[CentOS] Firewall frustration

Tue Jan 1 13:57:22 UTC 2008
Robert Moskowitz <rgm at htt-consult.com>


Mark Weaver wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Mon, 31 Dec 2007 12:21:34 -0500
> Robert Moskowitz <rgm at htt-consult.com> wrote:
>
>   
>> William L. Maltby wrote:
>>     
>>> On Mon, 2007-12-31 at 09:33 -0500, Robert Moskowitz wrote:
>>>   
>>>       
>>>> Peter Farrell wrote:
>>>>     
>>>>         
>>>>> "Problem is I want a REAL router/firewall with little work."
>>>>>
>>>>> Run a smoothwall installtion and replace your CentOS install.
>>>>>
>>>>> http://www.smoothwall.org/
>>>>>   
>>>>>       
>>>>>           
>>>> well first challenge is my unit's USB ethernet dongles. Centos
>>>> uses the RTL 8150 driver for them. Smoothwall only lists the RTL
>>>> 8129, 8139, and 8169...
>>>>     
>>>>         
>>> I've used this at home for years. I don't know if it's suitable,
>>> but it seems *very* flexible. Allows for NAT or not, has typical
>>> zones, reporting, IPTables modification support, ...
>>>
>>>    http://www.ipcop.org/
>>>
>>> Has run/tested successfully on various configurations here. It's
>>> another "ditch your CentOS" solution though. But you can put it on
>>> any old junk laying around and it'ss probably work. Using cable
>>> modem in the boonies, 486DX/66 gives about 450KB/sec, Pentium
>>> 200MHz pci gives <= 700MB/sec - both from decent sites. Tested
>>> using both ISA and PCI bus adapters through both twisted pair and
>>> thin coax.
>>>       
>> As I thought about things this morning, trying to put up smoothwall,
>> I realized that one of my goals is to have a tool to turn a Centos
>> system that I am using for foo, into a firewall for bar for a day.  I
>> have Astaro for my serious firewall needs (see later post), but need 
>> something 'portable'.  You see I have these plans with some small itx 
>> systems....
>>     
>
> have you considered linux that fits on a floppy disk?
>
> http://mypage.uniserve.ca/~thelinuxguy/small_and_floppy_linux/
>
> http://www.linuxlinks.com/Distributions/Floppy/
>
> http://www.dmoz.org/Computers/Software/Operating_Systems/Linux/Distributions/Tiny/Floppy_Sized/
>
> get one running and configured and save to floppy... things go south
> reboot the machine and everything is back. no hard drives to worry
> about...
>   
Have you ever thought about how rare floppy drives are now?  At best you 
go with a bootable usb, if your notebook supports bootable USB.  My 
Libretto does have a bootable floppy, but that is something extra to 
carry.  It will not boot from anything else (besides its HD).  My nc4010 
(this notebook) will boot from usb.  My corp notebook (nc2400) is locked 
down; and I don't see any value at getting corp IT bent out of shape.