[RndTbl] Looking for an Appliance
Montana Quiring
montanaq at gmail.com
Thu May 14 10:17:56 CDT 2009
Tim,
Thanks for all the tips.
I should add this this box will need to handle as many as 400 connections.
99.9% of the users won't know how to change their MAC address. The MAC
filter is basically just to get their attention. :)
-Montana
On Thu, May 14, 2009 at 10:10 AM, Tim Lavoie <tim at fractaldragon.net> wrote:
> Montana Quiring <montanaq at gmail.com> wrote:
>
> > Hello,
> >
> > Can anyone recommend an appliance that runs Linux and does:
> > -packet shaping to throttle p2p traffic
> > -authentication (ldap or other way of needing people to log in with ID
> and pass
> > in order to gain Internet access) with ability to
> > -MAC filtering to let people through (bypass authentication) or block
> people
> > -firewall
> > -web admin interface
>
> Firewall-oriented distros such as IPCop and Smoothwall probably do much
> of what you're looking for. I believe the latter is available in
> appliance form if you didn't want to throw together an old PC.
>
> I use pfSense, which is FreeBSD-based, but is otherwise similar to the
> Linux versions mentioned above. All have fairly easy setup, with
> web-based admin interfaces. pfSense does have traffic shaping and a
> captive portal (e.g. log in first) option, I believe RADIUS and
> web-admin-defined users are supported. Not sure if the Linux distros do
> the shaping and portal options, it's been a while since I used them.
>
> MAC filtering should be seen as a convenience only, as it provides no
> real added security. If you can see successful traffic passing on the
> wire, you can spoof your own MAC to match. Either way, I don't recall if
> it's an option in the web interfaces, but you can always muck with
> lower-level settings in the shell if it isn't.
>
> Cheers,
> Tim
>
> --
> "Programming is like sex: one mistake and you have to support it for
> the rest of your life." -Michael Sinz
>
--
-Montana
Blog:
http://montanaquiring.info
My Friend Feed:
http://friendfeed.com/antikx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.muug.mb.ca/pipermail/roundtable/attachments/20090514/addddbb4/attachment.html
More information about the Roundtable
mailing list