[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
Throw in SquidClam (http://squidclamav.darold.net/) or some other FOSS ICAP product (http://en.wikipedia.org/wiki/Internet_Content_Adaptation_Protocol) and Brent's build is looking good. In fact... You **might** be able to get this going on an ARM device- a Raspberry Pi? Maybe... but certainly a Beaglebone Black and Hummingboard could and those are both under 100ドル. Even once you add the second USB nic you're still going to be at no more that 150ドル. Plus the energy consumption would be a lot less, if that matters to you. Ok, sorry for the geek out but this something on my short list of ARM builds. :) ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Keith C. Perry, MS E.E. Owner, DAO Technologies LLC (O) +1.215.525.4165 x2033 (M) +1.215.432.5167 www.daotechnologies.com ----- Original Message ----- From: "brent timothy saner" <brent.saner@gmail.com> To: plug@lists.phillylinux.org Sent: Monday, August 11, 2014 4:01:24 PM Subject: Re: [PLUG] Network gateway solution for small business? -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 08/11/2014 03:03 PM, Greg Helledy wrote: > > We are leaning towards 3. for a few reasons: > > a. the router will be easier to maintain, take up less space, produce > less noise and heat, and consume less electricity than a PC > b. it looks like we can get a small business-class router for around > (~500ドル) the price of a basic PC > c. we can get an appliance that does out-of-the-box the things we care > about, and don't need the additional flexibility that a PC would provide. > > The things we need are: > *gateway with firewall that can be configured to do port forwarding of > incoming connections > *ability to handle 2 WANs simultaneously. We have service from two > providers, for redundancy. We don't need any complex traffic > shaping/load balancing, just need traffic to go to ISP B when ISP A is > down. > *DHCP that can assign fixed IPs to networked machines by MAC > *antivirus scanning of traffic, to protect the Windows-based machines on > the LAN > *a built-in wireless access point would be nice, but is not necessary > (we can just plug something in). > > I have started doing some research but surprisingly, flaky firmware > seems to be a frequent user complaint even in this class of device. I > love my tomato router at home but we need to stick with factory firmware > for this application. If anyone has a recommendation, please send it my > way. Thanks in advance, and sorry for the interruption. > i actually JUST yesterday specced out and ordered parts for a router box. Links, assuming you have no pre-existing hardware (cage, etc.). Note that I give Prime prices. 9U cab, locking, better airflow (because glass doors on a locking cage are *stupid*): http://www.amazon.com/gp/product/B0070FWC72/ref=oh_aui_detailpage_o00_s00?ie=UTF8&psc=1 218ドル.52 Cheap UPS by CyberPower (510W, MORE than enough for associated hardware): http://www.amazon.com/gp/product/B00DBAA696/ref=oh_aui_detailpage_o01_s00?ie=UTF8&psc=1 76ドル.95 1U router box barebones, quiet, LOW power consumption: http://www.amazon.com/gp/product/B004GKULFO/ref=oh_aui_detailpage_o05_s02?ie=UTF8&psc=1 337ドル.99 RAM for routerbox: http://www.amazon.com/gp/product/B002BW6DQ0/ref=oh_aui_detailpage_o04_s00?ie=UTF8&psc=1 20ドル.79 SSD for routerbox: http://www.amazon.com/gp/product/B007ZWLRSU/ref=oh_aui_detailpage_o05_s01?ie=UTF8&psc=1 49ドル.45 ea. (recommended 2x for RAID-1) Ubiquiti PoE switch (10/100/1000): http://www.amazon.com/gp/product/B00CXTK90W/ref=oh_aui_detailpage_o05_s00?ie=UTF8&psc=1 95ドル.00 Ubiquiti Wi-fi AP: http://www.amazon.com/gp/product/B004XXMUCQ/ref=oh_aui_detailpage_o05_s01?ie=UTF8&psc=1 67.90 ea. (recommended at least 2x, but the range is *fantastic*) SO there you go. ALL together (including redundancy/expansion recommendations i gave), 984.95USD. Not too bad at all for a total equipment inventory. feel free to mix/match for stuff that doesn't match your specs/requirements. Note that that routerbox barebones is about the size, if not smaller, of a dedicated appliance, will use comparable power, but can take any x86_64 distro you wanna throw at it- pfSense, debian, openbsd, whatever. it goes without saying that NIC bonding or selective routing or whatever you want for dual-WAN can be done a multitude of ways with a full *nix OS. you can also run something like snort for the packet inspection. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJT6SEUAAoJEIwATC+TSB9reIMP/isIbr6x+IXu9tepjZ143y9r vSs1QVqKouoV036gSIE4KPRWKjc5s5wR0vgqf793RTpUM+tzCTduZMZKBCoBIT6X E+s9YSZyEDRIRlQa2arNnupp/g4R0qCtBZjsa5H/NS5ak4tolL8Rd+/78vvysXJ8 49hSGx9Z6t1S8rJajCxnNMyvG5VRQoxf713zO0E29jlVYPRhtDOndbdzq8d/rjk0 9d3Q/yQ7qOJnBNzhos4jREZHh8255ranxP9YSGJOlqwZ613ZDguYYii3kmZBNO32 OdynpM2CJa7QYrha5uLoGFynvfyR24tM2LgPqVGtFH7zmA6ZaEeg0TF10h3c7MnU DzmdUX8F+zPYnX3z450QUq705otofXFj9uJcprr4iiGEp6nsEsbkNxR63XePId3C AuK68oq4O9IzzB4bIHfmCtkta3I+KKxeKgJkWKVP+6Z4HwM0pYNNq4Rh87NcYa9X jyF6AacMiRokqk2jWASBkGlJ16b8eMEZbYRxficKbfsUI+X/aSG9HN8Xt2A+5M58 U7X8zgCQHz9IEdVuwaG8DatyCBH3ZTLPV9bPrQ9a1TUsSNzdaAaoKPfe2SBxDzm3 Va8gznZMY1iv7zobCJuCg8Pb49h+EO1p0AGO24NgkVNPzxigg5gCDQ7P0sZzqKG1 rRGGOR1QF1WVkJfBAHF/ =9NmM -----END PGP SIGNATURE----- ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug