creating a DMZ -- seeking firewall advice
ryan at ericksonfamily.com
Tue Mar 8 15:56:36 MST 2005
Lars beat me to it on mentioning Monowall.
What Lars didn't say is that Monowall's configuration is entirely
It can run easily off of a CompactFlash IDE adapter (< $20), and that's
how I have mine setup, using an old 64M CompactFlash that I don't use
for my camera anymore.
If you need a CompactFlash adapter for the project, my brother-in-law
bought a few for a project, and would likely have one or two to sell.
M0n0wall is also based on OpenBSD, which is by default a very secure OS.
On Tue, 2005-03-08 at 15:41, Lars Rasmussen wrote:
> On Tue, 08 Mar 2005 13:25:07 -0700, Gabriel Gunderson <gabe at gundy.org> wrote:
> > Hardware is your big concern here. Just avoid moving parts and heat as
> > much as possible.
> I agree with these points about hardware.
> Try Monowall. You could install it today.
> >From http://m0n0.ch/wall/features.php :
> - NAT/PAT (including 1:1)
> - DHCP client, PPPoE, PPTP
> - IPsec VPN tunnels (IKE; with support for hardware crypto cards and
> mobile clients)
> - PPTP VPN (with RADIUS server support)
> - static routes
> - DHCP server
> - caching DNS forwarder
> - DynDNS client
> - SNMP agent
> - traffic shaper
> - SVG-based traffic grapher
> - firmware upgrade through the web browser
> - configuration backup/restore
> I've used commonly found hardware but Soekris boards can be used too:
More information about the PLUG