User Name
Password
AppleNova Forums » Third-Party Products »

So who out there builds their own Firewall?


Register Members List Calendar Search FAQ Posting Guidelines
So who out there builds their own Firewall?
Thread Tools
turtle
Lord of the Rant.
Formerly turtle2472
 
Join Date: Mar 2005
Location: Tidewater Virginia
 
2012-02-17, 23:12

I'm kinda tired of having to reboot my router regularly due to saturation. Every now and then I'll have to just reboot the thing. What I'm thinking about it replacing the firewall in it with a OS to do that for me.


Clear OS is one option, though it seems more server like than I'm thinking. It's handle all the tasks that I used to make SME handle for me before I gave up my server for the Minecraft community here. So I would feel like I need to buy new hardware if I go this route.


ShoothWall seems like a good option with a much smaller footprint. While it won't do all the things I might like it to, it's a firewall.


pFSense seems like a likely option too.

All of these were found by searching out. I know ThunderPoit used m0n0wall for a while but it doesn't seem to be what I want it to be. Maybe it just isn't documented as well.

So this is why I'm posting. What's a good option for me to use to replace my router. I need it to manage DHCP, firewall, Block entire IP blocks and also have a large number of port forwarding slots available. I'm stuck at 15 now and it's not enough. It needs to handle up to 25Mbps up and down. Ideally it will be able to handle over 50Mbps for when I inevitably upgrade.

I'm open to hardware ideas too. Cheap is great. The less I have to spend the better. I do have an old P4 with a couple of GB of RAM in it that I might just put to work here for this.

Louis L'Amour, “To make democracy work, we must be a notion of participants, not simply observers. One who does not vote has no right to complain.”
MineCraft? mc.applenova.com | Visit us! | Maybe someday I'll proof read, until then deal with it.
  quote
torifile
Less than Stellar Member
 
Join Date: May 2004
Location: Durham, NC
Send a message via AIM to torifile  
2012-02-17, 23:22

Firewall? Rebuilding? What is that some sort of minecraft thingy?

I don't have any issues with my router or needing to worry about a firewall... Why is it such a problem for you, turtle?

If it's not red and showing substantial musculature, you're wearing it wrong.
  quote
turtle
Lord of the Rant.
Formerly turtle2472
 
Join Date: Mar 2005
Location: Tidewater Virginia
 
2012-02-17, 23:28

Well, because mc.applenova.com is out there I get more odd traffic to my home than the average home user. Not to mention I finally turned on port traffic logging on my router so I could see what was happening. The number of times I get hit with a scan and repetitive attempts to access my network astounded me.

Really, I do have a few other names out there that point to my home. I work for a hosting company and see what happens all the time when a domain name is targeted for attack. Anyway, lets just say my home is out there and I just want/need the extra care. Not to mention the bandwidth issue.

I am reading this article now (I'm only half way through it) and this guy sounds just like me!

Louis L'Amour, “To make democracy work, we must be a notion of participants, not simply observers. One who does not vote has no right to complain.”
MineCraft? mc.applenova.com | Visit us! | Maybe someday I'll proof read, until then deal with it.
  quote
Gargoyle
http://ga.rgoyle.com
 
Join Date: May 2004
Location: In your dock hiding behind your finder icon!
 
2012-02-18, 16:19

I've used pfsense in the past. There are some good links to building smaller, embedded type, setups.

Buy the sounds of it, the thing you need not to skimp on is memory.

As another (and probably easier to use) option, have you looked at IPCop (not even sure its still going), but that is another setup I have used.

OK, I have given up keeping this sig up to date. Lets just say I'm the guy that installs every latest version as soon as its available!
  quote
turtle
Lord of the Rant.
Formerly turtle2472
 
Join Date: Mar 2005
Location: Tidewater Virginia
 
2012-02-22, 17:43

Looking at IPCop now and so far it's running pretty good. I'm thinking this just might work for me. I really don't want to go through a bunch of configurations.

Louis L'Amour, “To make democracy work, we must be a notion of participants, not simply observers. One who does not vote has no right to complain.”
MineCraft? mc.applenova.com | Visit us! | Maybe someday I'll proof read, until then deal with it.
  quote
ThunderPoit
Captain Potatoman
 
Join Date: May 2004
Location: Saint Paul
 
2012-02-22, 19:24

If you're still taking votes, i vote for pfsense.
it was a fork off of m0n0wall a while back, much better features
it can do deep packet inspection to scan for viruses in real time and can also do intrusion prevention similar to what commercial firewalls can handle
my next build is going to run it.
  quote
turtle
Lord of the Rant.
Formerly turtle2472
 
Join Date: Mar 2005
Location: Tidewater Virginia
 
2012-03-20, 20:48

So this article came up in one of the RSS feeds I follow. One of the points that really hit me is the use of my P4 CPU that is less than power friendly. While I'm no tree hugger, I certainly don't want to pay more for services than I need to.

On top of this, pfSense hasn't been that good to me. I've been running it for a little bit and the router just stops routing. As of now the only fix is to reboot. Problem is I'd have to be home to make this happen. Not much fun for the guys on the server.

With some of the recent changes with ISPs being copyright cops and such I'm likely going to move over to ClearOS and give it a go. Reviews have been pretty good for it overall and seems like a good fit for my needs.

While I like pfSense, it's not holding up well for me. Makes me think it might be hardware, but this machine was my home server for a long time running SME Server.

Louis L'Amour, “To make democracy work, we must be a notion of participants, not simply observers. One who does not vote has no right to complain.”
MineCraft? mc.applenova.com | Visit us! | Maybe someday I'll proof read, until then deal with it.
  quote
Posting Rules Navigation
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Post Reply

Forum Jump
Thread Tools
Similar Threads
Thread Thread Starter Forum Replies Last Post
Mac Firewall.. Do you use it? Partial Apple Products 4 2009-09-01 21:25
Leopard Firewall Jason Genius Bar 24 2007-11-06 12:17
Firewall problem - "other firewall software", what? pkatzman Genius Bar 6 2007-01-16 07:58
odd firewall log CMKoehler Genius Bar 8 2006-02-01 22:41
Firewall Worries Jason Genius Bar 7 2005-07-19 13:35


« Previous Thread | Next Thread »

All times are GMT -5. The time now is 03:00.


Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright ©2004 - 2020, AppleNova