[nycbug-talk] soho router options (soekris?)

Marc Spitzer mspitzer
Tue Jan 25 22:52:27 EST 2005


On Tue, 25 Jan 2005 21:30:06 -0500, Marc Spitzer <mspitzer at gmail.com> wrote:
> On Tue, 25 Jan 2005 21:24:58 -0500, Pete Wright
> <pete at finn.nomadlogic.org> wrote:
> > >
> >
> >
> > those are pretty convincing arguments, how is pf support in netbsd 2.0?  i've
> > never run it (assuming we would still want to use pf).
> 
> pf is in core as is ipf, 3.x I think, and ipf 4.x might be a port.
> 
> marc
> 

Ok here is a first cut of the needed services this box needs to provide:

1: firewall

2: nat

3: dhcp server

4: dhcp client

5: port forwarding

6: logging/syslog

7: web management interface

8: authentication, ppoe for dls for example

9: self manageing, log file rotation etc.

10: users guide

11: should cost under $300 including everything, cf card, mounting
hardware, ...)
      we should look into if soukris would put together a kit

12: ability to save config file  off the box and restore.

13: no ssh/telnet access out of the box,  iff you are good enough to
figure it out more power to you and you are good enough to fix it so
do not bother me.

fill in the rest of the must haves below

now on to V2

1: dmz, but keep it in mind when building V1

2: vpn ipsec/pptp

3: simple ids, not a full snort install


basic design decisions:

1: one and only one scripting/programming language and I vote for tcl

2: we need to find out how much stuff we can buy for about $300, how
big a CF card can we get?

3: how are we going to do upgrades/patches

there is lots to bicker^w err discuss after we get this round settled.

Let the discussion begin,

marc

----
I think the src for X is larger then the source for netbsd, this cvs
checkout is taking forever.




More information about the talk mailing list