[RndTbl] Looking for an Appliance

Tim Lavoie tim at fractaldragon.net
Thu May 14 10:10:00 CDT 2009


Montana Quiring <montanaq at gmail.com> wrote:

> Hello,
> 
> Can anyone recommend an appliance that runs Linux and does:
> -packet shaping to throttle p2p traffic
> -authentication (ldap or other way of needing people to log in with ID and pass
> in order to gain Internet access) with ability to
> -MAC filtering to let people through (bypass authentication) or block people
> -firewall
> -web admin interface

Firewall-oriented distros such as IPCop and Smoothwall probably do much
of what you're looking for. I believe the latter is available in
appliance form if you didn't want to throw together an old PC.

I use pfSense, which is FreeBSD-based, but is otherwise similar to the
Linux versions mentioned above. All have fairly easy setup, with
web-based admin interfaces. pfSense does have traffic shaping and a
captive portal (e.g. log in first) option, I believe RADIUS and
web-admin-defined users are supported. Not sure if the Linux distros do
the shaping and portal options, it's been a while since I used them.

MAC filtering should be seen as a convenience only, as it provides no
real added security. If you can see successful traffic passing on the
wire, you can spoof your own MAC to match. Either way, I don't recall if
it's an option in the web interfaces, but you can always muck with
lower-level settings in the shell if it isn't.

  Cheers,
  Tim

-- 
"Programming is like sex: one mistake and you have to support it for
the rest of your life." -Michael Sinz


More information about the Roundtable mailing list