Hey *, as I sweat through another day of crap dealing with an all-in-one box (firewall, IDS, AVS, report generating, soon to be a VPN server) I'm wondering if someone has started a project to put some freeware together in some semblance of sanity on a FBSD box. There's basically nothing that this box does that a combo of IPFW (or another bsd filter), snort, ntop, and some other freeware stuff can't do. As usual the problems I face stem from feature-overload, since the vendor has one crappy feature and then adds another crappy feature instead of fixing the first one so they can market the box better. I'm thinking that since the tools I mentioned are already fairly mature and robust, all that's needed is some sewing and, when core functionality is achieved, a GUI. This sounds like a fun project IMO, but I don't want to re-invent the wheel, especially when I have no spare time. ====----------------------------------------------------------- Get a taste of Religion ... eat a priest! ----------------------------------------------------------- __________________________________ Do you Yahoo!? Protect your identity with Yahoo! Mail AddressGuard http://antispam.yahoo.com/whatsnewfree
twig les wrote:>Hey *, as I sweat through another day of crap dealing with an >all-in-one box (firewall, IDS, AVS, report generating, soon to >be a VPN server) I'm wondering if someone has started a project >to put some freeware together in some semblance of sanity on a >FBSD box. There's basically nothing that this box does that a >combo of IPFW (or another bsd filter), snort, ntop, and some >other freeware stuff can't do. > >As usual the problems I face stem from feature-overload, since >the vendor has one crappy feature and then adds another crappy >feature instead of fixing the first one so they can market the >box better. I'm thinking that since the tools I mentioned are >already fairly mature and robust, all that's needed is some >sewing and, when core functionality is achieved, a GUI. > >This sounds like a fun project IMO, but I don't want to >re-invent the wheel, especially when I have no spare time. > >Hey Twig, I'm currently working on one of these 'crappy appliances' as you call them (except this one rocks). It'd be helpful for us to know what kinds of problems your appliance has/what beef you have with it so we can make our better. Sorry that this reply is a bit off-topic, since you're looking for a freeware one. Perhaps when we've made our fortune on it we can be arsed to release it BSD-style (no guarantees though, of course :)). Hope to hear from you soon! Kind regards, Devon H. O'Dell
On Wed, Nov 05, 2003 at 10:01:58AM -0800, twig les wrote:> Hey *, as I sweat through another day of crap dealing with an > all-in-one box (firewall, IDS, AVS, report generating, soon to > be a VPN server) I'm wondering if someone has started a project > to put some freeware together in some semblance of sanity on a > FBSD box. There's basically nothing that this box does that a > combo of IPFW (or another bsd filter), snort, ntop, and some > other freeware stuff can't do.http://www.exoserver.com/ perhaps? I believe these are FreeBSD based -- they certainly have people with @FreeBSD.org addresses working for them... Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20031105/354f48c3/attachment.bin
Hmmm, sounds a lot like Mandrake MNF (http://www.mandrakesoft.com/products/mnf) hopes to become. . I'd love to see something like this (PHP and PERL frontend) for a FreeBSD-based wonder box. I wonder if one could take the m0n0wall project (http://m0n0.ch/wall/) and expand it for a full blown network appliance. On Wed, 2003-11-05 at 12:01, twig les wrote:> Hey *, as I sweat through another day of crap dealing with an > all-in-one box (firewall, IDS, AVS, report generating, soon to > be a VPN server) I'm wondering if someone has started a project > to put some freeware together in some semblance of sanity on a > FBSD box. There's basically nothing that this box does that a > combo of IPFW (or another bsd filter), snort, ntop, and some > other freeware stuff can't do. > > As usual the problems I face stem from feature-overload, since > the vendor has one crappy feature and then adds another crappy > feature instead of fixing the first one so they can market the > box better. I'm thinking that since the tools I mentioned are > already fairly mature and robust, all that's needed is some > sewing and, when core functionality is achieved, a GUI. > > This sounds like a fun project IMO, but I don't want to > re-invent the wheel, especially when I have no spare time. > > ====> ----------------------------------------------------------- > Get a taste of Religion ... eat a priest! > ----------------------------------------------------------- > > __________________________________ > Do you Yahoo!? > Protect your identity with Yahoo! Mail AddressGuard > http://antispam.yahoo.com/whatsnewfree > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"-- Art Mason Rackspace Managed Hosting amason@rackspace.com
twig les wrote:> Hey *, as I sweat through another day of crap dealing with an > all-in-one box (firewall, IDS, AVS, report generating, soon to > be a VPN server) I'm wondering if someone has started a project > to put some freeware together in some semblance of sanity on a > FBSD box. There's basically nothing that this box does that a > combo of IPFW (or another bsd filter), snort, ntop, and some > other freeware stuff can't do. > > As usual the problems I face stem from feature-overload, since > the vendor has one crappy feature and then adds another crappy > feature instead of fixing the first one so they can market the > box better. I'm thinking that since the tools I mentioned are > already fairly mature and robust, all that's needed is some > sewing and, when core functionality is achieved, a GUI. > > This sounds like a fun project IMO, but I don't want to > re-invent the wheel, especially when I have no spare time. >http://www.netboz.net/ is a self-contained bootable cd that provides firewall, nat, dns, dhcp and vpn(in beta currently). Just need a floppy to write configs to and you're off&running. yup, its fbsd based. I've only played with it a little, but it was solid enough. I think it is just missing IDS&AVS from your wishlist above. Online demo available at: https://demo.netboz.net/ greg