Hello All, I have several Centos boxes I am very pleased with. I run another box with the Clarkconnect distribution as a dedicated firewall. Since the Clarkconnect distro is built from Centos I was wondering if anyone knows what needs to be installed on this box so that I could use yum to keep it up to date? Apologies if this is not the proper venue for this question. -Arkwolf
Why not use http://www.ipcop.org/ I know it does not use the latest OS but why re-invent the wheel.... It has all sorts of goodies like Open VPN and other plugins available..... I am using it and it ROCKS!!!!! Franklin S. Werren webmaster@bagpipes.net www.bagpipes.net www.chautauqualake.net www.franksradio.net All messages sent from this computer are scanned by more than one Virus Scanner and are Certified to be Virus Free. -----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of w.arkwolf Sent: Tuesday, March 28, 2006 1:58 PM To: CentOS mailing list Subject: [CentOS] OT Clarkconnect Firewall/Router updates Hello All, I have several Centos boxes I am very pleased with. I run another box with the Clarkconnect distribution as a dedicated firewall. Since the Clarkconnect distro is built from Centos I was wondering if anyone knows what needs to be installed on this box so that I could use yum to keep it up to date? Apologies if this is not the proper venue for this question. -Arkwolf _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Tuesday 28 March 2006 16:18, Franklin S Werren wrote:> Why not use http://www.ipcop.org/ > I know it does not use the latest OS > but why re-invent the wheel.... >Thanks for your reply. Not a bad idea, but I''ve been using Clarkconnect for about 4 years and it has always worked perfectly. If I can keep it updated using yum it would be great.> It has all sorts of goodies like Open VPN > and other plugins available..... > > I am using it and it ROCKS!!!!! > > > Franklin S. Werren webmaster@bagpipes.net-Arkwolf
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, Mar 28, 2006 at 09:39:59PM -0500, William L. Maltby wrote:> On Tue, 2006-03-28 at 16:18 -0500, Franklin S Werren wrote: > > Why not use http://www.ipcop.org/ > > I know it does not use the latest OS > > but why re-invent the wheel.... > > > > It has all sorts of goodies like Open VPN > > and other plugins available..... > > > > I am using it and it ROCKS!!!!! > > Me too, so that''s 2 rocks. Well, 1 and 1/2 since you top-posted. :-( > Runs fine on very old minimal eqpt. I have it on an AMD 5x86 (486 in a > 386 socket) 100MHz, 3 3Com 3C509 (half duplex unfortunately) 32MB DRAM > (remember what that is?) and junk Champ 1GB old slow drives.Motorola WR850g + OpenWRT here :) Nice, silent, low energy requirements (11W PSU), small, and has WiFi. And if you want to create DMZs with it, you can configure each of the 4 LAN Ethernet ports on a different VLAN. I''m getting some Linksys WRT54GL tomorrow too. My WR850g went in to replace my CentOS based firewall box (based on K6, 128M RAM). []s - -- Rodrigo Barbosa <rodrigob@suespammers.org> "Quid quid Latine dictum sit, altum viditur" "Be excellent to each other ..." - Bill & Ted (Wyld Stallyns) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFEKbVapdyWzQ5b5ckRAmO/AJ9l6Xs7mmpNjBQBRy7FnnMGxyolCgCgjEzo hLU6hkQ8q4kxnU8v+P0b56M=hsNl -----END PGP SIGNATURE-----
On Tuesday 28 March 2006 16:18, Franklin S Werren wrote:> Why not use http://www.ipcop.org/ > I know it does not use the latest OS > but why re-invent the wheel.... > > It has all sorts of goodies like Open VPN > and other plugins available..... > > I am using it and it ROCKS!!!!! >Sounds like a good idea but I already have the Clarkconnect box running. I''ve been using this distro for 4 years and I like it. I have seen it mentioned on this list before so I thought I''d ask. -Arkwolf
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, Mar 28, 2006 at 11:16:01PM -0500, William L. Maltby wrote:> > > Me too, so that''s 2 rocks. Well, 1 and 1/2 since you top-posted. :-( > > > Runs fine on very old minimal eqpt. I have it on an AMD 5x86 (486 in a > > > 386 socket) 100MHz, 3 3Com 3C509 (half duplex unfortunately) 32MB DRAM > > > (remember what that is?) and junk Champ 1GB old slow drives. > > > > Motorola WR850g + OpenWRT here :) > > Nice, silent, low energy requirements (11W PSU), small, and has WiFi. > > My next goal for it is to find a decent source of fan-less low-power > supplies. I''ll never WiFi at home. I only have a few brain cells left > and don''t want them invaded by high freq waves. Besides Bush (our > protector of constitutional liberties) might be eavesdropping on the > waves that exit from my brain cells and I''d get put in Gitmo with all > the bene''s that accrue from that.Well, just disable WiFi. Pretty easy to do on OpenWRT: # wl radio off> > I''m getting some Linksys WRT54GL tomorrow too. > > I''ve been using the SMC stuff for my Gigabit. Been happy with it. But I > don''t need managed, so I don''t know how that stuff compares. I just use > the E''net cards and unmanaged switches.This WRTish boxes are pretty near. Geral spec is 1 Wifi + 1 Ether (WAN) + 4 + 1 Ethernet Switch (LAN, 4 ports on the outside, the 5th being the router itself).> > My WR850g went in to replace my CentOS based firewall box (based on K6, > > 128M RAM). > > Yep. Don''t want to waste "the big guns". My 2nd most powerful machine is > an AMD-K6-2 (currently @ 380MHz, 450 on the horizon I think) on a PC- > Chips M-571 main-board, 256M. Access to a good net, couple disks and > discs and it makes a real decent workstation or server. I''m using that > one as my server, being built via CLI one package at a time so I can > really learn this stuff. I wish my memory of what I read was as good as > when I was much younger. :-(There WRTish boxes are based on MIPS processors (Little Endian, usually Broadcom chip). It is good to switch platforms once in a while :)> I''m going to try and buy folks'' old machines and get them into peoples > homes when they do cable. Cable co. charges them for each extra computer > hookup. I make my own cat-5 cables, install and the homeowner saves $$. > And cable co. charges biz customers $300 for each node install and big > bucks extra for firewall monthly.... I see an opportunity to save them > some money.Using WRT boxes can save a lot of money, since they are pretty cheap. You can even get used one off e-bay for nearly nothing. A WRT54GL is priced at $69.99 at Amazon.com and $61.99 at Newegg. There are plenty of other models/brand you can use for that too. And now I''m stopping, since this is getting WAY off topic :) - -- Rodrigo Barbosa <rodrigob@suespammers.org> "Quid quid Latine dictum sit, altum viditur" "Be excellent to each other ..." - Bill & Ted (Wyld Stallyns) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFEKcespdyWzQ5b5ckRAq82AJ9jUuCpvYQ7b6xoib1jUrNctHSGKgCdEzj9 6WPpvG47G3pzvRMRJUAxcRI=aSvC -----END PGP SIGNATURE-----
w.arkwolf spake the following on 3/28/2006 1:44 PM:> On Tuesday 28 March 2006 16:18, Franklin S Werren wrote: >> Why not use http://www.ipcop.org/ >> I know it does not use the latest OS >> but why re-invent the wheel.... >> > > Thanks for your reply. > > Not a bad idea, but I''ve been using Clarkconnect for > about 4 years and it has always worked perfectly. If > I can keep it updated using yum it would be great. > >> It has all sorts of goodies like Open VPN >> and other plugins available..... >> >> I am using it and it ROCKS!!!!! >> >> >> Franklin S. Werren webmaster@bagpipes.net > > -ArkwolfIt already has apt, shouldn''t be too difficult to keep up to date. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don''t!!!!
William L. Maltby wrote:> I think after I get my wife''s office and tenants set up, I might > contribute some code to IPCop. > > Be good.... if you have no other choice! =:-O > > Bill >I always thought it would be awesome if IPCop could pole SNMPd running on local servers and provide some graphs for LAN workstations too.
On 29/03/06, William L. Maltby <BillsCentOS@triad.rr.com> wrote: [SNIP]> > Me too, so that''s 2 rocks. Well, 1 and 1/2 since you top-posted. :-([SNIP] Only -0.5 for top posting?? ;-^ -- Sudev Barar Learning Linux
On Tue, 2006-03-28 at 16:18 -0500, Franklin S Werren wrote:> Why not use http://www.ipcop.org/ > I know it does not use the latest OS > but why re-invent the wheel.... > > It has all sorts of goodies like Open VPN > and other plugins available..... > > I am using it and it ROCKS!!!!!Me too, so that''s 2 rocks. Well, 1 and 1/2 since you top-posted. :-( Runs fine on very old minimal eqpt. I have it on an AMD 5x86 (486 in a 386 socket) 100MHz, 3 3Com 3C509 (half duplex unfortunately) 32MB DRAM (remember what that is?) and junk Champ 1GB old slow drives. Through my cable modem, *effective* ultimate throughput of 583MB/sec from decent sites. gkrellm shows 617Mb or better on my target. Don''t laugh though, I have it on a much more powerful node too: 200MHz 586 with some better 100BaseT cards, etc. Haven''t measured that one yet. I suspect the cable modem is about to become the bottleneck, unless one of my 1000BaseT cards sucking on it would help. But I''ll replace that 586 with my wife''s old Aptiva (66MHz 486) so I can use that power where it''s really needed. Install w/bootable CD, boot from floppy (image on CD as if El Torito spec CD, might boot on systems supporting that spec too?) and can install from network if you make drivers disk w/your net card included.> Franklin S. Werren webmaster@bagpipes.netBill -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.centos.org/pipermail/centos/attachments/20060328/5bd38dad/attachment.bin
On Tue, 2006-03-28 at 19:14 -0300, Rodrigo Barbosa wrote:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Tue, Mar 28, 2006 at 09:39:59PM -0500, William L. Maltby wrote: > > On Tue, 2006-03-28 at 16:18 -0500, Franklin S Werren wrote: > > ><snip>> > Me too, so that''s 2 rocks. Well, 1 and 1/2 since you top-posted. :-( > > Runs fine on very old minimal eqpt. I have it on an AMD 5x86 (486 in a > > 386 socket) 100MHz, 3 3Com 3C509 (half duplex unfortunately) 32MB DRAM > > (remember what that is?) and junk Champ 1GB old slow drives. > > Motorola WR850g + OpenWRT here :) > Nice, silent, low energy requirements (11W PSU), small, and has WiFi.My next goal for it is to find a decent source of fan-less low-power supplies. I''ll never WiFi at home. I only have a few brain cells left and don''t want them invaded by high freq waves. Besides Bush (our protector of constitutional liberties) might be eavesdropping on the waves that exit from my brain cells and I''d get put in Gitmo with all the bene''s that accrue from that.> > And if you want to create DMZs with it, you can configure each of > the 4 LAN Ethernet ports on a different VLAN.I''ve just Red/Orange/Green to try to learn all the stuff that didn''t exist when I was working for others. Trying to learn the proper DNSing for private net that also accesses I''net etc.> > I''m getting some Linksys WRT54GL tomorrow too.I''ve been using the SMC stuff for my Gigabit. Been happy with it. But I don''t need managed, so I don''t know how that stuff compares. I just use the E''net cards and unmanaged switches.> > My WR850g went in to replace my CentOS based firewall box (based on K6, > 128M RAM).Yep. Don''t want to waste "the big guns". My 2nd most powerful machine is an AMD-K6-2 (currently @ 380MHz, 450 on the horizon I think) on a PC- Chips M-571 main-board, 256M. Access to a good net, couple disks and discs and it makes a real decent workstation or server. I''m using that one as my server, being built via CLI one package at a time so I can really learn this stuff. I wish my memory of what I read was as good as when I was much younger. :-(> Rodrigo Barbosa <rodrigob@suespammers.org> > "Quid quid Latine dictum sit, altum viditur" > "Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)I''m going to try and buy folks'' old machines and get them into peoples homes when they do cable. Cable co. charges them for each extra computer hookup. I make my own cat-5 cables, install and the homeowner saves $$. And cable co. charges biz customers $300 for each node install and big bucks extra for firewall monthly.... I see an opportunity to save them some money. Thinking of "HomeGroanNet.*" as a decent name which aptly describes ^^^^^ how hard it is to learn all net related stuff piecemeal. And how hard to survive decent puns in civil society. ;-) I think after I get my wife''s office and tenants set up, I might contribute some code to IPCop. Be good.... if you have no other choice! =:-O Bill -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.centos.org/pipermail/centos/attachments/20060328/fd4a4d33/attachment.bin