david_d
asked on
Linux Mandrake Single Firewall H/W Query.
I am considering on purchasing the Linux Mandrake Single Firewall. I realise that I could let my Desktop PC to act as a DHCP server, firewall and internet proxy, but I was planning on buying an old pentium. I was wondering if any of you have used the Linux Mandrake Single Firewall and what hardware you would probably recommend using. Obviously the faster the hardware the better, but I was just trying to limit the expense spared on an old PC. I am currently using a modem, but later in the year I plan on upgrading to ADSL.
What do you think would be the hardware requirements to run the firewall to handle a modem and later in the year ADSL? i.e Processor speed, memory, hdd size and if any USB sockets may be required, i.e for ADSL.
Any information would be gratefully received.
Regards
David.
What do you think would be the hardware requirements to run the firewall to handle a modem and later in the year ADSL? i.e Processor speed, memory, hdd size and if any USB sockets may be required, i.e for ADSL.
Any information would be gratefully received.
Regards
David.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Unless you are going to have some awesome firewall rule set I'd think that a 120Mhz would be fine. And provided that you don't run the GUI there won't be a memory problem. And that's typically enough memory to also run a local DNS & DHCP server on the firewall.
ASKER
The minimum requirements are 64mb for a GUI, do you think that it will run very slow?
On a 120Mhz box the Gui is going to run slowly, just because the processor is slow. Couple that only the minimum memory available and it's likey to be like watching grass grow. Give that amount of memory just about anything that you do with the GUI is going to require a swap and since the firewall is doing other things that need memory they'll have to swap. So it's likely that the system will be thrashing the swap partition and very, very sluggish.
But, you don't have to run the Gui on the firewall. As long as the firewall trusts the internal hosts you can open an ssh session to the firewall from some other machine and run Gui applications remotely. Once the firewall is setup and running you typically aren't going to interacting with it much anyway, so remote sessions are a reasonable management method.
Another possibility would be to use one of the 'firewall on a floppy' products like LRP or the Astaro firewall. The latter is pretty cool and they offer a free copy for non-commercial use. Take a look at http://www.astaro.com/
But, you don't have to run the Gui on the firewall. As long as the firewall trusts the internal hosts you can open an ssh session to the firewall from some other machine and run Gui applications remotely. Once the firewall is setup and running you typically aren't going to interacting with it much anyway, so remote sessions are a reasonable management method.
Another possibility would be to use one of the 'firewall on a floppy' products like LRP or the Astaro firewall. The latter is pretty cool and they offer a free copy for non-commercial use. Take a look at http://www.astaro.com/
ASKER
jlevie,
Thanks for all your comments.
Just one quick comment - how easy is it to access the firewall using ssh?
Regards
David.
Thanks for all your comments.
Just one quick comment - how easy is it to access the firewall using ssh?
Regards
David.
ASKER