Firewall

From VoidWarranties - Hackerspace Antwerp, Belgium
(Difference between revisions)
Jump to: navigation, search
(Status FireboxV60)
(Hardware specifications)
Line 12: Line 12:
  
 
===Hardware specifications===
 
===Hardware specifications===
*Ram: 64Mib (DDRII ram to be confirmed)
+
* Ram: 64Mib (PC100 or PC133 sdram)
*Storage: 128Mib compactflash
+
* Storage: 128Mib compactflash
*CPU: ??? (pentium II or III to be confirmed)
+
* CPU: ??? (pentium II or III to be confirmed)
*Network: 5x 10/100Mbit
+
* Network: 6x 10/100Mbit
*Powerconsumption: ??? to be measured.
+
* Serial Console port (RJ45 on the front panel)
 +
* Powerconsumption: ??? to be measured.
 +
 
 
===Firewall OS Possibilities===
 
===Firewall OS Possibilities===
 
*Default Wathcguard OS (are you nuts?)
 
*Default Wathcguard OS (are you nuts?)

Revision as of 16:41, 17 October 2011


Firewall
What:
With so many ongoing IT related projects, its always good to have some control over the Network Traffic.

Enable some extra services at the space or block some traffic from outside the space would just be a nice-to-have-toy to play with.

Firewall.jpg
Participants:
TomD
Category:
Security
Locations:
Den Bunker


Contents

Watchguard FireboxV60

Hardware specifications

Firewall OS Possibilities

Installing m0n0wall / flash the image to compactflash

(use the -u flag if the target disk is > 800 MB - make very sure you've selected the right disk!!)

physdiskwrite [-u] generic-pc-xxx.img

(you must use v0.3 or later!)

gzcat generic-pc-xxx.img | dd of=/dev/rad[n] bs=16k

where n = the ad device number of your CF card (check dmesg) (ignore the warning about trailing garbage - it's because of the digital signature)

gunzip -c generic-pc-xxx.img | dd of=/dev/hdX bs=16k

where X = the IDE device name of your HD/CF card (check with hdparm -i /dev/hdX) - some CF adapters, particularly USB, may show up under SCSI emulation as /dev/sdX (ignore the warning about trailing garbage - it's because of the digital signature)

Status FireboxV60

The existing compact flash image, with the watchguard has been backed up to the homedirectory of Barputer and is called FireboxV60. Should someone feel the desire to restore to factory defaults.

The compactflash has been flashed with M0n0wall, Base system is recognised, but the specialty nic is not. (so with M0n0wall, 4 out of 6 networkports are unused)

Looking to install pfSense (has more features, the kernel is easier to access so installing special hardware has a higher chance off success.)

Hardware needs a Ram and compactflash upgrade for pfSense to run comfortably (min 512 Mib ram and 2Gib compactflash)

Personal tools
Namespaces
Variants
Actions
Navigation
Toolbox
Content Creation
Belgian Spaces