What's new

Building a router/firewall

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

vnangia

Senior Member
I had asked around earlier about a pretty specific type of router (dual WAN, gigabit switching, etc) and based on what transpired there, basically decided it was time to build my own.

There are a number of popular bits of software to run - pfSense (and parent m0n0wall), LEAF Project, even Ubuntu Server, but does anyone have any experience with any of these and a recommendation? One thing to note is that I would ideally like support for 3G USB modems to be a failover - like those that drivers that are coming in pfSense 1.3. Does anyone have any other suggestions for a device that can serve as a router or firewall?

Many thanks in advance.
 
I've played with a lot of *nix distros....
it depends on what you "need" for features.

For my small business clients, I like the "UTM" distros, Unified Threat Management..they do antivirus scanning of traffic, spam removal, etc. Often a bit overkill for home users. Untangle is a big player out there...very contemporary distro, lots of features, requires high horsepower though. Endian is another one I've used, quite polished, stable, little support community though. And then there's one that Endian is based on...IPCop with the Copfilter add-on. I've used all of these at various clients, for the past year it's been Untangle for most of them.

For home use...look at what features you want. For me...I like my online gaming to be smooth, not "impacted" much by whatever other users are doing online. So I run PFSense...due to its superior traffic shaping/qos features. It also doesn't need a lot of horsepower, so I have it running on an old IBM Thinkpad T23 laptop. Just a midrange Pentium 3, 256 megs of RAM. What's nice about running it on a laptop..small footprint, not much noise or electrical juice consumed, and a built in battery backup. With 4 computers going full bore pounding the 'net with <whatever>...I've never had the PFSense box get up above 30% CPU utilization.
 
Last edited:
I personally like pfSense for it's superior feature set, small foot-print, and good ease of use. You can throw it in pretty much anything and it runs. Monowall is similar, but more geared towards towards small imbedded hardware. I hear Untangle is good, but more geared as a business/UTM offering.

I've never been a fan of DDWRT and Tomato offerings simply because I've had mixed success getting them running in a stable manner, and I'm not overly fond of the reliability of recent WRT54 revisions/units.
 
This is essentially a small x86 computer that I'm working with (specifically, this motherboard and processor, PSU and case), so Tomato, OpenWRT and DDWRT aren't on the radar. The device closest to what I'm looking to build is the ZyXEL ZyWall 2WG, but (a) the price is high; (b) the performance lacking and feature set restricted to 10 users; and, (c) I want to learn to build something like this.

I'd never even heard of Untangle until right now, but looking through its feature set, I like what I see. Unfortunately, I can't search for the term 3G (too short, I'm guessing) in the forums, so I can't even begin to look for compatibility with a 3G USB connection to act as a failover. If anyone knows the answer to that question (YeOldeStoneCat, I see you're a regular over at the Untangle forums...), then I'd be happy to try it out, though it means buying a new processor for the board.

pfSense 1.3 is expected to have much better support for 3G cards of all kinds, though limited support is already baked into the 1.2 series; plus, I have had an excellent experience with stability and hardware detection with things like FreeBSD and FreeNAS. I was planning to try that out first when my power supply arrives.
 
That should be a nice little setup, PFSense should rip along nicely on that. Realtec nics, while not always loved in the Windows world, tend to have great support from the *nix distros.

Bad news. I get a "BTX halted" message right at startup. Supposedly, it's related to hard disk issues or using USB optical drives. If it's a hard disk issue (I'm currently using a CF card), then it can be rectified. If it's an optical drive issue... well, I'm screwed, because I have no other way of loading stuff on there. Oh well.

I have to say, it's quite a capable little machine, though the fans are a little on the noisy side of things. Will have to either disconnect one or both in order to get a quieter machine.
 
What's the cd-rom you're using? Any chance of digging up an old slow IDE cd-rom and hooking it up just for the install?

It's an external Sony DVD drive... what it is, I'm not sure. As far as old IDE CDroms... I suppose I can go buy one, but one of the problem with the Pico PSUs is that they don't really have enough power to drive the big desktop optical drives, especially my small <90W one. So it's got to be an external... anyway, I'll try DD'ing the embedded image onto the IDE card. Problem is, I may not be able to get the backup connection via 3G working if that happens. Let's see what happens this weekend. Maybe I'll write up something on building your own router if it all works out.
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top