[Gllug] Linux Firewall on a Laptop
Ian Northeast
ian at house-from-hell.demon.co.uk
Wed Feb 5 00:01:28 UTC 2003
Bernard Peek wrote:
>
> I'm looking for a suitable firewall distro. I have an old laptop that
> I'd like to recycle as a firewall machine. It's a Pentium 133 with 16Mb
> of memory, a 300Mb hard drive and a Xircom PCMCIA network card. No CD so
> I'll probably have to install using FTP. I plan to use it with an
> external ISDN TA on its serial port.
>
> I want to use it to replace my current IPCop system, because IPCop
> doesn't support PCMCIA.
Well this may be heretical but I would use OpenBSD. In fact I do, on a
similar spec laptop. Mine has rather more disk, but I have a whole load
of X client and gtk+ stuff installed so I can run ethereal. It's not
strictly needed, it's just easier to interpret the output than tcpdump.
It ought to be possible to get everything necessary into 300MB. My
laptop's serial port does not appear to work, apparantly due to an
interrupt conflict with one of the NICs, but this would probably not
happen with only one NIC. And, not actually having a use for the serial
port, I have not put any effort into fixing this. OpenBSD's ISDN support
is not good, but with an external TA that does not matter, these are
just treated as modems. OpenBSD's firewall ("pf") is stateful, very
flexible and easy to configure, and well documented.
It appears that Smoothwall doesn't support PCMCIA either, although the
FAQ says "with a little user effort it can be done".
General purpose Linux distros that should run on that machine include
Slackware and Debian. It should not be hard to build a firewall out of
either.
Regards, Ian
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list