HomePage :: TechnicalProjects :: EdgeDevices
Edge Devices
I am partial to using some *nix for my edge device. This affords me more utility than a traditional hardware
solution (a misnomer; all hardware firewalls run some sort of operating system) such as Cisco, or the barely-useful low-end router/firewall devices such as a Linksys cable modem router.
My ideal set of applications running on a (preferably) Linux firewall:
firewalling code
* packet filter — iptables, or ipfilter if the device is running BSD
* proxies — squid, irc bouncer, what else?
routing — traditional routing, or some sort of NAT
ssh for remote access and ad-hoc VPNs
NIDS (intrustion detection) — snort
VPN if needed — IPsec
traffic shaping agents if needed — iproute2, layer-7 filtering, etc.
Wishlist: a set-top firewall solution
I am very interested in a set-top device running Linux or [NetBSD http://netbsd.org], similar in size to the popular cable modem routers
that are sold in consumer PC stores. I have used the [NetBSD Firewall http://www.dubbele.com] and also [SmoothWall Linux http://www.smoothwall.org], which are 2 ends of the spectrum, I suppose. Ideally, my wish router would have services similar to SmoothWall (or [IPCop http://www.ipcop.org]), and run an embedded *nix. I've looked at the [Linux Router Project http://lr101.linux-it-solutions.de/index.php?lang=en], but the hardware is way too expensive (or maybe not; more services translate into more value). Perhaps a suitable embedded board exists that could be paired with IPCop?
My friends and I have also considered putting together 1-U rack box with more traditional hardware, running a firewall distro. This might be something we can make money with at some point.