[Noisebridge-discuss] Recommendations for home firewall?

Thomas Stowe stowe.thomas at gmail.com
Sun Sep 19 23:43:06 UTC 2010 

Another cool thing to note is that some of the higher-end hardware (not
necessarily expense-wise) has more resources available (more than 400mhz for
a processor and a more useful ram size. Whether it's an atom, dual atom,
celeron, athlon or whatever processor machine or other hardware. This is not
only good for running specific security and filtering software but if you
want to run a VPN to encrypt / route all traffic through private servers or
route all traffic to a remote machine / network it's a must. I use this kind
of setup for a couple of my machines and though it can be deployed behind a
switch, it can be a pain. I've also read about routing solutions done inside
a VM and if you're doing that on a fast computer with a wireless connection
for your Internet/network access on it and two gigabit lan interfaces (Cards
or whatever) to handle the routing traffic it's possible, reliable and fast
compared to some other hardware solutions.



The information transmitted in this communication is intended only for the
person or entity to which it is addressed and may contain confidential
and/or privileged information. Any review, retransmission, dissemination,
copying or other use of, or taking of any action in reliance upon, this
information, or any part thereof, by persons or entities other than the
intended recipient, is strictly prohibited and may be unlawful. If you
received this in error, please contact the sender immediately and delete and
destroy this communication and all copies thereof, including all
attachments.


On Sun, Sep 19, 2010 at 2:37 PM, Casey Callendrello <c1 at caseyc.net> wrote:

>  Openwrt is decent, but as a long-time user it's been leaving wanting
> more. On the WRT54G, at least, the lack of ram and persistent storage is
> too limiting. The funky package management system is clever, but very
> limited.
>
> My next router will almost certainly be a bookshelf-style Intel ATOM
> mini-pc. They are are fast, cheap, efficient, and supremely
> customizable. It's hard to justify spending $$$$$ on embedded-style
> hardware anymore. Almost all of the miniboxen I've seen have either two
> gigabit wired interfaces, or one gigabit and one 802.11b/g/n card. I
> plan to just use a USB Ethernet adapter to connect to the cable modem
> (which won't be pushing enough traffic to cause a bottleneck anyways.
>
> All kinds of exciting things open up when your router has a real OS and
> hardware. For example, I really want to run my own DNSSEC-aware
> recursive resolver (begone, Comcast!), and that currently isn't really
> easy / possible in openWRT land. I would suggest sticking with pfsense,
> but moving to commodity hardware.
>
> Oh, yeah, ipv6 on openwrt is completely unsupported. It works fine, but
> don't expect any sort of configuration interface.
>
> --Casey
>
>
> On 9/19/10 11:39 AM, Joel Jaeggli wrote:
> > On 9/19/10 10:57 AM, David Stein wrote:
> >> For years, I've been using pfsense on a PC Engines WRAP system as a
> >> home firewall.  Now that pfsense is based on nanobsd, the WRAP board
> >> becomes a little cumbersome.  It's time to move on.  Any
> >> recommendations?
> >>
> >> DD-WRT seems really popular.  Perhaps on something from Netgear?  A
> >> combination firewall + 4 port switch + wireless access point + cable
> >> modem would be great.  Never seen one though.
> > cable modems are basically ethernet/docsis termination devices... your
> > overall sanity will greatly inrease if you keep the functionality
> > seperate as the modem is meant to be configured from the cable side.
> > while you're at it you can get a docsis 3.0 modem and be prepared for
> > both higher speeds and ipv6
> >
> >> I definitely want something that I can upgrade without taking the CF
> >> card out and reflashing it.  Right now I need a screwdriver to take
> >> apart my little WRAP system each time an upgrade comes out so I can
> >> get at the flash card.
> > if you want to fiddle with openwrt,
> >
> > http://ubnt.com/rspro
> >
> > is a very cool board
> >
> > by the time you add radios an enclosure and poe injector, it's a bit
> > spendier than they describe but it's a cool piece of hardware.
> >
> >> Budget<  $300.
> >> _______________________________________________
> >> Noisebridge-discuss mailing list
> >> Noisebridge-discuss at lists.noisebridge.net
> >> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
> >>
> > _______________________________________________
> > Noisebridge-discuss mailing list
> > Noisebridge-discuss at lists.noisebridge.net
> > https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>
> _______________________________________________
> Noisebridge-discuss mailing list
> Noisebridge-discuss at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.noisebridge.net/pipermail/noisebridge-discuss/attachments/20100919/4e3a408e/attachment-0003.html>

More information about the Noisebridge-discuss mailing list