Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3


645 posts

Ultimate Geek
+1 received by user: 11


  Reply # 501701 4-Aug-2011 00:01
Send private message

As I mentioned earlier, I have a dual port Intel NIC, which I will use if I go the PFsense route: PRO/1000 MT server adaptor.

1970 posts

Uber Geek
+1 received by user: 730

Trusted

  Reply # 501721 4-Aug-2011 07:02
Send private message

I'm still curious what you actually plan to use it for. Otherwise we're all still just guessing at what we personally think is good.




It looks like I'm using an adblocker. I should consider whitelisting Geekzone in my adblocker or a subscription. The Quick Reply box will appear for me when Geekzone is whitelisted. Hooray for me! If I want to reply to this topic I should click on Compose Reply.


612 posts

Ultimate Geek
+1 received by user: 37


  Reply # 502036 4-Aug-2011 17:24
Send private message

I'm running pfSense on an HP Thin Client with the PCI expansion module, upgraded memory and a compact flash card to replace the DOM.

This thing uses hardly any power and runs like a champ.

I can't see the point in using a fullsize PC for a router, especially a multicore monster, the power usage would be huge for minimal gain.

For a SOHO environment you really don't need too much.



645 posts

Ultimate Geek
+1 received by user: 11


  Reply # 502097 4-Aug-2011 19:00
Send private message

muppet: I'm still curious what you actually plan to use it for.


Hosting large multiplayer (dedicated) servers without affecting anyone's browsing/streaming/usual internet tasks, and also heavy torrent usage.

And I want more access control features.

PANiCnz: I'm running pfSense on an HP Thin Client with the PCI expansion module, upgraded memory and a compact flash card to replace the DOM. 

what model is this? 

612 posts

Ultimate Geek
+1 received by user: 37


  Reply # 502113 4-Aug-2011 19:27
Send private message

Similar to the t5300 but I can't remember the specific model number. Its one of the older ones with the crappy Transmeta CPU's. Got it from work for free.

The hard part is finding the PCI expansion module, had to get it from OZ they're pretty rare.

26616 posts

Uber Geek
+1 received by user: 6107

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  Reply # 502122 4-Aug-2011 19:40
Send private message

IMHO if you're going to the hassle of buying a PC you may as well just buy a Mikrotik 750 for ~$70. There is a learning curve but you'll learn a lot about networking on the way.

71 posts

Master Geek


  Reply # 502130 4-Aug-2011 19:52
Send private message

I have an Alix 2D3 running pfsense like a champ (http://pcengines.ch/alix2d3.htm). Got it shipped here for ~NZ200 and about 5 working days. Can't really ask for more and it hardly uses any power.


Another alternative I considered was getting an Asus RT-N16 and flashing Tomato firmware onto it. This is one of the more powerful consumer routers and you get the benefit of N-wireless.


I see you already have some server hardware you plan on running pfsense with. This will end up costing you a lot in your power bill though. A 100Watt PC running 24/7 could cost you an additional $10/mo+ in power or $120 annually.


I ended up going with the Alix board because:
+ Geode 800mhz processor is a lot more powerful than the N16's processor
+ Could install linux and use it for home server should I acquire a better router/modem
+ 3 Network interfaces + mini pci gives lots of connectivity options

Couple of shortcomings:
- Wireless costs extra. You have to buy a mini pci card. pfSense doesn't support wireless N yet. I just reused my old router as a wireless access point.
- Need a gigabit switch to get you the ethernet ports that would come standard with the N16 (I already had one)

672 posts

Ultimate Geek
+1 received by user: 112


  Reply # 502197 4-Aug-2011 23:16
Send private message

All other options aside....

I have used (and still do use) PFSense at home for the last 3 or so years.

At the office where i work.

To fix a unreliable internet connection issue for a small-medimum sized business.

To connect to the PFSense box i use a Dynalink RTA1320 in half bridged mode. You can pick one of these up off trademe for bugger all ($5~).

For the PFSense box I have used multiple computers ranging from 500mhz upwards with 256mb's of RAM or more (however you can easily run it on less).


This combination has proven to be great for the telecom cabinets (as the modem is a broadcom chipset) and at the same time amazing for stability as the modem only acts as a modem and authentication (because of the half bridging) rather than a fully fledged router.

I am yet to have any issues with PFSense and uptime. My internet connection is reliable and consistant, even with heavy usage.

I would highly recommend it over most other products because it uses proper networking terminology and is coded extremely well. It is a extremely powerful product.

In my mind it doesnt even compare to the likes of Smoothwall Monowall etc.

Just as a side note, if you do use it make sure you enable the traffic shaper, otherwise you will have issues with your torrenting taking over etc.

132 posts

Master Geek
+1 received by user: 2


  Reply # 503903 9-Aug-2011 14:55
Send private message

I have a duel core 2.8Ghz with 4Gb of ram running PFsense...

The main reason its so grunty is I had no other need for the system... And its nice to be able to over load it with lots of useless packages you never really need or use ;)

I have a lot of stuff on there I do and don't use.

Snort
Squid
SquidGuard
LightSquid
OpenVPN

Are all very useful things depending on your needs but can take a bit more power than a small light box can produce.


I am actually having a few problems getting my PFsense box happy in a dual wan environment, so if anyone knows a bit about it, please flick me a message so I can pick your brain a bit.



191 posts

Master Geek
+1 received by user: 26


  Reply # 503913 9-Aug-2011 15:03
Send private message

This thread from the Christchurch Linux Users Group mail archive may be useful;

http://lists.canterbury.ac.nz/pipermail/linux-users/2011-July/001057.html



645 posts

Ultimate Geek
+1 received by user: 11


  Reply # 506818 15-Aug-2011 14:36
Send private message

I am still undecided.

Will Tomato/DD-WRT allow me to create a filter that blocks internet traffic to all MAC addresses except those I specify?

PS. the key word there is 'internet', they should still be able to access the LAN even if I haven't specified their MAC.


132 posts

Master Geek
+1 received by user: 2


  Reply # 506849 15-Aug-2011 15:21
Send private message

This is a two second rule of PFsense - It is extremely easy to set rules for each IP address, MAC address, subnet, or adapter.

Have never used DD-WRT so cannot comment on that front.



645 posts

Ultimate Geek
+1 received by user: 11


  Reply # 506918 15-Aug-2011 17:05
Send private message

Privoxy: IP address, MAC address, subnet, or adapter.


Pardon my ignorance, but by adapter do you mean it can differentiate clients by their actual NIC hardware (making it impossible to bypass like one could by spoofing a MAC)?

1332 posts

Uber Geek
+1 received by user: 152
Inactive user


  Reply # 506933 15-Aug-2011 17:45
Send private message

@Privoxy, you have a PM regarding multiple WAN.

@Oubadah, I believe that by adapter is meant the pfSense machine's local NIC hardware. Just a guess, however.

8025 posts

Uber Geek
+1 received by user: 387

Trusted
Subscriber

  Reply # 507072 16-Aug-2011 01:47
Send private message

Oubadah:

Will Tomato/DD-WRT allow me to create a filter that blocks internet traffic to all MAC addresses except those I specify?

PS. the key word there is 'internet', they should still be able to access the LAN even if I haven't specified their MAC.



Yes TomatoUSB and DD-WRT have access restriction rules that will allow you to do this.

1 | 2 | 3
View this topic in a long page with up to 500 replies per page Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Microsoft Dynamics 365 Business Central launches
Posted 10-Jul-2018 10:40


Spark completes first milestone in voice platform upgrade
Posted 10-Jul-2018 09:36


Microsoft ices heated developers
Posted 6-Jul-2018 20:16


PB Technologies charged for its extended warranties and warned for bait advertising
Posted 3-Jul-2018 15:45


Almost 20,000 people claim credits from Spark
Posted 29-Jun-2018 10:40


Cove sells NZ's first insurance policy via chatbot
Posted 25-Jun-2018 10:04


N4L helping TAKA Trust bridge the digital divide for Lower Hutt students
Posted 18-Jun-2018 13:08


Winners Announced for 2018 CIO Awards
Posted 18-Jun-2018 13:03


Logitech Rally sets new standard for USB-connected video conference cameras
Posted 18-Jun-2018 09:27


Russell Stanners steps down as Vodafone NZ CEO
Posted 12-Jun-2018 09:13


Intergen recognised as 2018 Microsoft Country Partner of the Year for New Zealand
Posted 12-Jun-2018 08:00


Finalists Announced For Microsoft NZ Partner Awards
Posted 6-Jun-2018 15:12


Vocus Group and Vodafone announce joint venture to accelerate fibre innovation
Posted 5-Jun-2018 10:52


Kogan.com to launch Kogan Mobile in New Zealand
Posted 4-Jun-2018 14:34


Enable doubles fibre broadband speeds for its most popular wholesale service in Christchurch
Posted 2-Jun-2018 20:07



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.