I’m looking to replace a default DSL router/modem with a “dummy modem” + “linux-based router” combo. I’m getting rid of the ZOOM ADSL modem because of its lack of capabilities. For instance, I can’t forward external ports to different internal ports (e.g. forward external port 2000 to internal port 80 — I have to go 2000 to 2000, 80 to 80, etc.). Although this can be done by logging into the router via telnet and manipulating the router’s proprietary firewall, it’s a huge pain. Also, it, under no circumstances allows for loopback traffic, which I often need so that I may test as though I’m an external user. So, I’m going linux.
I realize that it will take some time to get everything tweaked to my liking, however, I’m looking for the quickest means by which to get a quality, safe linux router up and running ASAP. As stated, the setup will be to revert back to the dummy DSL modem for general ISP connectivity, then flow all traffic through the linux-box, and finally to a gigabit switch for the office:
[INTERNET] <--> ["DUMB" DSL MODEM] <--> [UBUNTU BOX (2 NICs) (w/Webmin?)] <--> [24-port gig switch] <--> [OFFICE COMPUTERS]
That said, can anyone provide some concise info on getting a decent (work-in-progress) linux router up and running? I’ve seen too many documents and YouTube tutorials to count, but everyone seems to touch on cases I’d likely never even use.
I have the following NEEDS:
GENERAL SAFETY (against general DOS, SMURFING, etc.), NAT, PORT FORWARDING
I have the following WANTS:
WEB PRE-LOAD/CACHING, DNS, WIRELESS SERVING (future -- I can use an access point for now), VPN
FYI, I’ve currently got an Ubuntu Jaunty box running Webmin, but I’m willing to use whatever so long as it is, at least initially, straightforward.
I’ve decided to go with pfSense. When I initially installed it, everything seemed to work just fine. Now, however, I can ping and SSH to all machines behind the pfSense box, but I can’t access the internet. I reset to factory defaults but still no results. I do currently have the pfSense machine sitting just after the DSL router/modem. Are there perhaps DNS issues? What are the base set of items I need to check in order to get a “dirty” setup going?
m0n0wall and pfSense (BSD’s, pfSense being forked from m0n0), Smoothwall, Vyatta, or IPcop will all do what you want effectively — and are all different flavors of mostly the same coolaid. You might find the community is what sells you on one product over another. M0n0wall will fit on any storage device, pfSense seems to offer more advanced features, while Vyatta is a enterprisey Cisco replacement, and IPCop is super-simple. They are all excellent.
Here is a review of quite a few Firewall distro’s that marks up pfSense as best-of-breed.