Linux LAN Proxy/Firewall

[Daniel_DBS]

I am looking for a good Proxy/Firewall to throw on my home network using Linux...

Here is the hardware I have to work with:

• Old HP Desktop
• 450MHz P3
• 256MB of RAM
• 1GB HD (yes I know, all I could find in my stash that wasnt 120GB or bigger)
• 2 NICs
• Sony CD-RW Drive
• No Floppy
• 2 USB 1.1

I have tried a couple different options already... ClarkConnect Community Edition and IPCop

I did not care for IPCop at all... ClarkConnect wasn't bad...

I read online about Squid, but I couldn't get it to install with yum like the directions said I could...

This proxy server will be replacing an old Windows 98 Proxy I have used for years but has been giving me some problems lately, I ended up having to remove it from commission about a week ago and use an old router to connect my network to my modem...

Has anyone tried any other proxy softwares for Linux? I would prefer one that installs onto a CentOS enviroment rather than one such as Clarkconnect & IPCop... Anyone tried Squid? I wish I could get it to install because it sounds great!

[Vin DSL]

Interesting...

I'm still running a Win98SE proxy server, using a proggie called All Aboard!

Microsoft liked this software so much, they bought the company, and put them out of business...

It uses NAT/PAT, which acts as a natural firewall, so nothing else is required.

I'll NEVER quit using this proxy software! Never!!! That's how much I like it...

[Vin DSL]

Anyone tried Squid? I wish I could get it to install because it sounds great!

Squid is great, if you have LOTS of connections - the only way to fly!

For instance, I'm running MediaWiki over HERE.

It's kinda laggy with nobody on it...

Can you imagine if I had 100's of connections? It probably wouldn't even come up!

That's where Squid shines - for stuff like that, IMHO!

[Daniel_DBS]

Well the problem I was having with my Windows 98 box was that 98 finally decided to die... Blue Screen of Death at least once per day! I tried to repair it, without much luck, so I went to dig out my trusty CD to reinstall 98 and WHAMO! I can't find the disk!!!

I have been wanting to switch over to linux, but never had the gumption to do so, now I finally have a reason... This old linksys broadband switch can hardly keep up with my network... I usually am 'chair surfing' around my home office using about 4-5 computers at once, which is straining out the old router... It also is slower than Christmas! I have a dev web server at home and it is unbearable to use it!

[Daniel_DBS]

Ok here is another option for hardware I could use for the proxy server:

• 1.5GHz Celeron
• 256MB RAM
• 2 NICS
• 15GB HD

I forgot I had replaced my dev box a couple of weeks ago and had this older one sitting around in the top of my closet... Still in search for a Linux based proxy server though...

@Vin: I checked out that one you suggested, I was hoping for a *Nix based one, but I will keep it in mind, I could run it on NT4 if I had to... I was using an olddddd version of WinProxy before

[Vin DSL]

Oh, jeez...

Okay!

http://www.jmarshall.com/tools/cgiproxy/

That's what I use here...

Just don't go public on Jag servers, or they'll kick your butt outta here in a heartbeat!

[Vin DSL]

BTW, that was a very sad story...

Do you think I believed it?

[Frank Broughton]

Yes and not only that you cried.....

[Spathiphyllum]

I am looking for a good Proxy/Firewall to throw on my home network using Linux...

I did not care for IPCop at all

What's wrong with IPCop/Smoothwall?

As far as hardware, I'd suggest you use the 450MHz P3 board, load up on the RAM if possible, use 3 NICs, and use the bigger 15GB drive. The 256 MB RAM is a bit lean if you'll be using various proxy services along with NAT. The AV/Anti-Spam add-ons will really bog the system down if you use any. One NIC for the external router/modem, one NIC for the internal network to a quality switch, and one NIC either for a DMZ or extra subnet for expandability.

Try IPCop and scan their addons again. Next, use Copfilter, a great third-party suite that wraps several tools so you don't have to worry about them. It slides right into IPCop with ease.

That would be more than enough for a standard household and likely good enough for a small office/business.

[Daniel_DBS]

The problem I had with IPCop is it did not like my hardware! I had plenty of diskspace left and hardly any RAM was being used, but it did not want to work right! I would use the bigger HD and more RAM but the RAM on the other machine is DDR and the RAM on the older does not... Also, my other machine has an SATA hard drive in it, the old HP has an IDE hd in it and does not support SATA...

I will try reloading IPCop one more and see how it does, maybe the CD I had was corrupt, I will redownload it and see how it does

[Spathiphyllum]

The problem I had with IPCop is it did not like my hardware!...

I will try reloading IPCop one more and see how it does, maybe the CD I had was corrupt, I will redownload it and see how it does

Hmmm. Well those are both possible speedbumps. Have you updated your MB BIOS to the most current stable? Sometimes that fixes a glitch or two. Also, some NICs are more installable than others. I've never had a problem with Intel, Broadcom, or Linksys, so if it's some HP proprietary chip, I might understand how it could choke.

If you just couldn't get through the install stage, then reburning a new image is probably worth a shot. If the most current image is causing problems, you could try a slightly older release and then patch it up to current. I know the newest release 1.4.17/18 tweaked how the kernel was recognized/selected, so maybe the install routine is a bit buggy. Version 1.4.16 was stable for a long time, so you might try backtracking a bit, too.

[Daniel_DBS]

I was able to install it just fine... It detected both of my NICS just fine as well (both 3com office connects) I know that at times it would not let me login and it just did not agree with my windows 2k domain either... I will take a closer peak and see if I can figure it out...

[RickWeb]

I need to upgrade mine soon i been running ISA as my firewall for the last couple of months since my linbox died. I have a replace though p4 2.4 1GB 33GB hdd.