HI gang, As part of the Lancaster MA project, there is a 486 machine with 8 MB of memory which we would like to make into a firewall. I'm seeking recommendations on how best to do this. Are we memory limited, or can this work, and if so, how? Can we put at least a minimal installation of something on this machine, or are we going to have to explore the single floppy firewall solutions such as the Linux Router project? Finally, is there somebody who would like to volunteer for Saturday 9/29 to explicitly help with solving this problem? Thanks, Andy -- Andy Stewart Founder Worcester Linux Users' Group Worcester, MA, USA http://www.wlug.org
Andy> As part of the Lancaster MA project, there is a 486 machine with Andy> 8 MB of memory which we would like to make into a firewall. I'm Andy> seeking recommendations on how best to do this. Are we memory Andy> limited, or can this work, and if so, how? LRP is the way to go, it's a firewall on a floppy disk. I'm running it at home and it's really nice. What speed internet link are you talking about here? I might be able to scrounge more memory and a P90-130 for you instead. Maybe. Andy> Can we put at least a minimal installation of something on this Andy> machine, or are we going to have to explore the single floppy Andy> firewall solutions such as the Linux Router project? It's not hard to do an LRP setup, and it's much more secure. You have a problem, you reboot. The media is physically write protected. Andy> Finally, is there somebody who would like to volunteer for Andy> Saturday 9/29 to explicitly help with solving this problem? Ummm... I might be able to help with this. John
I've never used LRP before, but I've played around with ipchains under RedHat 7.1, which are fairly easy to use and highly customizable. If you need anyone else to help on Saturday, I might be able to stop by, but it's parents' weekend, so I'm not sure. -James -----Original Message----- From: wlug-admin@mail.wlug.org [mailto:wlug-admin@mail.wlug.org]On Behalf Of John Stoffel Sent: Saturday, September 22, 2001 12:39 PM To: wlug@mail.wlug.org Subject: Re: [Wlug] Firewall on 486 w/8 MB of memory Andy> As part of the Lancaster MA project, there is a 486 machine with Andy> 8 MB of memory which we would like to make into a firewall. I'm Andy> seeking recommendations on how best to do this. Are we memory Andy> limited, or can this work, and if so, how? LRP is the way to go, it's a firewall on a floppy disk. I'm running it at home and it's really nice. What speed internet link are you talking about here? I might be able to scrounge more memory and a P90-130 for you instead. Maybe. Andy> Can we put at least a minimal installation of something on this Andy> machine, or are we going to have to explore the single floppy Andy> firewall solutions such as the Linux Router project? It's not hard to do an LRP setup, and it's much more secure. You have a problem, you reboot. The media is physically write protected. Andy> Finally, is there somebody who would like to volunteer for Andy> Saturday 9/29 to explicitly help with solving this problem? Ummm... I might be able to help with this. John _______________________________________________ Wlug mailing list Wlug@mail.wlug.org http://mail.wlug.org/mailman/listinfo/wlug
Linux Router Project is the way to go. You can get 'distros' for almost any thing. Check out lrp.c0wz.com, lrp.steinkuehler.net, www.linuxrouter.org. I use it and it's neat. No hard drive needed. Everything boots from a write-protected floppy. Includes a pretty good ipchains firewall. -Chuck James Baldassari wrote:
I've never used LRP before, but I've played around with ipchains under RedHat 7.1, which are fairly easy to use and highly customizable. If you need anyone else to help on Saturday, I might be able to stop by, but it's parents' weekend, so I'm not sure. -James
-----Original Message----- From: wlug-admin@mail.wlug.org [mailto:wlug-admin@mail.wlug.org]On Behalf Of John Stoffel Sent: Saturday, September 22, 2001 12:39 PM To: wlug@mail.wlug.org Subject: Re: [Wlug] Firewall on 486 w/8 MB of memory
Andy> As part of the Lancaster MA project, there is a 486 machine with Andy> 8 MB of memory which we would like to make into a firewall. I'm Andy> seeking recommendations on how best to do this. Are we memory Andy> limited, or can this work, and if so, how?
LRP is the way to go, it's a firewall on a floppy disk. I'm running it at home and it's really nice.
What speed internet link are you talking about here? I might be able to scrounge more memory and a P90-130 for you instead. Maybe.
Andy> Can we put at least a minimal installation of something on this Andy> machine, or are we going to have to explore the single floppy Andy> firewall solutions such as the Linux Router project?
It's not hard to do an LRP setup, and it's much more secure. You have a problem, you reboot. The media is physically write protected.
Andy> Finally, is there somebody who would like to volunteer for Andy> Saturday 9/29 to explicitly help with solving this problem?
Ummm... I might be able to help with this.
John _______________________________________________ Wlug mailing list Wlug@mail.wlug.org http://mail.wlug.org/mailman/listinfo/wlug
_______________________________________________ Wlug mailing list Wlug@mail.wlug.org http://mail.wlug.org/mailman/listinfo/wlug
Hi John et al, On Saturday 22 September 2001 12:39 pm, John Stoffel wrote:
Andy> As part of the Lancaster MA project, there is a 486 machine with Andy> 8 MB of memory which we would like to make into a firewall. I'm Andy> seeking recommendations on how best to do this. Are we memory Andy> limited, or can this work, and if so, how?
LRP is the way to go, it's a firewall on a floppy disk. I'm running it at home and it's really nice.
I saw several other recommendations for LRP, so I think we'll give that a try.
What speed internet link are you talking about here? I might be able to scrounge more memory and a P90-130 for you instead. Maybe.
The machine has a 56K modem in it for the Internet connection. It will be used for light surfing and e-mail (as I understand it). There will be 2 or 3 other machines on the net with it (yeah, quite a bottleneck...).
Andy> Can we put at least a minimal installation of something on this Andy> machine, or are we going to have to explore the single floppy Andy> firewall solutions such as the Linux Router project?
It's not hard to do an LRP setup, and it's much more secure. You have a problem, you reboot. The media is physically write protected.
Andy> Finally, is there somebody who would like to volunteer for Andy> Saturday 9/29 to explicitly help with solving this problem?
Ummm... I might be able to help with this.
John, that would be great if you were able to help out with this. Please let me know for sure. Later, Andy -- Andy Stewart Founder Worcester Linux Users' Group Worcester, MA, USA http://www.wlug.org
On Sun, Sep 23, 2001 at 12:14:11PM -0400, Andy Stewart wrote:
The machine has a 56K modem in it for the Internet connection. It will be used for light surfing and e-mail (as I understand it). There will be 2 or 3 other machines on the net with it (yeah, quite a bottleneck...).
Not really. There may be someone on this list who remembers sharing a 56K modem 10 ways... :) We had that thing up 24/7 with auto-redial. If you're using HTML-based websites (that is, no audio/vidio/multimedia) and use fetchmail to bring your email messages to a local host, you'll never notice that your internet connection is any less than badass. -Chuck
From: Chuck Homic <chuck@vvisions.com>
On Sun, Sep 23, 2001 at 12:14:11PM -0400, Andy Stewart wrote:
(yeah, quite a bottleneck...).
Not really. There may be someone on this list who remembers sharing a 56K modem 10 ways... :) We had that thing up 24/7 with auto-redial. If you're using HTML-based websites (that is, no audio/vidio/multimedia) and use fetchmail to bring your email messages to a local host, you'll never notice that your internet connection is any less than badass.
Smile, and they will thank you and think you are a wizard. Gumble about the modem, and you will have some geezer bending your ear about how he had to carry the paper tape from the lab to the post office. -- Keith
Andy> I saw several other recommendations for LRP, so I think we'll Andy> give that a try. That would be best. Andy> Finally, is there somebody who would like to volunteer for Andy> Saturday 9/29 to explicitly help with solving this problem? I'm fighting a cold right now, but I should be over it by the weekend and hopefully will be able to help out here. Do you have the hardware in your posession right now? Making the floppy disk(s) ahead of time would be a big time saver. All my LRP installs have been with a cable modem and getting a network card to work, I haven't done anything with the PPP setup type stuff. What kind of modem are they going to be using? Please say something external... it probably won't fly if they have a win-modem for that machine. John
Hi Let me jump in here a moment. I have been up to the site (as a sort of advance scout) and have some information you might like.
I'm fighting a cold right now,
OK that means no kissing! :-)
but I should be over it by the weekend and hopefully will be able to help out here.
Do you have the hardware in your posession right now?
The box is up in Lancaster. It is a Unisys EVC-142. There are no manuals available --- it was a second hand purchase. I can find nothing about it on the web. :-( It has a 540 meg hard drive, the 8 meg you know about, and we jury-rigged a CDrom drive on it (by jury-rigged I mean there was only one IDE cable and it would not reach both the hard drive and the CDrom if both were in the available bays so we simply left the case open with the CD drive lying on a book on top.)
What kind of modem are they going to be using? Please say something external... it probably won't fly if they have a win-modem for that machine.
Bad news and good news here :-). The modem is internal. However it is Listed as OK on the Linux Modem Compatibility list. It is a US Robotics Model 0584 56K ISA. Incidentally, the NIC cards they have are all 3COM model 3C509B and there is a 3c509 module which seems to work ok with them. doug
doug> OK that means no kissing! :-) And I'm still fighting it. I might not be making it saturday. We'll see... doug> The box is up in Lancaster. It is a Unisys EVC-142. There are no doug> manuals available --- it was a second hand purchase. I can find doug> nothing about it on the web. :-( Ugh. Not good. doug> It has a 540 meg hard drive, the 8 meg you know about, and we doug> jury-rigged a CDrom drive on it (by jury-rigged I mean there was doug> only one IDE cable and it would not reach both the hard drive doug> and the CDrom if both were in the available bays so we simply doug> left the case open with the CD drive lying on a book on top.) That could do the trick for now. If we setup the system with a CDROM drive and a floppy drive, we can use the Oxygen LRP distribution, which has all the packages and stuff on CDROM, and the config on a write protected floppy. Or the standard LRP with a single floppy should work as well. doug> Bad news and good news here :-). The modem is internal. However doug> it is Listed as OK on the Linux Modem Compatibility list. It is doug> a US Robotics Model 0584 56K ISA. That should be ok. doug> Incidentally, the NIC cards they have are all 3COM model 3C509B doug> and there is a 3c509 module which seems to work ok with them. This is good too, since I think LRP supports these out of the box pretty much. These are PCI, right? Or are they ISA? Do you have the PPP dialout number, username and password yet as well? It might make sense to try and pre-configure an LRP diskette with all the info needed and see if it would just boot right from the start. I can take my existing images at home which are known to work and try to update them or this setup. Please realize that this box would be dedicated to LRP only, no real user logins allowed/needed? John
participants (7)
-
Andy Stewart -
cc.noyes -
Chuck Homic -
doug waud -
James Baldassari -
John Stoffel -
Keith Wright