On Fri, 2006-12-29 at 10:37 -0500, fredex wrote:
On Fri, Dec 29, 2006 at 01:41:54PM +0000, Josh Donovan wrote:
Hi,
I use CentOS as a firewall/proxy/webserver/fileserver in my small network.<snip>... 20 GB, pentium II with only 128 MB RAM.
<snip>
Not directly answering your question, but...
You may wish to investigate one of the small standalone firewall distributions such as Smoothwall, IPCop, or m0n0wall (bsd-based). They will all easily run in 128mb, and are easy to configure. They are all easy to install.
M0n0wall looks intriguing, I may give it a try here someday,... it runs from non-writable media such as a CD and saves config on a floppy. It can be run from a hard drive or a flash memory card of some sort too. The obvious advantage is that if someone cracks the machine they can't do any damage (to it, directly) because it's not writable.
And you really shouldn't be running web- or file-servers on your firewall, the more stuff running on it the more opportunities you present for an evil person/entity to crack it.
I'd suggest using one of the above then put another machine in a DMZ to do web server duty (if it is supposed to be externally visible-- otherwise put it on another machine INSIDE the firewall on the "green" (allegedly safe) network).
I'm running Smoothwall Express 2.0 on my old K6-2/500 machine with 128MB of memory and a 3 or 4 gig drive. It just runs and runs and runs and doesn't come anywhere near using up all the memory. Before that box became available I ran it on things similar to P90 or AMD K5, both around 90-100 Mhz for several years with 64MB of ram and it ran just fine on those machines too.
I second all Fred says. I have IPCop on 200MHz Pentium with 96MB. Runs steady and fast enough (good sites appx. 700K chars/sec. Cable and in the boonies responsible for that).
I have also run it on my wifes discarded Aptiva (486 and 64MB? 32MB?) and my AMD "486 clone", x586 100MHz 36MB. Only difference is speed. Aptiva about 430K chars/sec, AMD about 510K chars/sec.
Like Aleksandr, I'm loaded with old used ceapo machines too (386SX anyone?). If you can get a $20 machain (and one for backup?) you would be making a wise investment, IMO, by having a firewall-dedicated node separate from your "server/ws".
Fred
<snip sig stuff>
HTH -- Bill