New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
m0n0wall or pfsense
@prae5, thanks.. do they have a bandwidth controller? im thinking of assigning bandwidth limit for each ip or subnet.
I don't think m0n0wall does - i think it can only do it on a service level.
pfsense can though - although if its for home / small office i wouldn't typically bother.
iptables?
from what I know BSD's pf is better than iptables from linux so you should go with m0n0wall or pfsense. personally i prefer pfsense
I like pf too but for most uses, iptables works fine.
For home use, I have a Linksys e3000 running tomato-usb. I much prefer it over DD-WRT, and it has the benefit of being free and open source with no "software activation" features like DD-WRT.
pf + openbsd
Sure it can - it's called Traffic Shaper in the web UI.
I'll take your word for it - last time i looked at it in m0n0 it couldn't do it on a subnet basis and the traffic shaper only shaped traffic and didn't allow bandwidth accounting, but i stand corrected
+1 pfsense
If you want a spend a couple of bucks you can get a cheap Mikrotik that will blow anything else out of the water in terms of bandwidth management capability. Good firewall as well.
I just put Endian up at the school and I love it. It's on an old celeron with 256mb ram and seems to handle a fair amount of rules and filters without capping the CPU or slowing our 12mbit Internet.
What impressed me was just how quick it was to setup for the feature set you get.
12Mbit, Aha! I'm not sure on what my school has, but we've got probably 200-300 computers on each floor not including laptops, etc.. so I imagine it's quite alot.
Well before I got there the whole school shared 1mbit
It was...a disaster. Less than 100 computers though.
+1 Awesome to use, and blocks some DoS attacks if you know how to configure it correctly.
Pfsense all the way
+1 Mikrotik here
Any Tutorials?
>
Just installing the snort package will help filter some attacks.
@all thank you guys.. i wil try pfsense later after testing zentyal, so far zentyal is very slow in loading web management interface even if i already installed additional 512mb of ram.
how do pfsense manage bandwidth? priority based or fairness based? can i assign bandwidth limit per ip or per network?
Short read on it's traffic shaping here - http://doc.pfsense.org/index.php/Traffic_Shaping_Guide#Setup_Limiters
Personally I still don't have a router that's capable of over 25Mbps WAN to LAN so I use a old laptop with XenServer, USB NIC and 128MB ram allocated. Pushes my 100Mbps fine with multi-WAN failover. I tried some traffic shaping, but it murdered my current setup.
I got myself a nice m0n0wall hardware appliance at home: http://www.applianceshop.eu/index.php/firewalls/opnwall/opnwall-ghz-rack-edition-m0n0wall-appliance.html