Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!nntp.coast.net!dispatch.news.demon.net!demon!awfulhak.demon.co.uk!awfulhak.demon.co.uk!awfulhak.demon.co.uk!not-for-mail From: brian@awfulhak.demon.co.uk (Brian Somers) Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: FreeBSD as Internet firewall Date: 26 Jun 1996 18:57:32 -0500 Organization: Coverform Ltd. Lines: 42 Message-ID: <4qsipc$90@anorak.coverform.lan> References: <4qphok$2lf@nadine.teleport.com> NNTP-Posting-Host: localhost.coverform.lan X-NNTP-Posting-Host: awfulhak.demon.co.uk X-Newsreader: TIN [version 1.2 PL2] David Chamberlain (david.chamberlain@ibm.net) wrote: : So, now the questions. Does application level proxy software (for outgoing : FTP, HTTP, etc) exist for FreeBSD and, if so, how reliable is it? I believe I : can do DNS and SENDMAIL with the existing installed DNS and SENDMAIL daemons. I don't know about proxying (anyone care to add something?), but named and sendmail are certainly well capable. : Also, what kind of hardware would you recommend for a gateway like this. : Should I use PCI NIC's instead of ISA for performance. What NIC's, either ISA : or PCI have the most reliable drivers for FreeBSD. (I am not afraid to : download and compile -stable, i've already done it just for fun). Also, does : FreeBSD have (or will have) drivers for HP 100VG NIC's? A PCI NIC with the DEC chipset will be good. The SMC Etherpower is a 100Mbit card (I believe) - don't know anything about the HP100VG. : I don't have current plans for gateway to be a web or ftp server. Should I : still use SCSI drives or would IDE be OK. If I really need SCSI drives, what : SCSI adapter (either ISA or PCI) have the most reliable FreeBSD drivers. SCSI does make a difference. An Adaptec 2940[U]W would be good, but I believe the Buslogic (BT-9[45]6) ones give almost the same performance for almost half the price. : I plan to use at least a Pentium 100. How much RAM should I use? At least 16Mb. You'll just suffer with 8. More is good, but if you're just proxying, 16 should be sufficient. : I would appreciate any suggestions anyone may offer. I am really new to this : Unix/Internet thing, as well as FreeBSD. I would like to do this with as : little hair pulling as possible. I'd also advise looking at firewalling using ipfw. Otherwise someone may turn up and stomp all over your work. It's free, and fairly easy to use. See /usr/share/misc/ipfw.samp.filters on the FreeBSD (installed) distribution. -- Brian <brian@awfulhak.demon.co.uk> Don't _EVER_ lose your sense of humour....