| sean finney on Tue, 22 Apr 2003 22:45:18 -0400 |
|
On Tue, Apr 22, 2003 at 05:44:44PM -0400, Chris Hedemark wrote: > Having dealt with both Linux and OpenBSD, I would go with OpenBSD for > firewalls every time. I've built a number of them out of old first gen > Pentium machines. Certainly it would be good enough for a network that > small. Make sure you have 32MB of RAM or more and ~1GB HDD or more > (though honestly you can get away with a lot less drive space). i second this, though I prefer NetBSD--ain't ever let me down. my apartment's connection is split/firewalled by a nice little pentium I 90mhz machine with 12 mb of memory running NetBSD. In its glory days it also ran an http server, name server, email server, and ntp server for the apartment--though those duties are now outsourced to other machines behind the firewall with more cycles these days. over the summer i had to replace a flaky realtek NIC, which barring power outages is really the only time that i can remember needing to reboot it. but all this "yes, it'll even run on this crappy machine" aside, i think the real reason why one of the BSD's is the good choice here is the ipf and ipnat duo. the configuration files for these are really straightforward, almost prose like really, and give you lots of control. just make sure you have console access when you start messing with the filter rules :) sean Attachment:
pgp2YAu1LN3zr.pgp
|
|