[geeks] RFA: firewall
Shawn Wallbridge
shawn at synack-hosting.com
Thu Jan 6 17:12:09 CST 2005
I wouldn't run anything but OpenBSD, but that's just me. I have done
some pretty neat duty stuff with OpenBSD. Right now I have a four point
VPN running with a mix of OpenBSD 3.4, 3.5 and 3.6.
I happen to have set up pretty much the exact same set up as you are
describing two nights ago.
bash-3.00# uname -a
OpenBSD hades.wallbridge.net 3.6 GENERIC#304 sparc64
bash-3.00# dmesg
<snip>
OpenBSD 3.6 (GENERIC) #304: Fri Sep 17 13:01:33 MDT 2004
deraadt at sparc64.openbsd.org:/usr/src/sys/arch/sparc64/compile/GENERIC
total memory = 134217728
<snip>
mainbus0 (root): Sun Ultra 5/10 UPA/PCI (UltraSPARC-IIi 333MHz)
cpu0 at mainbus0: SUNW,UltraSPARC-IIi @ 333 MHz, version 0 FPU
cpu0: physical 32K instruction (32 b/l), 16K data (32 b/l), 2048K
external (64 b
/l)
<snip>
fxp0 at pci2 dev 1 function 0 "Intel 82557" rev 0x08: ivec 10, address
00:02:b3:
06:f3:7c
<snip>
I am about to set up IPSec on it (making our VPN 5 points).
PF is great.
shawn
On 6-Jan-05, at 1:27 PM, Phil Stracchino wrote:
> I humbly request advice, opinions, whatever, from the Collective. :)
>
> The hardware: Ultra5, USIIi/333, 256M, 9.1G, three 10/100 interfaces
> (the built-in hme plus a dual EEPro100), didn't really pay attention to
> what framebuffer and can't say I particularly care.
>
> The application: firewall between wired internal net, wireless DMZ, and
> DSL to the 'net. Right now there'll only be one machine on the wired
> net and one on wireless, both running Win2K Pro, but real boxen running
> real OSen will be shipped out here later.
>
> So:
> - Solaris 9 and Sunscreen Lite (included with 9, iirc)?
> - OpenBSD and PF?
> - Something else?
>
> What's your recommendations, and why?
>
> --
> ========== Fight Back! It may not be just YOUR life at risk.
> ==========
> alaric at caerllewys.net : phil-stracchino at earthlink.net :
> phil at novylen.net
> phil stracchino : unix ronin : renaissance man : mystic zen biker
> geek
> 2000 CBR929RR, 1991 VFR750F3 (foully murdered), 1986 VF500F (sold)
> Linux Now! ...Friends don't let friends use Microsoft.
> _______________________________________________
> GEEKS: http://www.sunhelp.org/mailman/listinfo/geeks
More information about the geeks
mailing list