[Ldsoss] NAS and Firewall Hardware / Software

Stacey ldsoss at son.org
Tue May 15 08:03:47 EDT 2007 

I really don't think it is a good idea to complicate your firewall (and, 
most likely, reduce its security) by making it a NAS as well.  
Installing DD-WRT on a Linksys WRT54G router is actually pretty 
straightforward and simple, IMO.  DD-WRT makes a good firewall and 
support for forwarding all your web traffic to a transparent 
proxy/content filter.  I personally use a Linksys WRT54G running DD-WRT 
for my wireless access point.  I picked it for about $40 off ebay.  It 
only took me about 30 minutes to install DD-WRT.  For more information 
about DD-WRT see:  http://en.wikipedia.org/wiki/DD-WRT and 
http://www.dd-wrt.com/dd-wrtv2/index.php.

For my firewall I actually use m0n0wall on a little soekris box.   
m0n0wall uses BSD Unix which I personally trust more for things like 
security than Linux.  (I am "old school" and first started using BSD 
back in the 80's on a VAX 11/780.)   Soekris hardware use very little 
power (about 5 watts) and usually come with three ethernet ports in case 
you want to set up a DMZ for your access point(s), web server, or 
something.   I paid something like $150 for my soekris box but I have 
been seeing these selling for around $100 on ebay.  For more information 
see http://m0n0.ch/wall/ and http://www.soekris.com/

For a NAS I use Gentoo Linux with a few TBs of disk.  If you want a 
linux system that performs Gentoo and its "portage" package management 
is the way to go.  I personally like it because of the power of 
portage.  It allows you to quickly build a custom system with only stuff 
you want with the compiler options that work best for your hardware.  
However, there is a steep learning curve for Gentoo (it is not your 
mother's linux).

For your NAS you may want to consider one of the turnkey ones like 
FreeNAS (http://www.freenas.org/) or Openfiler (http://www.openfiler.com/).

-stacey.

Kevin Wise wrote:
> I was wondering if anyone out there has some suggestions for me.  You
> can reply to the list or to me personally (kevin at wisefam.net) if you
> think your responses would not be appropriate for the whole list.  And
> let me apologize in advance for the length of this post...
>
> I'm trying to solve several problems at once (seems to me like many
> other people face these same problems).  Here are my needs (for use in
> my home network):
>    -- a fault-tolerant (RAID 5 or mirrored) network drive, say
>       250 GB - 1 TB, available from Windows
>    -- web content filtering proxy / firewall
>
> Now I know we've talked about specific software solutions (such as Samba
> or Dan's Guardian) on this list before.  If you have suggestions on what
> software I might use, I'm all ears.  But I'm mostly interested in what
> kind of hardware I might get or reuse to make this work.  I'm pretty
> sold on Linux for the OS, but there are still a blinding array of
> possibilities, even if I ignore the choice of distribution.  For
> example, my co-worker has installed Linux on his Linksys router for his
> firewall, and Linux on a NAS server for his network attached storage.
> I'm not quite as adventurous, and I'd really like one piece of hardware
> that does both.  In my mind this would save me maintenance (fewer
> patches to apply) and maybe even cost.  Any comments?
>
> I was thinking about getting a new bare-bones Intel or AMD system.  One
> problem I have with that is that every computer I've purchased so far is
> from Dell or Apple, and neither offers a system without the OS.  Any
> suggestions on where I might turn to get a Linux-ready system (need not
> be pre-installed) suitable for the above purposes, preferably for less
> than $300?  I'm also looking for input on what the system requirements
> would be for such a system.  Is 512 MB of RAM enough?  Should I get
> hardware RAID or software RAID?  In terms of importance to me,
> reliability is second only to cost.  I don't want my files to disappear
> because my single RAID controller failed and the drive is unreadable by
> another controller.
>
> Another choice is to reuse an old computer (Pentium 4, 2.2 GHz).  It
> does not have a SATA controller, so I'd be stuck buying new ATA drives
> (it currently has 2 80GB drives, which is really not enough for what I
> want to do).   Would I be crazy to use something that old from a
> reliability standpoint?  Also seems like a waste to buy new ATA drives
> (are they even available any more?).  Another option of course is to buy
> a SATA controller card.  Any idea how much that might cost?
>
> I look forward to your replies.  I'm open to any ideas you might have on
> how to solve these problems.
>
> Kevin Wise
>
> _______________________________________________
> Ldsoss mailing list
> Ldsoss at lists.ldsoss.org
> http://lists.ldsoss.org/mailman/listinfo/ldsoss
>

More information about the Ldsoss mailing list