which firewall distro for my network?

[zakazak]

Hi, I believe my ISP Router (some fritzbox) is too weak to handle my network. First it's only ment for 8mbit/s connection (and I have 20mbit/s) and second the CPU is always between 80%-100% (probably due to the ~8 devices which face the internet 24/7.. 4 of them with torrents running). So I thought I would use my old home-server to handle my whole network and then go with it into the fritzbox. The fritzbox would only handle one internet device then. As the fritzbox is a modem & router in once, I can't really skip it?

Anyway, the system would be a:
Dual Core 2 Duo 2,6Ghz
2GB RAM

Now, which distro would you guys recommend?
So far I thought about:
IpFire
Untangle
pfSense
Zentyal

Security is a big factor and I like the "traffic scanning" features. But I wonder if those will slow down my internet? The devices in this network do everything. Gaming,torrent,browsing,ftp-server,mails,etc...

Thanks

[Cudni]

if you can, find a router that can cope with more than 8mbit. Secure or not that will continue to be a bottleneck

[zakazak]

The question is, can the router also handle that many connections? Looking at my HTPC with uTorrent running I have 417 outbound connections and 297 inbound connections.. that's 1 device out of ~7.

Also I would need a good router (I guess best would be if it support dd-wrt?) which has a built in modem :/

[zakazak]

I guess I will go for untangle. Think it provide a lot of features and security addons. I just hope that it won't slow my network speed

[deim0n]

I've used both Untangle and pFsense. I'd probably go with pFsense for the speed. You can still use Snort, Squid and other IDS type packages.

[zakazak]

Tried pfSense today.. using the live-cd worked.. could see the webinterface and configure around. Then I wanted to install it. Tried it 3 times.. after installing it tried to boot up and when you come to the screen with the options 1-8 it always freezed there :/

[Alphalutra1]

To try and skip your ISP's provided router/modem combo, look on the fritz's configuration page. Often these modem/router combos have an option called "bridging mode" which disables its router function so it becomes solely a modem. You can then connect your own router to it. That may alleviate your problems.

With all the uploading you are doing, you should really look into performing some QoS at the router level so you prioritize ACKs coming from your PC's. It'll make web-surfing and such much more pleasent when you also are torrenting.

Cheers,

Alphalutra1

[mack_guy911]

if you looking for making a distro base firewall for home use not commercial then astaro security gateway

i tried all but like astaro more and stick with astaro security gateway if you dont want antivirus proxy filters .......like features you can use it without them as well there is another 2 great distro i highly recommend if you not looking for built in antivirus in firewall thats

endian and pfsense you get every thing speed to security and ease of use

you can try astaro online live demo it give you idea

http://www.astaro.com/resources/astaro-live-demos

i am using astaro gateway since my speed was 256kbps

now its 2mb till 20gb after that 256K so you can imagine

i dont use gaming or p2p but they are filter for them i blocked them.....etc all my need filtration with antivirus IPS ............etc it take about 4-5 kb speed loss only when you get speed in mbs you hardly notice

also there option of caching data if you disable it your data flow through ram only and its pretty more fast as hardisk in not caching data.

the connections that astaro supported is about 32000 connections at a time i guess its more than enough for a home users

[mack_guy911]

also check those old thread but lot of information.

http://www.wilderssecurity.com/showthread.php?t=283905

http://www.wilderssecurity.com/showthread.php?t=284339

few years ago i dont even about what UTM or how to make router....etc


thanks to YeOldeStonecat i learn a lot from him and his forums

[mack_guy911]

Quote:

Originally Posted by zakazak

Tried pfSense today.. using the live-cd worked.. could see the webinterface and configure around. Then I wanted to install it. Tried it 3 times.. after installing it tried to boot up and when you come to the screen with the options 1-8 it always freezed there :/

one more thing i like forget to add when you remove and re-install some partitions left not 100% clean best way when you install again some other UTM/router base distro use gparted tool and manually delete partitions and apply ok then start with blank nonpartition disk it work like candy

http://www.dedoimedo.com/computers/gparted.html

http://distrowatch.com/table.php?dis...on=partedmagic

just delete all partitions and apply ok simple like that then install

[zakazak]

I only upload when no one is at home.. but yes QoS will still be needed.

Astaro looks pretty complicated to me :/

Another problem: I would also share HDDs in my router with the whole network :/ So I can also use it as some kind of NAS.

[mack_guy911]

well then you can try Zentyal or ClearOS