philippe::niquille | regular niche market thoughts

Your family keeps getting bigger? You want a cheap but highly secure network with all the benefits expensive network gear can provide?
Smoothwall express is a modified RedHat Linux system, stripped down to the basics. The idea is to use an old pc (mine is a 500mhz pentium II with 20gig) as a router, firewall, internet gateway, proxy and what else you want it to be. With some modifications (very active smoothwall community) your old piece of hardware suddenly becomes very userfull. You’ll need at least two network cards.
First try to fetch the latest release either the one without fixes or a patched .iso (you can also apply all seven fixes after installing).
Then you can connect to the web interface on https://your-smoothwallip:441
Be sure to enable the proxy (squid, in transparent mode) and snort (intrusion detection system).

I too installed the following mods:

• Guardian reactive Firewall - automatically blocks “bad” IP’s captured by the snort intrusion detection system (installed by default just for monitoring purposes). So if somebody for ex. runs an unspoofed portscan on you he’ll get blocked!
• SuperKernel - Updates the standard kernel with Nat-t for VPN (openSwan), pcmcia and Qos functionality. Just read very carefull!
• VPN pack - Updates the FreeSwan VPN package to OpenSwan. It also allows you to do advanced VPN stuff like Roadwarriors (connect with your laptop from anywhere to your homenet) over IPSec, cool! Unfortunately I didn’t find any free VPN client for WinXP yet, since SP1 SSH Sentinel doesn’t work anymore.. Make sure you read the VPN FAQ. VPN isn’t that easy to start with.
• AdZap - This one is really cool. It just replaces all the ads with some default images (try CNN.com). It makes surfing alot faster!
• DansGuardian - In combination with Squid (the default proxy) DansGuardian does some content filtering like looking for viruses and blocking certain sites (like porn sites). The whole package didn’t work as I expected though (very slow and complex). Try it out for yourself.
• Traffic shaping (Qos) - Allows bandwith management on all outbound traffic based on filter rules.

Well these were just a few mods I use. Take a closer look at the mod’s summary page. If you have two internet connections, try the load balancing mod. That one seems really awesome! If you have more than one red IP try this or the blue mod“.
The regular pc’s are connected to the so called green network.