Johnny Hughes spake the following on 8/16/2006 1:18 PM: > On Wed, 2006-08-16 at 10:37 -0700, Craig White wrote: >> On Wed, 2006-08-16 at 13:17 -0400, William L. Maltby wrote: >>> On Wed, 2006-08-16 at 12:53 -0400, David Nalley wrote: >>>>> -----Original Message----- >>>>> From: centos-bounces at centos.org on behalf of Craig White >>>>> Sent: Wed 8/16/2006 11:22 AM >>>>> To: CentOS mailing list >>>>> Subject: [CentOS] proxy server - ipcop vs CentOS >>>>> >>>>> I have purchased a used Compaq DL360 which I was going to use as a proxy >>>>> server. Presently, we are using a cheap box with ipcop which is working >>>>> fine but it didn't have much RAM (64MB), etc. >>> IPCop itself doesn't need much. I have it installed on 3 machines, >>> "lowest" is an AMD 5x86 100MHz (equiv to a 486DX?) with 32MB. A DX/2 >>> 66MHz aptiva with 32MB and a 200MHz Pentium with 64MB (I know, so >>> wastful... just for now). The slowest (66MHz) with 3C509 half-duplex ISA >>> NICS gets 477K bytes/sec off my cable modem. The fastest gets me almost >>> 700KB (670, 680, ... depending on source site). >>> >>> But I don't run anything but IPCop on those units. I have no idea what >>> will happen if you start running other services on the firewall. >>> >> ---- >> I like ipcop too - this new box I am going to use has 512MB RAM and at >> least 2 built-in NIC's but I am thinking of a heavy reliance upon squid >> and dansguardian and I am thinking that I will get a much more versatile >> firewall/proxy server using CentOS/squid/dansguardian than by using >> ipcop and using their squid and trying to bring in dansguardian into the >> mix - but I don't know...which is why I asked. >> >> I am using ipcop with a few clients and it works fine - even with lesser >> hardware but then, I am not exactly pushing it - which my previous >> experience with squid is that it functions better with more resources >> (RAM/HD) and toss in dansguardian, I think I have enough hardware to >> run. >> >> Craig >> > > Craig, > > I use IPCOP on all my border routers at my client sites ... with the > openvpn plugin. CentOS can certainly also be a router if you set it up > that way, but I normally use IPCOP. > > I don't think there are many tools that are going to make management as > easy as it is on IPcop ... though, there has not been much website > activity there lately. There is a new patch in beta right now. 1.4.11 I think. I guess a firewall has so little software on it that security updates just seem to be farther apart. Less exposure = less vulnerability. I mentioned Clarkconnect as an alternative to trying to use CentOS since it is based from CentOS 4. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't!!!!