Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3


638 posts

Ultimate Geek
+1 received by user: 10


  Reply # 501701 4-Aug-2011 00:01
Send private message

As I mentioned earlier, I have a dual port Intel NIC, which I will use if I go the PFsense route: PRO/1000 MT server adaptor.

1935 posts

Uber Geek
+1 received by user: 704

Trusted

  Reply # 501721 4-Aug-2011 07:02
Send private message

I'm still curious what you actually plan to use it for. Otherwise we're all still just guessing at what we personally think is good.




It looks like I'm using an adblocker. I should consider whitelisting Geekzone in my adblocker or a subscription. The Quick Reply box will appear for me when Geekzone is whitelisted. Hooray for me! If I want to reply to this topic I should click on Compose Reply.


 
 
 
 


Try Wrike: fast, easy, and efficient project collaboration software
597 posts

Ultimate Geek
+1 received by user: 36


  Reply # 502036 4-Aug-2011 17:24
Send private message

I'm running pfSense on an HP Thin Client with the PCI expansion module, upgraded memory and a compact flash card to replace the DOM.

This thing uses hardly any power and runs like a champ.

I can't see the point in using a fullsize PC for a router, especially a multicore monster, the power usage would be huge for minimal gain.

For a SOHO environment you really don't need too much.



638 posts

Ultimate Geek
+1 received by user: 10


  Reply # 502097 4-Aug-2011 19:00
Send private message

muppet: I'm still curious what you actually plan to use it for.


Hosting large multiplayer (dedicated) servers without affecting anyone's browsing/streaming/usual internet tasks, and also heavy torrent usage.

And I want more access control features.

PANiCnz: I'm running pfSense on an HP Thin Client with the PCI expansion module, upgraded memory and a compact flash card to replace the DOM. 

what model is this? 

597 posts

Ultimate Geek
+1 received by user: 36


  Reply # 502113 4-Aug-2011 19:27
Send private message

Similar to the t5300 but I can't remember the specific model number. Its one of the older ones with the crappy Transmeta CPU's. Got it from work for free.

The hard part is finding the PCI expansion module, had to get it from OZ they're pretty rare.

26199 posts

Uber Geek
+1 received by user: 5797

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  Reply # 502122 4-Aug-2011 19:40
Send private message

IMHO if you're going to the hassle of buying a PC you may as well just buy a Mikrotik 750 for ~$70. There is a learning curve but you'll learn a lot about networking on the way.

71 posts

Master Geek


  Reply # 502130 4-Aug-2011 19:52
Send private message

I have an Alix 2D3 running pfsense like a champ (http://pcengines.ch/alix2d3.htm). Got it shipped here for ~NZ200 and about 5 working days. Can't really ask for more and it hardly uses any power.


Another alternative I considered was getting an Asus RT-N16 and flashing Tomato firmware onto it. This is one of the more powerful consumer routers and you get the benefit of N-wireless.


I see you already have some server hardware you plan on running pfsense with. This will end up costing you a lot in your power bill though. A 100Watt PC running 24/7 could cost you an additional $10/mo+ in power or $120 annually.


I ended up going with the Alix board because:
+ Geode 800mhz processor is a lot more powerful than the N16's processor
+ Could install linux and use it for home server should I acquire a better router/modem
+ 3 Network interfaces + mini pci gives lots of connectivity options

Couple of shortcomings:
- Wireless costs extra. You have to buy a mini pci card. pfSense doesn't support wireless N yet. I just reused my old router as a wireless access point.
- Need a gigabit switch to get you the ethernet ports that would come standard with the N16 (I already had one)

669 posts

Ultimate Geek
+1 received by user: 112


  Reply # 502197 4-Aug-2011 23:16
Send private message

All other options aside....

I have used (and still do use) PFSense at home for the last 3 or so years.

At the office where i work.

To fix a unreliable internet connection issue for a small-medimum sized business.

To connect to the PFSense box i use a Dynalink RTA1320 in half bridged mode. You can pick one of these up off trademe for bugger all ($5~).

For the PFSense box I have used multiple computers ranging from 500mhz upwards with 256mb's of RAM or more (however you can easily run it on less).


This combination has proven to be great for the telecom cabinets (as the modem is a broadcom chipset) and at the same time amazing for stability as the modem only acts as a modem and authentication (because of the half bridging) rather than a fully fledged router.

I am yet to have any issues with PFSense and uptime. My internet connection is reliable and consistant, even with heavy usage.

I would highly recommend it over most other products because it uses proper networking terminology and is coded extremely well. It is a extremely powerful product.

In my mind it doesnt even compare to the likes of Smoothwall Monowall etc.

Just as a side note, if you do use it make sure you enable the traffic shaper, otherwise you will have issues with your torrenting taking over etc.

132 posts

Master Geek
+1 received by user: 2


  Reply # 503903 9-Aug-2011 14:55
Send private message

I have a duel core 2.8Ghz with 4Gb of ram running PFsense...

The main reason its so grunty is I had no other need for the system... And its nice to be able to over load it with lots of useless packages you never really need or use ;)

I have a lot of stuff on there I do and don't use.

Snort
Squid
SquidGuard
LightSquid
OpenVPN

Are all very useful things depending on your needs but can take a bit more power than a small light box can produce.


I am actually having a few problems getting my PFsense box happy in a dual wan environment, so if anyone knows a bit about it, please flick me a message so I can pick your brain a bit.



172 posts

Master Geek
+1 received by user: 25


  Reply # 503913 9-Aug-2011 15:03
Send private message

This thread from the Christchurch Linux Users Group mail archive may be useful;

http://lists.canterbury.ac.nz/pipermail/linux-users/2011-July/001057.html



638 posts

Ultimate Geek
+1 received by user: 10


  Reply # 506818 15-Aug-2011 14:36
Send private message

I am still undecided.

Will Tomato/DD-WRT allow me to create a filter that blocks internet traffic to all MAC addresses except those I specify?

PS. the key word there is 'internet', they should still be able to access the LAN even if I haven't specified their MAC.


132 posts

Master Geek
+1 received by user: 2


  Reply # 506849 15-Aug-2011 15:21
Send private message

This is a two second rule of PFsense - It is extremely easy to set rules for each IP address, MAC address, subnet, or adapter.

Have never used DD-WRT so cannot comment on that front.



638 posts

Ultimate Geek
+1 received by user: 10


  Reply # 506918 15-Aug-2011 17:05
Send private message

Privoxy: IP address, MAC address, subnet, or adapter.


Pardon my ignorance, but by adapter do you mean it can differentiate clients by their actual NIC hardware (making it impossible to bypass like one could by spoofing a MAC)?

1332 posts

Uber Geek
+1 received by user: 152
Inactive user


  Reply # 506933 15-Aug-2011 17:45
Send private message

@Privoxy, you have a PM regarding multiple WAN.

@Oubadah, I believe that by adapter is meant the pfSense machine's local NIC hardware. Just a guess, however.

8020 posts

Uber Geek
+1 received by user: 387

Trusted
Subscriber

  Reply # 507072 16-Aug-2011 01:47
Send private message

Oubadah:

Will Tomato/DD-WRT allow me to create a filter that blocks internet traffic to all MAC addresses except those I specify?

PS. the key word there is 'internet', they should still be able to access the LAN even if I haven't specified their MAC.



Yes TomatoUSB and DD-WRT have access restriction rules that will allow you to do this.

1 | 2 | 3
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Amazon launches the International Shopping Experience in the Amazon Shopping App
Posted 19-Apr-2018 08:38


Spark New Zealand and TVNZ to bring coverage of Rugby World Cup 2019
Posted 16-Apr-2018 06:55


How Google can seize Microsoft Office crown
Posted 14-Apr-2018 11:08


How back office transformation drives IRD efficiency
Posted 12-Apr-2018 21:15


iPod laws in a smartphone world: will we ever get copyright right?
Posted 12-Apr-2018 21:13


Lightbox service using big data and analytics to learn more about customers
Posted 9-Apr-2018 12:11


111 mobile caller location extended to iOS
Posted 6-Apr-2018 13:50


Huawei announces the HUAWEI P20 series
Posted 29-Mar-2018 11:41


Symantec Internet Security Threat Report shows increased endpoint technology risks
Posted 26-Mar-2018 18:29


Spark switches on long-range IoT network across New Zealand
Posted 26-Mar-2018 18:22


Stuff Pix enters streaming video market
Posted 21-Mar-2018 09:18


Windows no longer Microsoft’s main focus
Posted 13-Mar-2018 07:47


Why phone makers are obsessed with cameras
Posted 11-Mar-2018 12:25


New Zealand Adopts International Open Data Charter
Posted 3-Mar-2018 12:48


Shipments tumble as NZ phone upgrades slow
Posted 2-Mar-2018 11:48



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.