Before the days of the cheap router/firewall from Frys many of us used the Linux Router Project or its fork the LEAF to run our/router firewalls on old 486 hardware.
I suggest that there is no better way to learn Linux, routing and firewalls than to get an old box like this (when you can find them they tend to be free, an old portable will do) and a couple of NICs. Go to the LEAF project website, download and start to play. http://leaf.sourceforge.net/ The only cost for all of this is your time. I had one of these that simply set in the corner and ran for several years. The only time I rebooted it was when we had a power failure. BobLQ On 9/21/07, AndrewMcHorney <[EMAIL PROTECTED]> wrote: > Hello > > I take it that a linux pc could eventually replace the firewall > router which would allow for flexibility of updating firewall > software. Is this correct? I spent some time at Frys looking at the > boxes to see how things are done. > > Thanks, > Andrew > > > At 14:24 2007-09-08, you wrote: > >Carl Lowenstein wrote: > >>On 9/8/07, Neil Schneider <[EMAIL PROTECTED]> wrote: > >>>[EMAIL PROTECTED] wrote: > >>>>Hello > >>>> > >>>>I would like to build a small home network. I have 2 computers to > >>>>start. One > >>>>of them will be a linux box eventually to server as the firewall. > >>>>There will > >>>>be several computers include one running windows (kids) and mine > >>>>which will be > >>>>converted to a multiple os system including linux. I have a cable > >>>>modem. What > >>>>is the best way (router or hub) to connect the computers? What would I put > >>>>between the cable box and firewall workstation and between the firewall > >>>>and > >>>>the other computers? > >>>A typical setup used a dual homed host (two ethernet cards) connected to > >>>the > >>>cable modem. This would be the firewall. The other interface is > >>>connected to a > >>>hub/switch and then all the other computers are connected to the same > >>>hub/swith. The firewall might also run dhcp to hand out IP addresses to the > >>>other computers as they are connected to the network. > >>Depending on whether you want this network to use immediately, or want > >>to become more educated about how firewalls and routers work, you > >>might consider buying a pre-made router/firewall box. Small, > >>low-power, and works right away. > >> carl > > > >Your question suggests you're new to LAN's, have only a couple of > >computers, and right now just want to get them networked. So based > >on that I agree with Carl as far as going with appliance network gear. > > > >As Neil said, the simplest typical home LAN consists of > > > >[Internet]<-->[Cable/DSL Modem] > > ^ > > | +-->[Computer 1] > > +-->[Firewall-Router]<--| ... > > +-->[Computer n] > > > >In this case you probably want at least a 5-port router, or an > >8-port if you plan on adding other things in the near future, such > >as a Wifi Access Point, printer, switches, DVR, or course other computers. > > > > > >You get a bit more flexibility and future expandability with > > > >[Internet]<-->[Cable/DSL Modem] > > ^ > > | > > +-->[Firewall-Router]<-->[Wifi AP] > > ^ > > | +-->[Computer 1] > > +-->[Switch]<--| ... > > +-->[Computer n] > > > > > >Don't underestimate the number of Ethernet ports you'll need. Keep > >in mind that for an N-port device, you can only use N-1 ports for > >node devices because you'll always have at least one port used on > >your LAN's "Backbone". If you anticipate using Wifi, you might want > >to use an appliance Firewall-Router-Access Point instead of the > >Ethernet-only router. > > > >The second layout above is similar to what I use at home: > > > >I have an 8-port 10/100 router (Tweety) to which is connected the > >Cable Modem, a Wifi Access Point (William), and an 8-port Gigabit switch. > > > >To the 8-port switch are connected a dedicated File Server (Seven), > >two 5-port Gigabit switches, and a CAT-6 cable for my wife's DynaVox Vmax. > > > >The two 5-port Gib switches are each in other rooms of the house. > >One switch serves my workstation (Proteus) and game/test box > >(Josef), plus our here-again-gone-again laptop (Lydia). If I'm > >working on a client's computer it goes onto that switch. > > > >The other switch serves my wife's desktop box (Ma-ah), her DynaVox > >Vmax, the Infrant X6 backup server (Eight), and a Printer Server (PS1). > > > >All computers in the house are now using Gigabit connections. The > >router is 10/100 because it's only talking to the outside world > >through the cable modem (or the AP on which a Gib connection is also > >a waste). Naturally, all Gib stuff is connected by CAT-6 cables. The > >rest CAT-5. > > > >***** > >There are several Good Enough firewall/router appliances available > >at various prices, depending on features and number of ports. They > >are all easy to set up with onboard Weblets. Make sure whatever you > >get uses SPI (Stateful Packet Inspection) which I think they all do now. > > > >I'm using a Netgear FVS318v3 because it has VPN (Virtual Private > >Network) capability. My sister, a brother, and father-in-law all use > >the same routers at their homes, and so I can do maintenance on > >their networks and boxes via SSH over the encrypted VPN's from my house. > > > >I tend to use either Netgear or Linksys for no particular reason. I > >used to have a P90 running LRP (Linux Router Project) for my > >firewall and may someday go back to something similar (albeit > >quieter and lower power). > > > >Switches are cheap. Even Gigabit switches are not too expensive now. > >But good Gib Ethernet cards are. I found a deal on some new Intel > >cards recently so I lucked out. Not all the Gib switches support > >Jumbo Frames, if you care (the new Netgear ProSafe 5- and 8-port switches > >do). > > > >Like Neil said, if you really want to get your hands dirty, learn > >something, and loose hair in the process, you can build your own > >firewall using existing Linux- or BSD-based software distributions > >such as Shorewall or Monowall. I think most of these are basically > >LiveCD systems requiring only a low-end CPU, a CD/DVD reader and a > >couple of NIC's. No hard drives required. > > > >Unless you spend a fair piece of change for a good enclosure, these > >tend to be noisier and more power hungry than the consumer appliance > >boxes. However, you'll have much more flexibility and control than > >with the appliances. My experience is that I don't really need that > >much capability right now, and don't see that most home users do either. > > > >Hopefully this isn't too much info. I think you'll have a lot of fun > >setting up your new LAN. I did. > > > >-- > > Best Regards, > > ~DJA. > > > > > >-- > >[email protected] > >http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list > > > > > >-- > >No virus found in this incoming message. > >Checked by AVG Free Edition. Version: 7.5.485 / Virus Database: > >269.13.10/995 - Release Date: 9/8/2007 1:24 PM > > > -- > [email protected] > http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list > -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
