Personal computing discussed

deedude's ghetto router project... wich distro to use?

Moderators: renee, SecretSquirrel, notfred

Post Reply
 
deedude
Gerbil First Class
Topic Author
Posts: 145
Joined: Mon Apr 01, 2002 7:00 pm
Location: l33tVille
Contact:
Contact deedude

deedude's ghetto router project... wich distro to use?

Thu Dec 12, 2002 11:23 pm

hey TR...

i was wondering wich distro of linux to use for my "ghetto router project" or rather taking an old POS box, linuxing it and putting a pair of NICs in it and using it as a NAT/Firewall box. i've found two distros that seem good for me and i'm not sure wich.

freesco
http://www.freesco.org
bootable straight off the floppy, minimal interface, telnet/ssh, web interface, requires a FAT partition somewhere

Smoothwall
http://www.smoothwall.org
Installation required, boots from the HD, more "polished" look, web interface, don't know about SSH, updated kernel.

my main two requirements is 1) it works and 2) no proxy or easily disableable 3) telnet acess on the private network 4) some sort of VPN endpoint or passthrough and 5) Samba compatability.

any thoughts and oppinion from you linux gurus out there?
thanks
Top
 
SecretSquirrel
Minister of Gerbil Affairs
Posts: 2726
Joined: Tue Jan 01, 2002 7:00 pm
Location: North DFW suburb...
Contact:
Contact SecretSquirrel

Fri Dec 13, 2002 12:23 am

I don't know about SmoothWall, but I did look into freesco. To give you an idea I where I started, I already had a router running a stripped down Debian install from an 80MB flash disk. I was running a 2.4.x kernel with iptables configured for my network. I run my own mail server, DNS, web server, etc.

I pretty much decided that freesco wasn't worth the time for me to set up and configure. Namely it was going to be too big a pain to update the kernel and drivers. If it works out of the box for what you need, then I'd have no problem recommending it.

I went browsing around the SmoothWall web site and it looks interesting. I may shove it on my router of the holidays to see how it works. If I do, I'll let you know what I think.

-SS
Top
 
Buub
Maximum Gerbil
Posts: 4969
Joined: Sat Nov 09, 2002 11:59 pm
Location: Seattle, WA
Contact:
Contact Buub

Fri Dec 13, 2002 12:34 am

FreeBSD. :-)
Top
 
mattsteg
Gerbil God
Posts: 15782
Joined: Thu Dec 27, 2001 7:00 pm
Location: Applauding the new/old variable width forums
Contact:
Contact mattsteg

Fri Dec 13, 2002 12:42 am

FreeBSD. :-)
...
Top
 
Despite
Gerbil XP
Posts: 496
Joined: Thu Dec 27, 2001 7:00 pm
Location: Oklahoma
Contact:
Contact Despite

Fri Dec 13, 2002 8:20 am

OpenBSD
check it out at:
http://www.openbsd.org
you'll be glad you did
Top
 
Steel
Global Moderator
Posts: 2330
Joined: Wed Dec 26, 2001 7:00 pm

Re: deedude's ghetto router project... wich distro to use?

Fri Dec 13, 2002 10:09 am

I'm using IP Cop, which is a fork of SmoothWall, for my internet gateway. It works well enough for my needs.

deedude wrote:
my main two requirements is 1) it works and 2) no proxy or easily disableable 3) telnet acess on the private network 4) some sort of VPN endpoint or passthrough and 5) Samba compatability.


1) Well, it works, the real question is will it work for what you want to do.
2) It uses Squid for a proxy and it can do transparent proxying, but it's disabled by default.
3) It doesn't have telnet enabled at all for security reasons but it does have SSH enabled on the local network and you can use the web interface to gain shell access to the box through a Java SSH client.
4) It uses FreeS/WAN for VPN. I'm not sure if it can pass through third party VPN traffic though.
5) It doesn't have Samba on it but I'm not sure why it would need it.
6) That was five requirements... ;)

You could always modify it after installation if you need it do do something beyond what it comes with.
Top
 
Forge
Lord High Gerbil
Posts: 8253
Joined: Wed Dec 26, 2001 7:00 pm
Location: Gone

Fri Dec 13, 2002 10:54 am

How strong are your *nix skills?

The distro you build/config will almost always be more tailored to your needs than the out of the box one, but sometimes it's nice to have it Just Work.

I personally have a bit of a 'thick' router running Gentoo that does all my web/proxy/ftp/SMB/DNS work, as well as NAT.



SecretSquirrel - If you find yourself with a spare flash disk and/or a big chunk of disposable time, you might want to check out Gentoo. It's got a few things Debian doesn't, and it's in a stripped down condition by default. I did a small disk space scenario test build, and I found things work just great if you symlink /var/tmp (used heavily during compilation) and /usr/portage/distfiles (downloaded package storage) to a network share, or a disk attached to the box for the purpose of upgrading packages on.

It does require a lot more disk space during the actual upgrade process than Debian does, however you can also do the work on another machine and send over pre-compiled packages.
Top
 
ANApex
Gerbil XP
Posts: 447
Joined: Thu Dec 27, 2001 7:00 pm
Location: PA
Contact:
Contact ANApex

Fri Dec 13, 2002 1:22 pm

I'd recommend Astaro, along the sames lines as Smoothwall but has more options in my opinion. My Astaro is a somewhat plump router also, it's currently doing web proxy/content filtering/DNS forwarding/NTP services/NAT. It can do more I just haven't done anything else with it yet.
Last edited by ANApex on Fri Dec 13, 2002 1:42 pm, edited 1 time in total.
Top
 
mattsteg
Gerbil God
Posts: 15782
Joined: Thu Dec 27, 2001 7:00 pm
Location: Applauding the new/old variable width forums
Contact:
Contact mattsteg

Fri Dec 13, 2002 1:40 pm

As mentioned by Steel, having telnet enabled is less than optimum, although it's probably OK for a private internal network. SSH is a far better option. If you feel comfortable using *nix using something like FreeBSD/OpenBSD/Gentoo is really the way to go. You get to know exactly what's loaded on your machine and control what happens far more easily than any pre-packaged firewall distro lets you do. All three use a ports-style package system which is truly first-rate. Personally I use FreeBSD, hence my suggestion. Total control over your firewall/router is really a great thing to have.
...
Top
 
deedude
Gerbil First Class
Topic Author
Posts: 145
Joined: Mon Apr 01, 2002 7:00 pm
Location: l33tVille
Contact:
Contact deedude

Sat Dec 14, 2002 4:04 pm

eh, my *nix skills aren't that great. the most i've gotten is a Mandrake 7 box running on a compaq (wich later had to be nuked for space). i know enough to install, compile a kernel and install packages, but at this point i can't do much more (hense why i want to do this, to learn about networking and linux =P) so i want a distro thats lightweight, just works and i can reconfigure later. BSD sounds good, but i don't even know the first thing about it (maybe at a later time). SAMBA is needed for windows networking compatability and to act as a WINS server. and when i ment telnet i ment 'remote shelling' or SSH in the local network.
Top
 
henry44
Gerbil Elite
Posts: 724
Joined: Fri May 31, 2002 9:07 pm
Location: Like you care.......

Sat Dec 14, 2002 5:25 pm

The easiest distro by a HUGE margin for what you want is e-smith (mitel). It comes with everything you want and not much of what you don't. I've been through about 15 different distros and am using e-smith for mail, web, file, samba, ssh, nat and firewall. It can be downloaded as an ISO and set up in about 15 min.s It supports dial-up, PPPoE, and static connections.

Lots of discussion board support and plenty of documentation for your enjoyment.

No need to roll your own when there is this kind of solution out there.
Top
 
tarball
Gerbil
Posts: 70
Joined: Tue Jan 01, 2002 7:00 pm
Location: göteborg, sweden
Contact:
Contact tarball

Sun Dec 15, 2002 1:35 pm

OpenBSD , pf just rocks, but then youll have to put some effort in learning it..
Top
Post Reply

Who is online

Users browsing this forum: No registered users and 14 guests
GZIP: On