Phil Scarratt wrote:
Hi
I'm after opinions on the following two options in terms of a straight
firewall. Since I have never used OpenWRT devices before I don't have
any idea how they rate against a full pc running as a firewall. The
options are:
1. OpenWRT on a Linksys device
2. Small form factor pc with some sort of solid state memory running linux.
The only caveat is that it (the fw) has to allow for a DMZ, and may have
to run multiple internet (WAN) connections (I am currently
investigating/googling whether an OpentWRT device can do this) in the
future. Otherwise fairly straight forward. This is for a business
environment.
The DMZ might be a problem for the WRT54GL since they only
have three routable interfaces (wireless, "Internet" and
"LAN"). I don't think that the four 100Base-TX ports are
independently routable.
You could certainly work around that -- such as having a
DMZ tunnel.
My testing has the WRT54GL running out of grunt at around
45Mbps of large packet traffic. So I wouldn't use it as
a firewall for anything more than a ADSL link otherwise
denying service is just a matter of sending a lot of
back-to-back small packets.
I'm very impressed by the OpenWRT software -- the packaging
is really well thought out and it is a joy to use. We use
it for a access points, since we want them to run IPv6, which
isn't supported by the manufcturer's firmware.
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
