Embeded Linux Firewall Appliances? 15
NT Convert asks: "I'm looking for an embedded firewall solution for my home network - The smaller and cheaper the better. Does anyone out there know of any products, or work being done in this area? It seems a shame to throw a full-sized computer at something like this, especially when the full-sized computer could be used for something important, like Quake..."
LRP (Score:2)
Re:LRP (Score:1)
I [earthlink.net] found that [linuxrouter.org] using this [linuxrouter.org] search on http://www.linuxrouter.org/ [linuxrouter.org].
NETtel - uClinux (Score:2)
http://www.moretonbay.com/MBWEB/product/nettel/
They make a m68k Coldfire based router. It runs the port of the 2.0.38 kernel that supports chinps with no mmu. I have seen hacked versions of the NETtel that even play MP3's. That Coldfir ein one sweet chip. (and it has a cool name)
I have played with the uCsimm... it is a pretty sweet piece of hardware. It has an ethernet controler, so you could turn it into a lame router no problem.
http://www.uclinux.org
or
http://www.rt-control.com
Just a thought...
Ryan
Low cost (non-linux) routers (Score:2)
They don't run linux, but they're small, cheap, have some filtering, and can quietly run 24/7. Anybody have experience with these? Are there other boxes that qualify? For between $120 and $160 they seem like a good deal.
floppyfw (Score:2)
NetBSD/i386 Firewall Project (Score:2)
SonicWall has ICSA-certified firewalls for $400+ (Score:1)
I concur with just about everyone here that the Linux Router Project (LRP) [linuxrouter.org] is a floppy solution that can run on even a lowly 386 CPU. You should be able to find such a system for $50, and not have to spend the $$$ you mentioned.
Otherwise, if you really don't want to use a PC, I'd grab something like the SonicWall [sonicwall.com] SOHO/10 for around $400. As of last year, SonicWall's products were the only ICSA-certified firewalling products for under $4K. The SOHO/10 is a little 25MHz 68300-powered Coldfire running some RTOS (probably VxWorks). The SOHO/10 allows upto 10 nodes transparent access out, and even provides one-to-one NAT (private-to-public IP mapping) if you want to share out services, which you can filter, of course, by service.
Just FYI, their high-end product, the SonicWall PRO, is powered by a 233MHz SA 110 StrongArm chip and features a myrid of VPN and encryption options built-in, along with a DMZ port. It lists for $2995, not bad for its capabilities. But I figure you're not looking to spend THAT much. ;->>>
-- Bryan "TheBS" Smith
Re:Low cost (non-linux) routers (Score:1)
Linux firewall appliance (Score:1)
Freesco (Score:1)
Linux based
Needs 386 with floppy (or HD) and 6 MB RAM.
Menu driven
Works with NIC/Modem or 2 NICs so you can use DSL, Cable, etc.
Has caching name server
Does DHCP
http://www.linuxsupportline.com/~router/
i'm working on it (Score:1)
when i'm not reading /.
here checkout filanet [filanet.com]. for those of you may need a little encouragement to click on the link, our product will have these nifty features built in:
as for the internals it is uClinux running on a ARM904TMI processor with 32MB RAM/ 8MB flash all in a box that only 1U tall.
I'm using the RT311 (Score:1)
I don't know enough to be able to comment on how secure the default configuration is, but it seems to do most of the things I've seen recommended, and it can be configured to do more if that's what you want. (It does most, but not all, of the routing checks recommended in the SANS article mentioned today on Slashdot.)
It worked fine for me out of the box. I get an IP address from my DSL provider via DHCP, which the RT311 handles just fine. Configuration is pretty straightforward and decently documented, should you need or want to adjust the default config. Configuration can be done either via a serial connection or over the protected network using telnet or a provided Windows program. The Windows program doesn't find my RT311, so I use telnet to configure. That's been the only aspect of using the RT311 that didn't work fine for me.
In answer to another poster, about the number of ports on the box, it has one port for connection to the wide world, and one port for connection to the protected network. It came with the proper cable (null-modem type thing, I forget what you call that in Ethernet cabling terms) for connection to the DSL box. I'm using a hub to share my DSL connection between multiple machines. I forget which way I had to set the switch on the hub before it connected properly to the RT311, but that's easy to figure out from the status lights.
Re:Low cost (non-linux) routers (Score:1)
Re:i'm working on it (Score:2)
WebPal
Goto linux-hacker [kenseglerdesigns.com] and on his BBS you will see a category called WebPal. This is a $69 ARM computer that hooks up to your television. Currently, we're trying to install linux on it. It's very linux-able and I'm sure I'll have it working in another week or two. I plan to use it as a file server, but it has much potential as a router/firewall too.
--
Karma Sink (Score:1)
Hehe - I'm just a giant karma sink. This is just great!!!!!!