SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Am interested in using an older PC for a basic router/firewall for both sharing web-access and SSHing w/in a hubbed 2-3 PC
PAN -- Private Area Network of course .
Any really good hints for installing Slackware 11.0 on such a system?
"Old" PC is:
Pentium K6-2 400MH+ CPU
32MB RAM
2GB hdd
2 x 10/100 NICs (no dial-up modem)
CD-ROM, fdd, kbd, ...
Already have the Slack 11.0 install CD's and have used these fine on other dekstop systems.
Caveats:
- Would prefer Slackware for now unless really no choice other than SLAX, freesco, smoothwall, floppyfw, ipcop...etc which others have already suggested.
- Also wish to avoid X pkgs, gtk+ and qt libraries due to memory conservation reasons. From this, suggestions of specific gui-type apps for iptables/netfilter (e.g. guarddog) would also be out.
- Would prefer NOT using other wm's such as xfce4 or ICEwm if possible, nor use of any 3rd-party IDS.
- In 2GB hdd, would prefer having swap partition of at least 32MB for same amt of RAM (performance) and at least 1 GB for packet logging.
Suggested bash scripts for iptables would be fine.
It is easy enough to configure, and easy enough to tweak (just a bash script and a configuration file which is another bash script), and supports many features (including natting, dmz, port-fordwarding,...).
Just avoid anything related with X, TeX, TCL, KDE, most compilers/interpreters, and make sure to hand-select the packages from ap/ and n/ so you only get what you need (I really don't think you're going to setup a CIFS/SMB server in that comp, so you can, for example, get rid of that).
Either the 2.4 kernel or the 2.6.17.13 would do fine. I believe that the 2.4 might take less memory, tho'.
Edit:
Hold on a sec.! There's no such thing as a "Pentium K6-2", is it? Maybe I missed the AMD/Intel fusion...
Hold on a sec.! There's no such thing as a "Pentium K6-2", is it?
Reply to both here. Apparently, one of the two RAM banks had some of its tin pin-lining crushed and its end tabs broken -- probably from a clumsy DIMM insertion or a yanked DIMM removal .
No 64 or 128MB DIMM available here and now for compatible PCxx speed as the current 32MB module.
Even worse, the CPU itself is indeed an Intel Pentium; a Pentium I 166MHz CPU at that, more than twice as slow as a real AMD K6-2 400MHz....... it turns out that stickers both on the outside of the PC case and on the inside mislabeled the CPU as a "Pentium" K6-2 400+.
Maybe there was a real K6-2 400+ CPU in the m-brd's Socket 7 which was downgraded at the exact same time as the RAM-bank was damaged? Just an educated guess....
Whatever the case, the need here is to approach a more minimalist Slack install for a router/fw
(heck, this old PC had Windows 95 wiped out)
Quote:
Just avoid anything related with X, TeX, TCL, KDE, most compilers/interpreters, and make sure to hand-select the packages from ap/ and n/ so you only get what you need (I really don't think you're going to setup a CIFS/SMB server in that comp, so you can, for example, get rid of that).
Yep, makes perfect sense.
From the /slackware packages directory, this all leads to :
- no e/, f/, k/, kde/, kdei/, t/, tcl/, x/, xap/, y/ sets
- just enough a/, ap/, d/, l/, and n/ set pkgs to run the system as intended.
I did exactly the same thing with an old box of mine, the difference though is that mine is wireless. It runs on a pentium 2 with 64mb of ram! I'm sure yours will run fine with 32mb though since this sort of things doesn't use much memory.
If you want your computer to act like a commercial router you only need to use iptables, this is what I do. If you want to have some sort of control over the flow of the network you would need to use iproute2, there is a great howto on that. Slackware comes installed with both packages!!
Oh and if you are going to use iptables for your firewall I would recommend you try something like shorewall to help you configure the filter table, unless you want to write over 100 rules yourself.
You can also have some fun by trying a proxy and all this....
Slackware should run fairly well on such a system, but you will need to know how to slim the install down confidently. You might want to also consider the BSDs, I have run them on machines all the way down to 386s, and the responsiveness was fine (though with a machine that slow, it may be possible to saturate the CPU if you have many simultaneous connections like Bittorrent).
But really, all you need is SSH and iptables. You would definitely do yourself a favor by using some sort of rule generator, however.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
Low-end Slack firewall?
. 
:
. 
