I need to use a spare PC as a dedi router/firewall and currently I'm in the process of dualbooting OpenBSD which is a bit tricky to use for a noob like me.

I've also tried Linux Live CD Router but that did not work out so well...

Does anyone here have any suggestions for me too which free softwares exist?

TY.

YES! pfSense ftw!

http://pfsense.com/

I use m0n0wall. It's very small, and runs fine on old hardware. i'm running it on a Pentium 1 200Mhz, it manages 44 mbit throughput with 2 Intel network adapters.
If you have a more powerful system, take a look at pfsense. It's basically m0n0wall on steroids, it has a lot more features.

looks sexy!

Thanks a million...

*starts his Friday night drinking excursion*

I try it later/in the morning as the aforementioned two softwares took all my time

Why do you need to use a dedicated PC rather than getting a router?

Dedicated routers have much more CPU power, are more flexible and offer a wider range of features.

The downsides are power draw and the waste of space, as long as you use ancient hardware. High initial cost if you use one of those small boxes they sell for that purpose.

Quote from amp88 :

Why do you need to use a dedicated PC rather than getting a router?

I suppose I don't need it, more of an inquisitive want. TBH I can't make head nor tail of iptables logs and i'm looking for something with which I can manage off site, the plan is to complete my looong contemplated plan of giving free internets away to my local community, I'll be going all out with a custom dish and rig in the attic or multi dish setup , think four dish's back to back with a whole cut out in the center of each one and a reflector at each focal point bach to the card...all because antenna are well... too darn tall

sorry you asked?

Quote from CSU1 :

sorry you asked?

Nope, I was just curious

In the majority of cases a router with a good built in firewall is enough for most home users, but it seems like you understand the decision. Good luck with the project.

To save bandwidth, you can install the Squid package in pfsense, and configure it in transparent proxy cache mode.

http://en.wikipedia.org/wiki/Proxy_server

...maybe I need to use some older hardware, atm I'm trying to setup with the advent 4489 mini notebook, it has a mini pci card which does not seem to be supported(:

Quote :

Connect the WAN interface and make sure the link is up>

No link-up detected

I've tried it with two other USB network adaptors and no joy...

info on PF defense's forum I can not find relating to my problem, seems hardware support/drivers are few and far between...

Meh, seeing as how Ubuntu supports the mini pci card I wonder If I could use guarddog or similar to manage iptables, but this limits me to only a few options for deployment.

How does freeBSD differ to OpenBSD?

Am I pissing against the wind with this notebook?

cheers

Does it actually detect the network adapters?
I've had some issues before with the install wizard, just don't bother and configure them by hand (if it detects the network adapters of course).

Quote from kingfag :

Does it actually detect the network adapters?
I've had some issues before with the install wizard, just don't bother and configure them by hand (if it detects the network adapters of course).

...been on irc this past hour. it detects re xxxxxx but can't "link-up"

my mini_PCI card might not be supported in the stable version , so im testing 1.2.3 atm.

What other options do I have running on a notebook with only mini-pci and USB?

Well to be honest, i would get a normal system with some good brand ethernet adapters. Even a stone age Pentium 3 will be sufficient.

You could give IPcop a try, that one is linux based.

Quote from kingfag :

Well to be honest, i would get a normal system with some good brand ethernet adapters. Even a stone age Pentium 3 will be sufficient.

You could give IPcop a try, that one is linux based.

...ya , it doesn't help when the only boxes I have are notebooks, ten of the bloody things!

Im giving IPcop a whirl

double post; sowwy

Ok, since the only boxes I have are notebooks and supported mainly by windows drivers(Ubuntu has partial support)I may have to go down the Windows Server route...

At this point I'd preferre to stick with Windows as I understand the basic concept of services and am able to use the management console to apply group policys etc(Linux since day one has left me lost at the best of times for lack of such a managment console).

Question is, what free Windows servers are available? if none what Ubuntu/server combo could I use?

IPcop and all the above systems require a clean HDD and I don't have the time and don't see it feesable to start cloning my factory partitions to find out that the software might not support my box in the first place...

So, Ubuntu Server or Windows Server?

FreeBSD 7.0 Hardware Compatibility List

One option could be to run pfsense in vmware.

http://doc.pfsense.org/index.php/VMwareAppliance

Thanks arco, I'd never have thought of that

*starts his Saturday drinking excursion*

I'll be back!

Quote from CSU1 :

Question is, what free Windows servers are available?

You didn't seriously use the words Windows and Free in the same sentence did you??

Seriously though, there are no free versions of Windows OS, that I am aware of anyway, (not that means all that much granted).

From what I can tell, the vast majority of people that want to use old PC hardware as a firewall use one of the many Linux variants, usually one without a GUI AFAIK, as you'd want all your processing power to be going to the firewall app rather than painting a pretty picture on the screen. Sorry, I can't be any more helpful than that though.

Edited to add - found this on the net:

http://www.isaac.cs.berkeley.edu/simple-firewall.html
http://www.linux.com/feature/113828
http://www.networkcomputing.co ... torial/013/013.part2.html

The GUI for pfsense is all web based, so there's no desktop GUI thing running in it.

I do think your NIC should be supported in native mode CSU1, would be odd if it weren't. Do you know what brand/model it is? The message you got that the WAN interface is not up, means it has no connection to the ADSL modem. You have to configure the WAN with your type of Internet connection - PPoE, static or whatever. Typically, a firewall like this needs 2 NIC interfaces, one connected to the WAN, and one connected to your internal network.

Quote from arco :

The GUI for pfsense is all web based, so there's no desktop GUI thing running in it.

I do think your NIC should be supported in native mode CSU1, would be odd if it weren't. Do you know what brand/model it is? The message you got that the WAN interface is not up, means it has no connection to the ADSL modem. You have to configure the WAN with your type of Internet connection - PPoE, static or whatever. Typically, a firewall like this needs 2 NIC interfaces, one connected to the WAN, and one connected to your internal network.

It's a Advent 4489 mini notebook one on-board mini-PCI card, the only reference to the card in Windows is that it's a Realtek card and I can't seem to find specs for it on the web, I'll open the notebook if I must to have a look.

When I try to install PFsense only one adaptor is listed 're xx xx xx xx xx' which I assume is the realtek card...I dunno I'm fed up with it now

I would have thought Windows would be giving away some of the older software for free like Windows Server 2003 or 98' ...

The Toshiba equim has a compact flash slot I could make use of if I picked one of those CF to Eth0 adaptors, maybe this would be the easiest solution with two ethernet ports, plus side to this box is it runs at 3ghz cpu, so it would make a fast server.

If you select 8 in the pfsense menu, and then type dmesg|grep Ethernet - it might give some more info about the card.

Looking around a bit I found that the Advent is a rebadged MSI Wind, which has a Realtek 8101 chip, which again according to the FreeBSD Compatability List is supported.

Oh ho ho, a super star is what you are

I had better not do it tonight as last night I wiped the wrong partition on my backup disk

Guinness+command lines+noob = nono

thanks for your help arco

E-

Strange thong is arco the menue only goes up to seven

Where has 8 gone too. stupid noteook

yep, someone onece said I'm an idiot who trolls and has obvious stuff pointed out me all the time, it's true, I am a bit of a tool.

------------------------------------------------------------------------------------------------------------------------

Arco, by saing choose option eight I assume that you thought I could get past the boot stage, na, I'm no at the point that I have two network interfaces recognised at boot screen but I am now running into a "Network Interface mismatch... it goes something like this:

Enter the optional 1 interface name or 'a' for auto-detection
(or nothing to proceed) I selected nothing

The interfaces will be assigned as follows:

and round and round I go.

I'm doing something wrong? I have two notebooks, the PFsense box has one USB wireless card(recognised as ural0)and one ethernet cable connected to second box(recognised as re0). The second box is connected to the internet via wireless USB card(for the moment) and has internets connection sharing enabled via standard ethernet cable, must I use a parallel cable betwen the two box's?

Edit:

Nevermind all is 100% up and running, again - thank you for your help arco

Happy day's

Tripple post of failure

I just don't understand the mechanics of this, I need help


isp------wireless router(192.168.1.1)------PFsense box(192.168.1.1)------PC(192.168.1.199)









In pic one it sayes 'no carrier' but I can see the access point under Status/Wireless tab, how to I tell PFsense to connect to my wireless AP?

Pic 2. the interfaces tab only lists two interfaces but tin the tutorial @ Pfsense there are 'OPT1' and 'OPT2' interfaces listed, these must be wireless AP's ready for broadcast connected to the PFsense box, yes? in such case this is not my problem???

In Pic's 3 & 4 the firewall is set to allow communication on both interfaces for testing purposes bt still the PC cannot get service...

In pic 5 must I 'bridge' the two interfaces WAN and LAN?

Pic 6 , I think there's something wrong...should I not be on a seperate sub-net to the AP ie. the network for the PFsense box should start at 192.168.2.1 subsequently passing on addresses on the '2' network?...again I just don't understand the mechanics here - please throw me a bone or something because I'm pulling my friggen hair out ! ! !

help?

Hmm, you're pretty much into territory I've not been in, as I've not dealt with wifi on pfsense. At work we have the following setup:

ISP<--->ADSL modem<--->pfSense<--->Switch<--->Workstations

ADSL modem is configured in bridged mode so it only passes traffic through, and is connected to the pfsense box on the WAN assigned NIC. WAN interface in pfsense is configured as a PPPoE connection. The LAN NIC on the pfsense box is connected to the switch box, which all the workstations are hooked up to. The LAN interface in pfsense is configured with the ip address of 10.1.1.1/24. Then the DHCP server in pfsense is configured with the subnet of 10.1.1.0, and a specified range which the workstations will be assigned addresses from.

Remember, the LAN interface is everything behind the firewall, i.e all the clients that's gonna connect to the internet. The WAN interface is everything before the firewall. WAN stands for 'Wide Area Network', and LAN for 'Local Area Network'. So the WAN interface should be connected directly to your ADSL modem if you have. If you only have wifi access to your ISP, you should be able to configure pfsense with the wifi card you have to connect to the ISP, and not go through a second computer for it. But as I said, I've not dealt with that scenario myself, so I'm not sure.