I have purchased a used Compaq DL360 which I was going to use as a proxy server. Presently, we are using a cheap box with ipcop which is working fine but it didn't have much RAM (64MB), etc.
This new box we will want to run squid and perhaps dansguardian for filtering (this is a non-profit company) and I'm wondering if I should just put ipcop on it or would it be smarter/better to install CentOS 4, squid and I see Dag has dansguardian package which suggests that I might get more and better options from this.
Anyone have opinions on ipcop vs. CentOS
Craig
-----Original Message----- From: centos-bounces@centos.org on behalf of Craig White Sent: Wed 8/16/2006 11:22 AM To: CentOS mailing list Subject: [CentOS] proxy server - ipcop vs CentOS
I have purchased a used Compaq DL360 which I was going to use as a proxy server. Presently, we are using a cheap box with ipcop which is working fine but it didn't have much RAM (64MB), etc.
This new box we will want to run squid and perhaps dansguardian for filtering (this is a non-profit company) and I'm wondering if I should just put ipcop on it or would it be smarter/better to install CentOS 4, squid and I see Dag has dansguardian package which suggests that I might get more and better options from this.
Anyone have opinions on ipcop vs. CentOS
Craig
Craig,
For that particular application I would probably stick with ipcop. There are add on packages for dans guardian. IPCop is a pretty stripped down distro, and should run fine on 64M.
David Nalley
David Nalley wrote:
-----Original Message----- From: centos-bounces@centos.org on behalf of Craig White Sent: Wed 8/16/2006 11:22 AM To: CentOS mailing list Subject: [CentOS] proxy server - ipcop vs CentOS
I have purchased a used Compaq DL360 which I was going to use as a proxy server. Presently, we are using a cheap box with ipcop which is working fine but it didn't have much RAM (64MB), etc.
This new box we will want to run squid and perhaps dansguardian for filtering (this is a non-profit company) and I'm wondering if I should just put ipcop on it or would it be smarter/better to install CentOS 4, squid and I see Dag has dansguardian package which suggests that I might get more and better options from this.
Anyone have opinions on ipcop vs. CentOS
Craig
Craig,
For that particular application I would probably stick with ipcop. There are add on packages for dans guardian. IPCop is a pretty stripped down distro, and should run fine on 64M.
David Nalley
-----Original Message----- From: centos-bounces@centos.org on behalf of Craig White Sent: Wed 8/16/2006 11:22 AM To: CentOS mailing list Subject: [CentOS] proxy server - ipcop vs CentOS
I have purchased a used Compaq DL360 which I was going to use as a proxy server. Presently, we are using a cheap box with ipcop which is working fine but it didn't have much RAM (64MB), etc.
This new box we will want to run squid and perhaps dansguardian for filtering (this is a non-profit company) and I'm wondering if I should just put ipcop on it or would it be smarter/better to install CentOS 4, squid and I see Dag has dansguardian package which suggests that I might get more and better options from this.
Anyone have opinions on ipcop vs. CentOS
Craig
Craig,
For that particular application I would probably stick with ipcop. There are add on packages for dans guardian. IPCop is a pretty stripped down distro, and should run fine on 64M.
David Nalley
I beleive (If I am reading correctly) - it was his old box that had the 64mb ram.
On Wed, 2006-08-16 at 12:53 -0400, David Nalley wrote:
-----Original Message----- From: centos-bounces@centos.org on behalf of Craig White Sent: Wed 8/16/2006 11:22 AM To: CentOS mailing list Subject: [CentOS] proxy server - ipcop vs CentOS
I have purchased a used Compaq DL360 which I was going to use as a proxy server. Presently, we are using a cheap box with ipcop which is working fine but it didn't have much RAM (64MB), etc.
IPCop itself doesn't need much. I have it installed on 3 machines, "lowest" is an AMD 5x86 100MHz (equiv to a 486DX?) with 32MB. A DX/2 66MHz aptiva with 32MB and a 200MHz Pentium with 64MB (I know, so wastful... just for now). The slowest (66MHz) with 3C509 half-duplex ISA NICS gets 477K bytes/sec off my cable modem. The fastest gets me almost 700KB (670, 680, ... depending on source site).
But I don't run anything but IPCop on those units. I have no idea what will happen if you start running other services on the firewall.
This new box we will want to run squid and perhaps dansguardian for filtering (this is a non-profit company) and I'm wondering if I should just put ipcop on it or would it be smarter/better to install CentOS 4, squid and I see Dag has dansguardian package which suggests that I might get more and better options from this.
Anyone have opinions on ipcop vs. CentOS
I like IPCop a lot. It's stable, supports several different configurations and is priced right and runs on about anything.
Craig
<snip>
On Wed, 2006-08-16 at 13:17 -0400, William L. Maltby wrote:
On Wed, 2006-08-16 at 12:53 -0400, David Nalley wrote:
-----Original Message----- From: centos-bounces@centos.org on behalf of Craig White Sent: Wed 8/16/2006 11:22 AM To: CentOS mailing list Subject: [CentOS] proxy server - ipcop vs CentOS
I have purchased a used Compaq DL360 which I was going to use as a proxy server. Presently, we are using a cheap box with ipcop which is working fine but it didn't have much RAM (64MB), etc.
IPCop itself doesn't need much. I have it installed on 3 machines, "lowest" is an AMD 5x86 100MHz (equiv to a 486DX?) with 32MB. A DX/2 66MHz aptiva with 32MB and a 200MHz Pentium with 64MB (I know, so wastful... just for now). The slowest (66MHz) with 3C509 half-duplex ISA NICS gets 477K bytes/sec off my cable modem. The fastest gets me almost 700KB (670, 680, ... depending on source site).
But I don't run anything but IPCop on those units. I have no idea what will happen if you start running other services on the firewall.
---- I like ipcop too - this new box I am going to use has 512MB RAM and at least 2 built-in NIC's but I am thinking of a heavy reliance upon squid and dansguardian and I am thinking that I will get a much more versatile firewall/proxy server using CentOS/squid/dansguardian than by using ipcop and using their squid and trying to bring in dansguardian into the mix - but I don't know...which is why I asked.
I am using ipcop with a few clients and it works fine - even with lesser hardware but then, I am not exactly pushing it - which my previous experience with squid is that it functions better with more resources (RAM/HD) and toss in dansguardian, I think I have enough hardware to run.
Craig
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Craig White Sent: Wednesday, August 16, 2006 12:38 PM To: CentOS mailing list Subject: RE: [CentOS] proxy server - ipcop vs CentOS
On Wed, 2006-08-16 at 13:17 -0400, William L. Maltby wrote:
On Wed, 2006-08-16 at 12:53 -0400, David Nalley wrote:
-----Original Message----- From: centos-bounces@centos.org on behalf of Craig White Sent: Wed 8/16/2006 11:22 AM To: CentOS mailing list Subject: [CentOS] proxy server - ipcop vs CentOS
I have purchased a used Compaq DL360 which I was going to use as a
proxy
server. Presently, we are using a cheap box with ipcop which is
working
fine but it didn't have much RAM (64MB), etc.
IPCop itself doesn't need much. I have it installed on 3 machines, "lowest" is an AMD 5x86 100MHz (equiv to a 486DX?) with 32MB. A DX/2 66MHz aptiva with 32MB and a 200MHz Pentium with 64MB (I know, so wastful... just for now). The slowest (66MHz) with 3C509 half-duplex
ISA
NICS gets 477K bytes/sec off my cable modem. The fastest gets me
almost
700KB (670, 680, ... depending on source site).
But I don't run anything but IPCop on those units. I have no idea what will happen if you start running other services on the firewall.
---- I like ipcop too - this new box I am going to use has 512MB RAM and at least 2 built-in NIC's but I am thinking of a heavy reliance upon squid and dansguardian and I am thinking that I will get a much more versatile firewall/proxy server using CentOS/squid/dansguardian than by using ipcop and using their squid and trying to bring in dansguardian into the mix - but I don't know...which is why I asked.
I am using ipcop with a few clients and it works fine - even with lesser hardware but then, I am not exactly pushing it - which my previous experience with squid is that it functions better with more resources (RAM/HD) and toss in dansguardian, I think I have enough hardware to run.
Craig
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
I've used both for their respective purposes fairly extensively, and I can say that I've always been glad that my DansGuardian/Squid boxes are on a full distro. I am aware that IpCop has some plugins available for DG, but they are generally not supported by the DG team at all.
The full distro method does require a little more setup time, especially if you are using transparent proxy; however, the ability to *fully* configure it [and get support from the list if you need it] is well worth the extra time it takes to harden the box from outside influences. I will say though that depending on the number of users that you have, DG can be quite memory hungry if you have weighted phrases turned on... 512MB may be a bit slim for >100 concurrent users.
Hope this helps,
Toby
On Wed, 2006-08-16 at 10:37 -0700, Craig White wrote:
On Wed, 2006-08-16 at 13:17 -0400, William L. Maltby wrote:
On Wed, 2006-08-16 at 12:53 -0400, David Nalley wrote:
-----Original Message----- From: centos-bounces@centos.org on behalf of Craig White Sent: Wed 8/16/2006 11:22 AM To: CentOS mailing list Subject: [CentOS] proxy server - ipcop vs CentOS
I have purchased a used Compaq DL360 which I was going to use as a proxy server. Presently, we are using a cheap box with ipcop which is working fine but it didn't have much RAM (64MB), etc.
IPCop itself doesn't need much. I have it installed on 3 machines, "lowest" is an AMD 5x86 100MHz (equiv to a 486DX?) with 32MB. A DX/2 66MHz aptiva with 32MB and a 200MHz Pentium with 64MB (I know, so wastful... just for now). The slowest (66MHz) with 3C509 half-duplex ISA NICS gets 477K bytes/sec off my cable modem. The fastest gets me almost 700KB (670, 680, ... depending on source site).
But I don't run anything but IPCop on those units. I have no idea what will happen if you start running other services on the firewall.
I like ipcop too - this new box I am going to use has 512MB RAM and at least 2 built-in NIC's but I am thinking of a heavy reliance upon squid and dansguardian and I am thinking that I will get a much more versatile firewall/proxy server using CentOS/squid/dansguardian than by using ipcop and using their squid and trying to bring in dansguardian into the mix - but I don't know...which is why I asked.
I am using ipcop with a few clients and it works fine - even with lesser hardware but then, I am not exactly pushing it - which my previous experience with squid is that it functions better with more resources (RAM/HD) and toss in dansguardian, I think I have enough hardware to run.
Craig
Craig,
I use IPCOP on all my border routers at my client sites ... with the openvpn plugin. CentOS can certainly also be a router if you set it up that way, but I normally use IPCOP.
I don't think there are many tools that are going to make management as easy as it is on IPcop ... though, there has not been much website activity there lately.
Thanks, Johnny Hughes
Johnny Hughes spake the following on 8/16/2006 1:18 PM:
On Wed, 2006-08-16 at 10:37 -0700, Craig White wrote:
On Wed, 2006-08-16 at 13:17 -0400, William L. Maltby wrote:
On Wed, 2006-08-16 at 12:53 -0400, David Nalley wrote:
-----Original Message----- From: centos-bounces@centos.org on behalf of Craig White Sent: Wed 8/16/2006 11:22 AM To: CentOS mailing list Subject: [CentOS] proxy server - ipcop vs CentOS
I have purchased a used Compaq DL360 which I was going to use as a proxy server. Presently, we are using a cheap box with ipcop which is working fine but it didn't have much RAM (64MB), etc.
IPCop itself doesn't need much. I have it installed on 3 machines, "lowest" is an AMD 5x86 100MHz (equiv to a 486DX?) with 32MB. A DX/2 66MHz aptiva with 32MB and a 200MHz Pentium with 64MB (I know, so wastful... just for now). The slowest (66MHz) with 3C509 half-duplex ISA NICS gets 477K bytes/sec off my cable modem. The fastest gets me almost 700KB (670, 680, ... depending on source site).
But I don't run anything but IPCop on those units. I have no idea what will happen if you start running other services on the firewall.
I like ipcop too - this new box I am going to use has 512MB RAM and at least 2 built-in NIC's but I am thinking of a heavy reliance upon squid and dansguardian and I am thinking that I will get a much more versatile firewall/proxy server using CentOS/squid/dansguardian than by using ipcop and using their squid and trying to bring in dansguardian into the mix - but I don't know...which is why I asked.
I am using ipcop with a few clients and it works fine - even with lesser hardware but then, I am not exactly pushing it - which my previous experience with squid is that it functions better with more resources (RAM/HD) and toss in dansguardian, I think I have enough hardware to run.
Craig
Craig,
I use IPCOP on all my border routers at my client sites ... with the openvpn plugin. CentOS can certainly also be a router if you set it up that way, but I normally use IPCOP.
I don't think there are many tools that are going to make management as easy as it is on IPcop ... though, there has not been much website activity there lately.
There is a new patch in beta right now. 1.4.11 I think. I guess a firewall has so little software on it that security updates just seem to be farther apart. Less exposure = less vulnerability. I mentioned Clarkconnect as an alternative to trying to use CentOS since it is based from CentOS 4.
I use IPCOP on all my border routers at my client sites ... with the openvpn plugin. CentOS can certainly also be a router if you set it up that way, but I normally use IPCOP.
I don't think there are many tools that are going to make management as easy as it is on IPcop ... though, there has not been much website activity there lately.
There is a new patch in beta right now. 1.4.11 I think. I guess a firewall has so little software on it that security updates just seem to be farther apart. Less exposure = less vulnerability. I mentioned Clarkconnect as an alternative to trying to use CentOS since it is based from CentOS 4.
personally i really like www.smoothwall.org as its super easy to setup and performs well. Its also a really active project.
On Thursday 17 August 2006 04:28, Tom Brown wrote:
personally i really like www.smoothwall.org as its super easy to setup and performs well. Its also a really active project.
If commercial is an option, smoothwall's commercial version works very very well. I'm using it at a few places; no, it's not inexpensive. But the support has been stellar, and I can't really complain, even at the price.
If anything, this should be read as a ringing endorsement for the smoothwall technology, which does find its way into the open source SmoothwallExpress version. SmoothwallExpress is to Smoothwall Corporate Firewall as Fedora is to Redhat Enterprise Linux.
Craig White spake the following on 8/16/2006 8:22 AM:
I have purchased a used Compaq DL360 which I was going to use as a proxy server. Presently, we are using a cheap box with ipcop which is working fine but it didn't have much RAM (64MB), etc.
This new box we will want to run squid and perhaps dansguardian for filtering (this is a non-profit company) and I'm wondering if I should just put ipcop on it or would it be smarter/better to install CentOS 4, squid and I see Dag has dansguardian package which suggests that I might get more and better options from this.
Anyone have opinions on ipcop vs. CentOS
Craig
You could try Clarkconnect. It is based on Centos-4, and works as well as ipcop with the better hardware, and it already has dansguardian, snort, and a banner ad filter. It is also rpm-based in case you want to add something. They have a free version with no restrictions, but you do have to register to get updates. I use it at home, and it is aces. I also use IPcop at work to filter 4 sites and tunnel them together, so I have experience with both. So if the Dl360 has at least 256 MB of ram, and a few gigs of hard drive, it should do well. I am running Clarkconnect on an old 1100 athlon that my kids said was too slow for their Windows games.
-
Bbt Lists -
Craig White -
David Nalley -
Johnny Hughes -
Lamar Owen -
Scott Silva -
Toby Schaefer -
Tom Brown -
William L. Maltby