Jump to content

X86 Router Info


Robuis

Recommended Posts

Hi I am wondering if someone could point me in the in the right direction for setting up a nix home router. My crappy blue box is failing surprise! So I was thinking I could ask if anyone has built, a pc as a router wifi and wired/ using OOS, I have a ubuntu box doing nothing, and have read a bit on how to set up some of it but, not sure where to start in the end I would like to ssh to my box and connect to it via http: so that I have the linux back end, with power, but a clean interface for quick tasks.

Link to comment
Share on other sites

  • 2 weeks later...

Untangle would be a reasonable place to start. Also might look into pfSense, m0n0wall, simple iptables for small needs, Astaro...lots of them out there.

Am also thinking about creating a X86 Router and of all the ones out their, I've only heard personal experience with Astaro Security Gateway. So try that one out.

Link to comment
Share on other sites

Actually rather than using a full blown pc for this i was thinking of picking up one of those tiny atom/apu based pc's. something you could throw a couple gigabit nic;s in.

the only thing other than the old dfi board i got is some hot ass P4's. i was messing around with clear os the other day on a sff dell i got but being that it's got a P4 520 it acts more like a space heater.

Link to comment
Share on other sites

There were a lot of linksys routers that had both overheating problems and ps issues.

There are a boatload of distributions that will do the job. Do forget to include bsd in that too. There is or was an x86 version of dd-wrt, but I never could get the free version to work right. I think I have openwrt on a machine but it sits in the closet unused for now. It worked great for what I used it for. Worked great n a virutal machine also.

If you know how to use iptables, most any decent linux will do.

Link to comment
Share on other sites

  • 2 weeks later...

IPcop, zeroshell m0n0wall pfsense etc etc.

But turning a deb(based) dist into a fw isn't hard at all.

Here's a extremely simple version:

#!/bin/sh

PATH=/usr/sbin:/sbin:/bin:/usr/bin

#
# delete all existing rules.
#
iptables -F
iptables -t nat -F
iptables -t mangle -F
iptables -X
#
# Enable routing.
echo 1 > /proc/sys/net/ipv4/ip_forward
# and some good stuff to have enabled..
#no spoofing
echo "net.ipv4.conf.default.rp.filter=1" >> /etc/sysconf.conf
echo "net.ipv4.conf.all.rp_filter=1" >> /etc/sysconf.conf
#no broadcasts
#echo "net.ipv4.icmp_echo_ignore_broadcasts" = 1 >> /etc/sysconf.conf
echo "net.ipv4.icmp_ignore_bogus_error_responses" = 1 >> /etc/sysconf.conf
#more..
echo "net.ipv4.conf.all.secure_redirects = 1" >> /etc/sysconf.conf
#echo "net.ipv4.conf.all.send_redirects = 1" >> /etc/sysconf.conf

echo "net.ipv4.conf.all.accept_source_route = 1" >> /etc/sysconf.conf
#echo "net.ipv6.conf.all.accept_source_route = 1" >> /etc/sysconf.conf

# Always accept loopback traffic
iptables -A INPUT -i lo -j ACCEPT

#yes, you should have fail2ban ;)
#/etc/init.d/./fail2ban restart

#fix tap0 forwarding etc.
#clarify - eth1 internet
#clarify - eth0 lan

# Allow established connections, and those not coming from the outside
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
#iptables -A INPUT -m state --state NEW -i ! eth1 -j ACCEPT
iptables -A INPUT -i eth0 -j ACCEPT
iptables -A INPUT -m state --state NEW -i eth1 -j REJECT

iptables -A FORWARD -i eth1 -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT

# Allow outgoing connections from the LAN side.
iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT

# Masquerade.
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE

# Don't forward from the outside to the inside.
iptables -A FORWARD -i eth1 -o eth1 -j REJECT

# portforwarding-rules

#iptables -t nat -A PREROUTING -i eth1 -p tcp --dport [port] -j DNAT --to [ip:port]

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...