On 6/28/2015 11:11 PM, Sorin Srbu wrote: > May I ask why you don't just use a made-for-the-purpose-distro like > Smoothwall to do this? indeed, I use pfSense, running on a APU1D4 [1] router board as my firewall, and a separate home server on a HP Microserver [2]. IMHO, keeping the firewall function completely separate simplifies security. that router board can handle 300 Mbit/sec of NAT firewall rules, since I only have 30Mbit internet, thats plenty of headroom. the Microserver has 4x3 TB SATA drives in a raidZ (ZFS) for 7.5 TiB usable. I can muck about with the server at my leisure, and reboot it, and not affect internet routing to my wife. the firewall doesn't need mucking about with and has uptimes measured in months (time between pfSense upgrades). pfSense provides the DHCP and DNS and NTP services for the LAN. [1] http://store.netgate.com/kit-APU1C4.aspx [2] http://www8.hp.com/h20195/v2/GetPDF.aspx/c04111079.pdf -- john r pierce, recycling bits in santa cruz