AssistanZ - Beyond Boundaries... Cloudstack Consultancy / 24x7 Web Hosting Support / 24x7 Server Management / Infrastructure Management Services Web & Mobile Apps Development / Web Designing Services / Php, Grails, Java Development
Depending on how much bandwidth your looking at it might be worth look into a soekris box from soekris.com. Other than that your choice seems to come down to firewalling "language" ipfw on FreeBSD, PF on *BSD, IPTables on Linux, IPF on most unix like OS's. There is then also the deciesion into what level you want to configure the box, do you want a web interface eg IPcop, a standalone gui eg fwbuilder, or a plain text file eg pf.conf in OpenBSD.
Personally I like PF on OpenBSD and I know alot of linux Users that have moved from the chain style config as it's clearer but each to there own
You'll have to google for URL's as it won't let me post them
Thank you for your replies but i am really only looking to build my own box using a standard 1U rack server with dual nics and using something like M0n0wall, IPCOP etc.
That can definately be done... use a memory other than a harddrive - the less moving parts the better.
Wasn't your thread about a firewall for a datacenter... I hope you don't put a datacenter behind this custom built 1u
PS - If this 1U is going to be sitting in between you and all of your servers, i would recommend taking extreme caution in terms of heat or other causes of failure - if that box goes down, you're in hot water!
Avi Brender Reliable Web Hosting by Elite Hosts, Inc
CPANEL Reseller Hosting - Fantastico - Rvskins - ClientExec
I actually have a good server grade 1U rack server with aluminium chassis and dual nics. I also have a Compact Flash card working in it as well as I have been testing M0n0wall, IPCop and Wolverine.
I also have rackspace in a datacenter, so the box will be in front of my servers. This is what I meant by "in a datacenter" maybe I should have said "in a datacenter environment".
There have been many reports of people using M0n0wall on the Soekris boxes but I also read that if you need more throughput then you need to use a generic pc with more processing and memory. This is why I am using the spare rackserver that I had.
Now, my question here is do any of you have any experience using any of the above Firewall/VPN solutions in a datacenter environment in front of your own equipment? If so, I would be grateful if you can share your experiences and/or recommendations.
I am using the corporate edition on a 1u P3 Server with 2 Netrork adapters and a HD as far as i know the problem with the free version is that it can not make forwarding to difernts external ip and the same port, but maybe on the forums somebody can help you with an answer, i was too lazy.
Note that if you are writing to the CF media it only has a limited number of writes (logging etc) I've used pf/freebsd ipf/freebsd as a cheap solution (with a HD, they are cheap, why not) and it worked well for what I was doing.