Hi All, I want to build a dedicated firewall/router as I am launching a NPO and I can host this in my garage. (Comcast offered me a 100 x 20 circuit for $99/mo with 5 statics) I used to run Untangle, but as of version 9, you are forced to use their build in protocol policies versus the firewalling I am used to (Deny All and then opening holes for specific IP's, etc). There are so many firewall distros to choose from. FireStarter, IPCOP, etc. The box I was going to use is a P4, 3GB RAM, 3 GB NICS. I could always use a beefier box also if there was really a need to for such a task. I am used to some Cisco PIX boxes and they just seem fast on hardly any specs. I had a PIX 525 that only had 256mb of RAM about 8 years ago and it was a rockstar. Thoughts, opinions, suggestions are welcome as to what to do! -Jason
> I want to build a dedicated firewall/router as I am launching a NPO and I can host this in my garage. (Comcast offered me a 100 x 20 circuit for $99/mo with 5 statics)> Thoughts, opinions, suggestions are welcome as to what to do!http://www.pfsense.org/
I would get a dell r210 from the outlet site and then load pfsense, been running in multiple locations, solid and works great. On 1/16/12, Jason T. Slack-Moehrle <slackmoehrle at gmail.com> wrote:> Hi All, > > I want to build a dedicated firewall/router as I am launching a NPO and I > can host this in my garage. (Comcast offered me a 100 x 20 circuit for > $99/mo with 5 statics) > > I used to run Untangle, but as of version 9, you are forced to use their > build in protocol policies versus the firewalling I am used to (Deny All and > then opening holes for specific IP's, etc). > > There are so many firewall distros to choose from. FireStarter, IPCOP, etc. > > The box I was going to use is a P4, 3GB RAM, 3 GB NICS. > > I could always use a beefier box also if there was really a need to for such > a task. > > I am used to some Cisco PIX boxes and they just seem fast on hardly any > specs. I had a PIX 525 that only had 256mb of RAM about 8 years ago and it > was a rockstar. > > Thoughts, opinions, suggestions are welcome as to what to do! > > > -Jason > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >
On 01/17/2012 01:11 AM, Jason T. Slack-Moehrle wrote:> Hi All, > > I want to build a dedicated firewall/router as I am launching a NPO and I can host this in my garage. (Comcast offered me a 100 x 20 circuit for $99/mo with 5 statics) > > I used to run Untangle, but as of version 9, you are forced to use their build in protocol policies versus the firewalling I am used to (Deny All and then opening holes for specific IP's, etc). > > There are so many firewall distros to choose from. FireStarter, IPCOP, etc. > > The box I was going to use is a P4, 3GB RAM, 3 GB NICS. > > I could always use a beefier box also if there was really a need to for such a task. > > I am used to some Cisco PIX boxes and they just seem fast on hardly any specs. I had a PIX 525 that only had 256mb of RAM about 8 years ago and it was a rockstar. > > Thoughts, opinions, suggestions are welcome as to what to do! >ClearOS, RHEL based Firewall/Router/Server with Web GUI. Simple to use, and it is like working on CentOS. http://www.clearfoundation.com/ -- Ljubomir Ljubojevic (Love is in the Air) PL Computers Serbia, Europe Google is the Mother, Google is the Father, and traceroute is your trusty Spiderman... StarOS, Mikrotik and CentOS/RHEL/Linux consultant
Jason T. Slack-Moehrle writes:> Hi All, > > I want to build a dedicated firewall/router as I am launching a NPO and I can host this in my garage. (Comcast offered me a 100 x 20 circuit for $99/mo with 5 statics)[...]> Thoughts, opinions, suggestions are welcome as to what to do!http://www.openbsd.org/
On Mon, 16 Jan 2012, Jason T. Slack-Moehrle wrote:> I want to build a dedicated firewall/router as I am launching a NPO and > I can host this in my garage. (Comcast offered me a 100 x 20 circuit for > $99/mo with 5 statics)I use two Dell R310's in a master/backup setup with shorewall and keepalived. -s