17 replies to this topic

[xXDeltaXx]

Hey,

Recently been messing with my 'network' and remembered an old(ish) topic on here about creating a Firewall... I've got an old PC from my Grandpa (was kinda crap when it was bought, nevermind nowerdays) - wondering if it would be capable / suitable for the job??
Prebuild Packard Bell
CPU: Intel Celeron 340 @2.93GHz
GPU: Onboard SiS 651C (64MB)
Motherboard: Gigabyte GA-8SIMLNF
RAM: 2x 256MB of DDR

Yes, it only has 1x ethernet port, but I'd assume that I could get 1 (or more) network cards to add the additional ports if it's a viable project...?

Or... if said PC is too crap for that, anyone have a suggestion of what to do with it?

My 'network' currently is:
Sky router feeding skybox, Main PC & BT Home Hub V2. (& Laptop via wireless)
Home Hub is feeding Spare PC, El crapola PC mentioned above and Laptop (wired)
No specific interaction between any of them. Although, I am looking to improve the setup...

[Challenger]

Not only would it be possible with that system I'd totally recommend it!

I'm not going to recommend the firewall os that I'm currently using as it's a total RAM hog (talking like 1GB usage!) but I will recommend PFSense. It has much lower requirements - I think it's RAM requirements are only 128MB and a 500MHz CPU or something.

You will definitely need another Network card. Also if the software is not compatible with your onboard Ethernet then you will need to get two extra ones. I'd recommend getting intel ones as they have a very wide compatibility and I'm pretty sure every intel card is supported by PFSense.

What you should do though is download PFSense and burn it so you can install and have a play (you can also test your onboard before you buy more network cards so you'll know if you need one or two)

Once you have it up and running have a look at the different add-on packages you can install. Now I'm not sure how much your hardware will take as some can get pretty hardware intensive but there are things like realtime virus scanning and content filters etc that extend PFSense from just a firewall.

Certainly your hardware though is plenty to run a firewall - I mean just think about the pathetically underpowered hardware they stick in normal routers!

I'm just about to go to sleep so probably missed a load of things so let me know and I'll catch up in the morning.

[xXDeltaXx]

Grand. That's the answer I was hoping for

I saw you recomend a few things in this thread - basis of this idea

I know I need to look into the idea a lot more - just checking it was a possible as there ain't much free cash at the mo to go building one from scratch lol

Need to look a bit harder to find the needed network cards... thinking I need a couple - one wireless (maybe go USB for that?) and a couple of ethernet ones - 3 PCs currently; I can use the Home Hub for those from a single port... but I intend to get another PC next year / good to have spare - thus need a couple of spare ports... or a new and / or bigger switch

Tis also bed time here, so will try and find bits tomorrow

[Challenger]

The problem you'd face is switches an hubs have specialist hardware in that makes them very efficient at routing packets whereas if you did a bridge setup it wouldn't have very good lan performance. I haven't tested it but that is what i've read. So if lan performance is important then you'll want some sort of switch.

Would this setup not work for you? Provided that the BTHomeHub can be put into "switch/hub" mode which I assume it is because of how you have it setup atm:




PS. To put it into perspective about how little power is needed for a decent firewall - This is my setup.... The firewall is only an 800Mhz Via cpu but it has 1GB of ram. Unless virus scanning its cpu usage is normally very low. http://dl.dropbox.co...workDiagram.JPG Even at 800Mhz though that is about 20x more power than a standard consumer router.

[xXDeltaXx]

Aye, that should work... Homehub's normally a bit iffy on wireless - but it worked first time today lol (Method for turning the home hub into a switch)

Which is the best version of PFSence? - onto a HDD or just from the disk? - guessing the HDD route. Is there an optimal HDD size? (& can it be used for anything else?)

Not really bothered about LAN as such - just need to make sure there is enough ethernet ports for mybits and bobs

[Challenger]

xXDeltaXx, on 18 July 2011 - 09:03 PM, said:

Which is the best version of PFSence? - onto a HDD or just from the disk? - guessing the HDD route. Is there an optimal HDD size? (& can it be used for anything else?)

Yea the one you install to a HDD is the best as all your changes are permanent. Any old HDD will do. The requirements say a 1GB HDD.... I personally just used a 30GB hdd in mine as its what I had lying around!

Nope really you cannot use the system for anything else other than a firewall. A firewall is one of those things that its really not worth trying to install it in a VM.

[xXDeltaXx]

Well, good news and bad news...

Good news - it finds the network port (as r10)
Bad news - after the install, it does not want to boot the HDD... maybe I've messed up with that somehow. Should the HDD be formatted as some particular format before trying to install? (exFAT from Windows 7 for example)

Anyways, it looks like a single network card is needed for the system (possibly 2 depending upon the price - I'd like the extra port)

Does this one look ok? Single Port
or Single Port (intel)

Just found this one as well - bit expensive. Worth it??? 5 Port

[Challenger]

First one looks a bit generic - having said that it's a realtek chip that are normally compatible and for £9 it might actually be worth giving it a try.

The intel single one is great

I'd stay clear of the 5 port it might work fine but tbh a decent 5port should be in the region of £150-200!

[xXDeltaXx]

HDD is still giving me a bit of trouble... could it be because there's only 1 network port at the mo? Got a couple of those cheapy ones on order - this being a first attempt and all

[Challenger]

its presumably not just a boot order issue in the bios?

[xXDeltaXx]

Nah, not as far as I can see... trying again lol

There isn't a size limit is there? - 250GB IDE drive is what I'm trying to use - Just reformatting it (full as opposed to the previous quick format)

Edited by xXDeltaXx, 22 July 2011 - 06:26 PM.

[xXDeltaXx]

Well, same as before... BIOS is set to load HDD then DVD. But, after the install, when I reach the "PCI Device Listing ..." page (right before it would go to boot the HDD / DVD if that was selected), it just seems to pause / freeze.
I hate pre boughts

Any suggestions??? just been sitting there for 5 mins now...

**Edit. Meh, went back into the install as "repair" and it progressed - waiting on the network cards now. Then I'll recommence the install lol

Edited by xXDeltaXx, 23 July 2011 - 10:14 PM.

[xXDeltaXx]

Second part to this: an electronic query...

You can get fan adapters to give 7V (to quieten the fans) right - link between the +12V and +5V lines to get 7V difference...

Do you think it'd be possible to get 9V in a similar way??? +12V and +3.3V = an 8.7V difference - depending upon the actual line voltages and how picky the Home Hub is - think that'd work?? Or is it likely to draw too much from the computer PSU? / screw up the 3.3V line?

[Challenger]

Depending on the power draw you could just use a 9v voltage regulator on the 12v supply.

(7809) http://www.bitsbox.co.uk/vregs.html

It's only 1.5A though so check the power draw first

You can actually build yourself a very simple potential divider circuit using a 1k and a 3k resistor to get your 9v supply but the voltage regulator route would be better as the supply would be cleaner.

[xXDeltaXx]

Meh, scratch that - it's 15V / 1.2A... also, it doesn't actually fit in the case - so that idea is completely out of the question lol

[xXDeltaXx]

Well, network cards have arrived and seem to work (2 of these Single Port)

Still having HDD issue though The 250GB one isn't really compatible - too big or just set wrong by default... so I dug up an old 160GB one which is working better (and the setup says it is suitable on default settings). meh onwards

[xXDeltaXx]

Well, no idea what I did... but it's working

Still got my main PC from SKY - need to rearrange the office to sort that... but the others are via the Firewall now.

Still need to research this firewall type thing... but are there any main pointers I should do / look out for? I take it that I can leave it set on the default menu screen...?


Thanks for the help Challenger

[xXDeltaXx]

Well, the firewall appears to still be working fine... but I'm about to redo my office and that means unplugging everything - so we'll see what happens on boot up lol

To my question - what's the best way of checking network speed / port speed?

The firewall has an incoming port (WAN) on one network card, an outgoing port (LAN) on a second network card and a port on it's motherboard...
Currently, I have a BT homehub V2 as a switch; this allows me 3 ports for my LAN...
With my up coming build, I'm going to need another port - so I'm thinking of using the motherboard one - but I don't know what to put on it as I'm not sure how quick / good it is compared to the Homehub and network card method. If it's quicker; then it makes sense to put my everyday PC on it. If it's slower; then I'll put the crappy PC from downstairs on it...
What's the best method and / or software to check this out with? - would something like Speedtest.net be effective at measuring it or do I need something network specific?

Edited by xXDeltaXx, 20 November 2011 - 06:07 PM.