BurntToast
2[H]4U
- Joined
- Jun 14, 2003
- Messages
- 3,677
Looking at building a Pfsense box with a D2500CC but would like to build one on a newer chip. I just don't see any ETA.
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
it's based on vyatta which is a specialized debian...There are some interesting threads in Ubiquity's forums on blocking countries, using some different blacklists, etc, for safer internets usage. You could probably load Snort on it. The software on it is Debian-based IIRC, and is pretty customizable.
I am pretty sure I even read a thread over there that someone successfully installed pfsense on an ERL. It might be worth checking out.
I hear that logs kill SSDs in a matter of months.
I hear that logs kill SSDs in a matter of months.
SSD for OS/config, HDD for logs. Or syslog?
I wouldn't mess with that, there's no compelling reason to make storage for a firewall that complicated. Just use a laptop HDD. Small, quiet, and a fraction of the power of a desktop hard drive. I have one as the main drive in my firewall, and as the OS drive in my file server.
^ What he said, I've run pfSense boxes for YEARS on CF to IDE adapters. It all depends on How much/what you log and the traffic passed that applies to those logging rules. If you log everything on a saturated pipe, yes, you'll hit the failure point of flash memory faster. But, are you?
FreeBSD runs on the ERL so in theory pfsense should be portable too, I don't see why you would need the WebUI just for firewalling though...
If you're "just" going to do firewalling and routing an Atom box is most likely overkill compared to a decent MIPS/PPC-system.
//Danne, who runs several ERLs with FreeBSD