Slump
October 23rd, 2006, 11:44 PM
Hi,
About a month ago I decided to complicate my life a little bit. I upgraded a couple of the PC's at my house and from
the leftovers I put together another machine - Athlon XP1800+, 512 RAM, 20gb hdd, 4 NIC's.
I decided to use it to replace my router (and more), so I thought it would be a good idea to go with one of the
Linux-based firewalls such as IPCop, monowall, etc. Even though I did quite a bit of digging and read several reviews
for each one of those, I am still not sure which one to go with. That's why I decided to list my requirements here and
maybe have you guys help me out.
Before I list them, I must say that it's extremely important to me that my internet connection will not be slowed down.
I have a 10mbit cable connection and am currently going through a D-Link router and I usually get 9.3-9.4 mbps stable
speed. I anticipated that this may be a problem so I bought relatively good NIC's (ones with a big, honking Intel chip
that I know are pretty good). I am also planning on using CAT6 cables for the connections from the modem to the
router/firewall box and from the router to my most important machine. If you have used one of those firewalls and have
experienced slowdowns, there is no need to read any further, just tell me now. :)
So this is want I want to do in order of importance:
- Traffic shaping - I need to be able to limit the bandwidth and maximum download/upload speed on every NIC. All the
firewalls list "traffic shaping" as a feature, but they don't really go into details explaining exactly what they mean
by that. IpCop only says that they "Wondershaper package" feature allows you to assign high, medium, and low priorities
to specific web services (ports), which is fantastic, but it's not nearly as important to me as the ability to limit the speed on particular NIC's.
- Configurable proxies - I like to make my browsing as anonymous as possible, so I would like to be able to set up proxies for as many services/ports as possible.
- Reliable and (relatively) easy to configure firewall
- One that requires a minimal number of reboots - I don't want to have to reboot the computer every time a make a
configuration change. Right now every time when I add a DHCP reservation in my router, it has to restart (which doesn't really take that long, but it's very annoying).
- Configurable DMZ - I may be adding a web server soon so this can be useful.
About a month ago I decided to complicate my life a little bit. I upgraded a couple of the PC's at my house and from
the leftovers I put together another machine - Athlon XP1800+, 512 RAM, 20gb hdd, 4 NIC's.
I decided to use it to replace my router (and more), so I thought it would be a good idea to go with one of the
Linux-based firewalls such as IPCop, monowall, etc. Even though I did quite a bit of digging and read several reviews
for each one of those, I am still not sure which one to go with. That's why I decided to list my requirements here and
maybe have you guys help me out.
Before I list them, I must say that it's extremely important to me that my internet connection will not be slowed down.
I have a 10mbit cable connection and am currently going through a D-Link router and I usually get 9.3-9.4 mbps stable
speed. I anticipated that this may be a problem so I bought relatively good NIC's (ones with a big, honking Intel chip
that I know are pretty good). I am also planning on using CAT6 cables for the connections from the modem to the
router/firewall box and from the router to my most important machine. If you have used one of those firewalls and have
experienced slowdowns, there is no need to read any further, just tell me now. :)
So this is want I want to do in order of importance:
- Traffic shaping - I need to be able to limit the bandwidth and maximum download/upload speed on every NIC. All the
firewalls list "traffic shaping" as a feature, but they don't really go into details explaining exactly what they mean
by that. IpCop only says that they "Wondershaper package" feature allows you to assign high, medium, and low priorities
to specific web services (ports), which is fantastic, but it's not nearly as important to me as the ability to limit the speed on particular NIC's.
- Configurable proxies - I like to make my browsing as anonymous as possible, so I would like to be able to set up proxies for as many services/ports as possible.
- Reliable and (relatively) easy to configure firewall
- One that requires a minimal number of reboots - I don't want to have to reboot the computer every time a make a
configuration change. Right now every time when I add a DHCP reservation in my router, it has to restart (which doesn't really take that long, but it's very annoying).
- Configurable DMZ - I may be adding a web server soon so this can be useful.