LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 10-06-2008, 02:27 PM   #1
Oxagast
Member
 
Registered: Aug 2003
Location: Mocksville, NC, USA
Distribution: Gentoo, Slackware.
Posts: 410

Rep: Reputation: 30
Suggestions for linux router distro


Hi,
I'm planning to turn one of my old pentium boxes into a linux router. I'd like it to be bootable from the hard drive, not from a floppy or cdrom, because I want to be able to install various other applications on it.

I was thinking I'd want to be able to route everything to a DSL modem. I want to be able to have advanced firewall features, such as being able to detect intrusion attempts and log them, as well as sniff packets network wide with something like snort/tcpdump/wireshark, and also maybe block certain things, for example, ads on webpages.

I suppose I could just install a more mainstream distro such as debian in a minimal configuration, but if I could have any pointers on what type of software could do these things most efficiently, it would be greatly appriciated. I've used linux quite a bit, but never set up an advanced router before, so I don't know quite where to start, just what I'm looking for in it in general.

Thanks,
Marshall
 
Old 10-06-2008, 03:44 PM   #2
peter_robb
Senior Member
 
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458

Rep: Reputation: 47
It depends on how easy you'd like life to be..
Roll your own version and learn in the process.. (takes a couple of years to feel secure)
Buy/borrow/try a commercial distro.. Go to www.distrowatch.com for a list
Install Smoothwall in about 10 mins and have a play. www.smoothwall.org

Once you see how much you need to put in for your needs and what is extra, you can roll up a distro yourself.
 
Old 10-06-2008, 04:07 PM   #3
Kingtiger01
Member
 
Registered: Nov 2006
Location: Watkins Glen, NY
Distribution: Ubuntu-8.04/Xebian
Posts: 56

Rep: Reputation: 16
A ole' pentium huh, sounds like you have some fun on youre hands..

Well when it comes to Distro's for Routing packets, there is a few. Some are Designed as pure router distro's, some as Firewalls, and others as minimal installs..

First thing you want to ask yourself is, how much ram does this system have, how fast is the processor, how much hard-drive space does it have. lastly, How much traffic Throughput will this be handling...

Once you have answered them questions, you can decide the rest alot easier...

Remember, for every NIC it will rely on youre Processor and memory to make throughput, Packet routing and further Decisions. the more youre running per box... the more youre pushing it..

that being said...

Starting from the top, you have...

Endian Firewall 2.1
EnGarde Secure Linux
EnGarde Secure Server
Feather Linux
Featherweight Linux
Gibraltar Firewall
Honeywall
IPCop Firewall
Lineox Enterprise Linux
Linux from scratch
Network Security Toolkit
Openwall GNU*Linux
SME Server
Smoothwall
StartCom Enterprise Linux AS
Sun JDS
SUSE
Topologilinux
TFM Linux
Tiny Sofa
Trixbox
Trustix Enterprise Firewall
Trustix Secure Linux
Ultima Linux
VoIPonCD
White Box Enterprise Linux
YellowDog
YES Linux
Zenwalk Linux
ZoneCD/select
(and im sure many many more)
--

Each of these distributions have there strong points and there weak ones. you should make a decision based on YOU'RE specific Situation.

When it comes down to prefrence. i prefer ipcop, its less Memory intensive, and you can just install youre routing software afterwards..

But thats just a matter of opinion, if you want more info, search the LQWiki on Each Distribution and im sure some one will poke there head in and suggest another.
 
1 members found this post helpful.
Old 10-07-2008, 04:44 AM   #4
Oxagast
Member
 
Registered: Aug 2003
Location: Mocksville, NC, USA
Distribution: Gentoo, Slackware.
Posts: 410

Original Poster
Rep: Reputation: 30
Cool, I'll look at all those selections. The box is an old pentium... I think it was a 100, but it's OC'd right now to 120. Been rock solid for an overclock, I've left the thing on and gotten uptimes for ~8 months or so (it's connected to a UPS, it used to be a little webserver), until the power would go out for too long. Has about 64MB of ram, 2 hard drives (1 is 1GB, the other a 100MB that came out of a 386 (with no bad sectors?!?! :P)), and a cdrom. No video card, no soundcard, not even a keyboard connected to it, I just stripped that all out because it just sits in my closet, I just ssh into it. It has 4 PCI slots, and 2 ISA slots, so I'm just gonna stuff the thing with NICs (I have a bunch laying around that arn't in use). I have a crappy hardware Belkin wifi router, but it's not very configurable and is korkey. It's also one of the one's thats semi-famous for that MITM attack (http://yro.slashdot.org/article.pl?sid=03/11/07/1740205) they installed in the firmware that comes up every few hours with advertisements for Belkin's products, ugh. So basically I was just wanting to take that thing out of the loop, and try my hand at building one. I have about 2 computers that are always connected up to the internet, a printer, a few others that I play with that arn't necessarily connected (or working) at any given time, and sometimes my sister's notebook when she comes home from college. The DSL modem's throughput is only 175kb/s so there's not a whole lot of load on that point, and I only occasionally transfer large files in between the computers within my network.

Last edited by Oxagast; 10-07-2008 at 04:56 AM.
 
Old 10-07-2008, 03:06 PM   #5
Kingtiger01
Member
 
Registered: Nov 2006
Location: Watkins Glen, NY
Distribution: Ubuntu-8.04/Xebian
Posts: 56

Rep: Reputation: 16
Well local network connections are a issue with software based routers, as long as were not talking a star topology.

(Where every computer connects to the router instead of a switch or a hub)

this produces a single point of failure AND can cause some major latency for a poor ole Pentium 1 on 64mb of ram.

I would suggest though getting atleast a 4gb hdd, you really have to strip a OS to get it on 1gb these days. most modern packages are getting in the 50mb+ a piece range these days, so a gig is really pushing youre luck...

As far as the old router goes.. Dont pull it out of the loop.. Just Disable DHCP, and go ahead and use it in Youre new Network!

the old router would function great as a switch, just dont use the same ip address subnet as the router actually functions on(aka: if the routers ip is set to 192.168.0.1, make youre new network 192.168.1 not 192.168.0 .)

by doing this you will increase network performance greatly, than relying on just youre linux router to do all the switching.

Ps. - if you ever decided to get a new router, get a Linksys WRV4400N, it uses Linux(and you can pass commands and install SSH directly to it... just use Traceroute in the web administration, it is a Console!)
ive owned one for 2 years and i am VERY happy with it(not to mention 1Gbps on all ports WAN/LAN)
 
Old 10-07-2008, 03:11 PM   #6
Kingtiger01
Member
 
Registered: Nov 2006
Location: Watkins Glen, NY
Distribution: Ubuntu-8.04/Xebian
Posts: 56

Rep: Reputation: 16
Sorry not to Double post..

I should tell you though, i have a Compaq Proliant 2500(2x 233mhz Pentium Pro Processors{Pentium, server equivalent} 64mb of ram, 15gb SCSI-2 Wide HotSwap(with Dual Bay) dual Intel Pro server Nic(10/100/1000 802.All))

that i use as a firewall box from my ISP to my main router, also does web and a few other things.. so i know its possible. you just have to keep in mind the limitations of the system youre dealing with
 
Old 10-09-2008, 08:42 AM   #7
Gemini5
LQ Newbie
 
Registered: Jul 2008
Posts: 3

Rep: Reputation: 0
Lightbulb

Just to add an additonal thought to this, I ended up purchasing a second hand Compaq Proliant DL360 G2 (AU$90). Quick specs are single processor Pentium Xeon 1.4GHz, 1Gb Ram, 2x9.1Gb SCSI HDD running in RAID 1. After checking a few distros out I decided on a modded version of Smoothwall express, which runs on a DL360G2. Smoothwall contains a number of tools and features which may be over the top for some but I like to know whats happening on my netwrok and what's coming in and out. Much of what's happening is logged and can be referred to in history to help find an strange occurences or times when your network may seem bogged down. The DL360 rack mounted box is a bit under utilized (about 25%)however I have had downloads running at well over 100Kbs with peaks of 250-300Kbs at times with no effect in the CPU or bogging down of the network. I've been running this server with Smoothwall now for about 5 months and have had no major performance issues, and have been slowly closing unused ports and modifying the firewall settings to get the best out of the bandwidth I have available.
Even if you don't use a commercial rack mounted box, I do recommend Smoothwall Express 3.0 as an easy to install and use distro, for home firewalling, particularly if you enjoy "playing" and watching what your network does.

For those who would like to download the modded Smoothwall Express 3 modded G2 edition here is the url I used - http://carlnet.no-ip.org/dl360_iso/
 
Old 10-09-2008, 08:50 AM   #8
linuxman8786
Member
 
Registered: Sep 2008
Posts: 43

Rep: Reputation: 15
I am using smoothwall, it work perfectly

Linux Archive

Last edited by linuxman8786; 10-12-2008 at 01:36 AM.
 
Old 11-06-2008, 04:41 PM   #9
andrew_nh
LQ Newbie
 
Registered: Nov 2008
Posts: 8

Rep: Reputation: 0
Pfsense

I use pfsense. It is very easy to set up and is easier to configure for QoS then some of the others.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Suggestions on a linux distro jalsk Linux - General 3 12-01-2005 02:26 PM
Suggestions for a CD based router/firewall distro ConcreteClam Linux - Networking 3 05-25-2004 03:59 PM
Suggestions on Linux Distro crowmanic Linux - Distributions 4 01-06-2004 05:24 PM
suggestions needed: DSL router/modem for Linux reggie Linux - Networking 1 11-03-2003 01:17 PM


All times are GMT -5. The time now is 09:12 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration