[ale] Diskless linux firewall?
Thomas Stromberg
lists at stromberg.org
Mon Jan 2 21:50:34 EST 2006
On 2 jan 2006, at 12.07, Chris Woodfield wrote:
> Hi all,
>
> Something I've been considering doing with my home system is figuring
> out a way to run my iptables firewall box without a hard drive.
> Currently it's a typical linux system running a minimal config -
> iptables rules, dhcpd, sshd, and ksysguardd for remote health
> monitoring.
While it's not Linux (it's FreeBSD), I highly recommend trying out
m0n0BSD (http://www.m0n0.ch/bsd/) . It's designed to be a diskless
firewall/wireless access point, with all configuration done through a
very slick web interface. Interestingly enough, since a PHP interface
is used as the management interface, they've decided to make most of
the operating system configuration files as XML files. As a user,
it's transparent to you. I've currently got it installed on an 8MB
CompactFlash card within a PC Engines WRAP box (http://
www.pcengines.ch/wrap.htm). It's been running for 18 months without a
hitch, and much simpler and easier to maintain than my previous
attempt of rolling my own firewall on a CF card.
Even if you're dead-set to use Linux versus something else, I highly
recommend giving m0n0BSD a spin.
P.S.: There is a "fork" of m0n0BSD that's based on FreeBSD 6.x called
pfSense (http://www.pfsense.com/). I haven't yet tried it, but if
you're looking into experimentation, it may be worth it.
// Thomas Str?mberg
// http://toadstool.se/
// +1 678 773 9475
More information about the Ale
mailing list