It's Alive!!!

[ForsetiAvatar]

I finally have a new Smoothwall pc (old one crapped all over itself and died). Now I have rebuilt it. I have made it better... stronger... faster.

700Mhz of firewall goodness, try and break through that bitches.

um.... actually, don't. I like my network intact. Probably the wrong place to taunt ppl about my network security.

/me Heads to Micro$oft forums.

[stingwray]

I prefer Monowall over Smoothwall, its lighter and quicker to use in my opinion.

700MHz is a tad overkill unless you don't have any other computers to run it on that have less of a spec. 700MHz would make a nice server.

[ForsetiAvatar]

I haven't heard of monowall, I will check it out.

Yes in most cases 700MHz is overkill, but I have several of the blocklists from bluetack.co.uk, and a few from other places, loaded into it. It actually alters the IPTables. This can really put a hit on your ping times unless you have something semi-beefy running it. I am pretty sure this is what killed the last smoothie I had, just too much processor time. I have a 2.6GHz processor in the one I installed at work. That has blocklist, content filter (keyword scanning and rating types), and AV scanner loaded on it. My pride and joy :D

[melodic]

got ne pics of the smoothie?

how do u set one up?

gimme a quick like 5point noob guide

do u like have to have more than 1 NIC?

[ForsetiAvatar]

I do not ahve any pics Melodic, nor do I have camera w/ me. GF is comming over later, I'll use her phone to snap a couple tho.

Yes you need at least 2 NICs... one for the "Red" (WAN) interface, and one for the "Green" (LAN). You can add additional NICs if you want to have additional LAN segments at the router as well (DMZ, putting WAPs on different segments, etc.)

Essentially, it is a linux firewall, uses a stripped down linux kernel. Setup is pretty easy.

1) Download cd image from http://smoothwall.org/get/ and burn to cd

2) Scrape together any old hardware you have and build a pc like any other. Min specs can be found on smoothwall site. Add in you NICs

3) Boot pc from burned image CD to start setup *Note This will format your hard drive.*

4) After drive is formatted and files are copied it will take you to config screen. Here you will assign which NIC is for LAN and WAN (and any others you may have) there is a scan option which will find installed NICs. Enter your LAN and WAN ip addys (DHCP is available on the WAN side as well as PPPoE and static), set hostname, passwords, and enable/disable LAN DHCP.

5) Once initail setup is complete, there is a web based interface that you use to control it just enter your smoothwall ip w/ proper port i.e. 192.168.100:445 and you are there. You can remove keyboard, mouse monitor at this point, there is a command shell inside the web interface.

Now you are ready to roll. :D

There are lots of add-on modules on the smoothwall forum

[melodic]

cool thanks dude :) ill try this oneday

so could u like have it like this

Cable Connection ---> Smoothie --> Routers WAN Port --> pcs?

[VaKo]

Don't suppose anyone knows of a place in the UK where you can pick up old p2/p3 type systems? Most of the places I know insist you buy windows, a monitor keyboards etc. Ebay is a bit haphazrd sometimes.

[barrytone]

Don't suppose anyone knows of a place in the UK where you can pick up old p2/p3 type systems? Most of the places I know insist you buy windows, a monitor keyboards etc. Ebay is a bit haphazrd sometimes.

If you give details of what you need (hdd, ram, cpu etc) I'll have a look at what I've got for you. I've probably got something you can have if you pick it up / pay for the postage :)

Otherwise: Ebay or Freecycle :)

[VaKo]

Something along the lines of a half gig of ram, around 1ghz, 40gb hd just enough for a linux firewall type thing.

[barrytone]

Hmm... When you said p2/p3 I was thinking 500mhz, 256mb ram and 20gb.

Your specs are a little high for me to cope with :(

why do you need those kind of specs for a firewall machine? How big is the network you're gonna be using it on?

[ForsetiAvatar]

cool thanks dude :) ill try this oneday

so could u like have it like this

Cable Connection ---> Smoothie --> Routers WAN Port --> pcs?

You could, however, you will face some port fowarding problems if you have any PCs running server type apps behind the 2nd router (webserver, bittorrent, whatever). Fixing that problem would void a lot of the benifits of having the smoothie. Smoothie is a complete router/NAT firewall/proxy server solution. Also, since it is open source, there are add-on modules for a lot of other features. If you do not have a seperate 10/100 switch and need the 2nd router for connectivity purposes, I would hook smoothie into one of the LAN ports, not the WAN.

If you have any questions when you get started, send me a PM here or an IM, contact details are in my profile.

[stingwray]

Vako, that kind of spec is for if you have Gigabit running through the firewall, which in most cases people don't have more than 2Mb on their internet connection. Celerons make good firewalls, they run cooler as well than the pentium brothers.

http://www.m0n0.ch/wall/ for those of you are interested in Monowall theres the link. What I love about it is that I can run it off an old 8MB compact flash card on a cf to ide adaptor. Its on freebsd as well and most of the coding for the OS is in PHP which saves space and means its easy to tweak. It is lacky wireless support at the moment but this should be fixed in v1.3 which will use the freebsd v6.x OS.

If anyone has any questions then I would be happy to answer them about Mono.

[ForsetiAvatar]

Don't suppose anyone knows of a place in the UK where you can pick up old p2/p3 type systems?

VaKo, you may want to check schools in your area or some companies to see if they are upgrading hardware or have done so recently. A lot of these places will have old hardware just sitting on a shelf somewhere or cluttering up someone's office. Also, ask your techie friends... most have a bunch of old parts laying around the house. Unless you are going to have a lot of computers hooked up and a lot of scanning modules installed even a P1 w/ 32MB of ram would do it.

[VaKo]

I tend to massivly over specify things i want to make, but if a much less powerful box is ok then i'll do that. Then I just need to get a cheapo pack of NICs. Can gigabit be done for 4 people on that?

[stingwray]

Well it depends what you are transfering between the interfaces:

Internet <---> Firewall <---> Lan (Setup 1)

Then you are only going to have possible a max throughput of 8Mbps (it will be your internet connection). However if like me you have something like this:

Lan 1 <---> Firewall <---> Internet (Setip 2)

Lan 2 <--->

Then you may have traffic going between Lan 1 and Lan 2 which then your max throughput would be of the hardware you are using, so in most peoples cases 10/100 and a 200MHz - 500Mhz PC would be able. But if you have gigabit then you might need nearing 1GHz.

[barrytone]

I've just built up a Smoothwall machine this afternoon.

I gathered together enough bits for a p3 500mhx, 128mb ram, 20gb hdd and 2 x 3com 905s. Works fine to me.

Schools are a great place for computers. Most of mine are decommissioned school machines :)

[ForsetiAvatar]

Sweet dude. Let me know what you think. Also, be sure to check the Homebrew/Customization section of their forums, they have some great modules in there.