configurable.
> > > 4. Fast. Handles many open streams and connections without problem.
> > > I've had cheaper routers that overheat and shut down when you push
> them.
> > > 5. Built in support for dynamic dns
> > >
> > > Something you don't care about:
> > > 6. Good, affordable, dual band wfi
> > > 7. Easy guest network setup so that visitors can get on wifi without
> > > accessing your computers.
> > >
> > > It does *not* work with dd-wrt though.
> > >
> > > One thing I consider a down-side is that there is a limit to the
> > > number
> > of
> > > portforwarding assignments you can handle. (about 20)
> > >
> > >
> > > On Tue, Jul 17, 2012 at 3:09 PM, <ng0g at mchsi.com> wrote:
> > >
> > >> CIALUG,
> > >>
> > >> I am thinking seriously of replacing my aging home Linksys
> > >> firewall/router, and looking for recommendations. I don't need
> > wireless as
> > >> I have shielded cat5 running everywhere, even out to my garage.
> > Although I
> > >> don't care if what ever I get has it as long as I can turn it off.
> > >>
> > >> Steve
> > >>
> > >> Steve Hawkins NG0G
> > >> 73 49 111 01001001
> > >> _______________________________________________
> > >> Cialug mailing list
> > >> Cialug at cialug.org
> > >> http://cialug.org/mailman/listinfo/cialug
> > >>
> > >
> > >
> > >
> > > --
> > > Matthew Nuzum
> > > newz2000 on freenode, skype, linkedin and twitter
> > >
> > > ? You're never fully dressed without a smile! ?
> > > _______________________________________________
> > > Cialug mailing list
> > > Cialug at cialug.org
> > > http://cialug.org/mailman/listinfo/cialug
> >
> > -------------- next part -------------- A non-text attachment was
> > scrubbed...
> > Name: signature.asc
> > Type: application/pgp-signature
> > Size: 841 bytes
> > Desc: Message signed with OpenPGP using GPGMail
> > URL: <
> > http://cialug.org/pipermail/cialug/attachments/20120717/4b340af2/attac
> > hment.pgp
> > >
> >
> > ------------------------------
> >
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > http://cialug.org/mailman/listinfo/cialug
> >
> >
> > End of Cialug Digest, Vol 87, Issue 10
> > **************************************
> >
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>
More information about the Cialug
mailing list