USB Thumb Drive on Firewall

C

Carlosinfl

Loves the juice
Joined
Sep 25, 2002
Messages
6,633
Has anyone ever tried or been successful in installing a distribution Firewall (SWE, Endian, IPCop) using only a 16 GB USB thumb drive? I have no P-ATA drives & the IDE connector on the motherboard has failed as well so I do have a USB 2.0 slot so would think it would mount my USB thumb drive as /dev/sda1 and run the installation.

I have no available PCI slots available for a PCI S-ATA or P-ATA controller.

Anyone know?
 
I would think that both the BIOS and distro that you're using would have to support detection/read/write/boot from USB. Assuming that your hardware will allow boot from USB, test it out and see which distros are compatible, if any.
 
I don't see why not as long as the hardware you are using supports booting off of the drive.

Edit: I was beat :(
 
iirc, you can run ipcop off of a 128 (maybe a 256) even...

i have actually run a NAS distro off of a small USB drive a few times... most important thing is whether the board supports it or not... a lot of them will say they do (USB drives are visible in boot menus) but then when you actually go to boot they'll crap out....

i actually have a 4GB USB thumb drive with a personalized winpe 2.0 install on it, and so i've found this to be true with even the newer boards...

but it can definitely be done
 
m0n0wall will run on a 32mb compact flash drive so I see why not. As long as your equip. supports booting from USB (most modern stuff does).
 
even if it doesn't, have you considered an IDE adapter for a compact flash card?

i think i got 3 of them for 10 dollars from HK... shipping was like 4 dollars or something....

just make sure if you're buying a CF card, get the one that supports DMA, or you may run into problems later with some distros....
 
goodcooper said:
even if it doesn't, have you considered an IDE adapter for a compact flash card?

i think i got 3 of them for 10 dollars from HK... shipping was like 4 dollars or something....

just make sure if you're buying a CF card, get the one that supports DMA, or you may run into problems later with some distros....
Click to expand...

Seriously?
"the IDE connector on the motherboard has failed"
 
As long as the hardware you are using supports booting to USB and your distro has USB support, you should be fine. Typically, USB bootable drives appear to an OS as emulated hard disks -- so it's reasonable to believe the OS doesn't necessarily need to support "booting from USB drives" so long as your hardware does. Unfortunately all of my firewall hardware (older PIII) doesn't support booting to USB so I can't try this out 100%, however I have booted linux off of a USB key in the past on my laptop. YMMV but good luck!
 
So if my machine is so old that it does not support booting from a USB peripheral, I can purchase a IDE adapter for a CF card?

Anyone have a product link of a recommended one?
 
well as GlobalFear painfully pointed out.... if your IDE ports are dead than that won't work...

i got like 3 for 10 bucks on ebay... they seem to be the sort of thing you can get away with buying on ebay (i usually hate buying things on ebay)

but it really is just an adapter, CF cards actually use IDE interface as it is... its just a matter of changing form factor...

EDIT: link
what i like about this model is that it accepts a ribbon cable... the 3 that i got years ago plugged directly into the IDE header on the motherboard... which was kind of annoying, because you could really only have 1 device per channel... plus the board and sff case didn't always support the card sticking out of the motherboard at a right angle...

also this has places for 2 cards... read more about it in the description...

can't vouch for the seller, that is what feedback is for...
also can't vouch for the actual device, but as i said earlier, it is a pretty simple device
 
As an eBay Associate, HardForum may earn from qualifying purchases.
I run pfSense on my firewalls off of 512 MB CF cards on IDE adapters. I used these adapters and some old flash cards I had laying around.
 
What is their official name so I can properly search for this. I can find a board with a working IDE port as this will safe on drive noise.

Anyone know if the speed or bus connection from these adapters and or cards will be a bottleneck for Firewall performance on a basic home network?

Are these them?
 
Bottleneck? No. Most firewall distros out there operate almost entirely from memory. IF you are doing a ton of disk-based proxy then you might see the potential for a slowdown -- but it's unlikely.

As for the ones you found -- yes, that is what people were referring too... but you can get them much cheaper on ebay. :) The one that tdg linked above is a good one from geeks.com; this one or this one depending on whether you want it sticking straight out of the motherboard or you want to put it on a cable like a normal drive.
 
Orinthical said:
Bottleneck? No. Most firewall distros out there operate almost entirely from memory. IF you are doing a ton of disk-based proxy then you might see the potential for a slowdown -- but it's unlikely.
Click to expand...

Also keep in mind that if the Distro you use has a disk-based proxy, you'll proably need to use either a true SSD (if you don't want spinning media), or a real drive. Flash-based memory won't stand up to the read/write activity of Proxying and the rotating logs associated with them for long. Of course, it also depends on the load placed on the device.

Orinthical's right though, the true firewall-type Distros ( pfSense, Smoothwall, the base IPCop install) reside almost totally in memory and thus have VERY little R/W from any drives.
 
You must log in or register to reply here.
Back
Top