Put together a Slack PC with several NICs to use as a router/switch.
Need both a firewall and bandwidth capper (have both separately). Has
anyone heard of a combo package? Searched sourceforge and google but
only came up with high end commercial products.

If not, I'll go ahead with both ... Thanks in advance

On 3 Mar 2005 07:01:00 -0800, macusr023@yahoo.com wrote:

>Put together a Slack PC with several NICs to use as a router/switch.
>Need both a firewall and bandwidth capper (have both separately). Has
>anyone heard of a combo package? Searched sourceforge and google but
>only came up with high end commercial products.
>
>If not, I'll go ahead with both ... Thanks in advance

Don't know of any package, but if you could configure a box with
"several" NICs you should be able to roll your own:

FIREWALL: iptables script using any one of a number of the ones
available. I like the one at
http://www.malibyte.net/iptables/scripts/fwscripts.html as a starting
point.

BANDWIDTH CAPPER: If you really just want to rate limit, iptables can
do that too. Otherwise, roll your own HTB or HFSC shaping script.

The tough part of shaping is that in order to be able to shape
everything, you must have one machine that sees all internet
connections so it can arbitrate who gets how much. I built a special
box with 3 NICs - one internal and two internet-facing. The internal
NIC shapes inbound and the external NICs shape outbound traffic.
http://www.lartc.org/
http://yesican.chsoft.biz/lartc/index.html
--
buck

check out http://www.partydome.us/index.php?slackware for my slackware
10.1 config. included is a basic firewall (refuses all incomming
connections by default, you will have to add rulesets to allow
particular connections into services) and a traffic shaping rig built
using iptables/tc.

buck wrote:
> On 3 Mar 2005 07:01:00 -0800, macusr023@yahoo.com wrote:
>
>
>>Put together a Slack PC with several NICs to use as a router/switch.
>>Need both a firewall and bandwidth capper (have both separately). Has
>>anyone heard of a combo package? Searched sourceforge and google but
>>only came up with high end commercial products.
>>
>>If not, I'll go ahead with both ... Thanks in advance
>
>
> Don't know of any package, but if you could configure a box with
> "several" NICs you should be able to roll your own:
>
> FIREWALL: iptables script using any one of a number of the ones
> available. I like the one at
> http://www.malibyte.net/iptables/scripts/fwscripts.html as a starting
> point.
>
> BANDWIDTH CAPPER: If you really just want to rate limit, iptables can
> do that too. Otherwise, roll your own HTB or HFSC shaping script.
>
> The tough part of shaping is that in order to be able to shape
> everything, you must have one machine that sees all internet
> connections so it can arbitrate who gets how much. I built a special
> box with 3 NICs - one internal and two internet-facing. The internal
> NIC shapes inbound and the external NICs shape outbound traffic.
> http://www.lartc.org/
> http://yesican.chsoft.biz/lartc/index.html
> --
> buck
>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

macusr023@yahoo.com wrote:

> Put together a Slack PC with several NICs to use as a router/switch.
> Need both a firewall and bandwidth capper (have both separately). Has
> anyone heard of a combo package? Searched sourceforge and google but
> only came up with high end commercial products.
>
> If not, I'll go ahead with both ... Thanks in advance
How about http://l7-filter.sourceforge.net/ for shaping with an iptables
firewall? Works great for me... but... they are trying to fix a memory leak
right at the moment.
- --
Slackware Tips & Tricks - http://members.cox.net/laitcg/slack.htm
P3Scan - Transparent POP3 virus/spam/mime/html scanning proxy:
http://p3scan.sourceforge.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.9.15 (GNU/Linux)

iD8DBQFCM+ur9/VKdZrnv3YRAttZAJ4sZZVKZyKrleeRtmhpdFm8ePV81QCfcf1+
dY5/6GREiRsFgdXUzikn9/w=
=S5o5
-----END PGP SIGNATURE-----