Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


opensource firewall
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

opensource firewall

grayfuzgrayfuz Member
edited March 2013 in General

what opensource firewall with bandwidth controller can you recommend for home and office use?

Comments

  • prae5prae5 Member

    m0n0wall or pfsense

  • @prae5, thanks.. do they have a bandwidth controller? im thinking of assigning bandwidth limit for each ip or subnet.

  • prae5prae5 Member

    I don't think m0n0wall does - i think it can only do it on a service level.

    pfsense can though - although if its for home / small office i wouldn't typically bother.

  • iptables?

  • VladorzVladorz Member
    edited March 2013

    @superpilesos said: iptables?

    from what I know BSD's pf is better than iptables from linux so you should go with m0n0wall or pfsense. personally i prefer pfsense

  • raindog308raindog308 Administrator, Veteran

    I like pf too but for most uses, iptables works fine.

    For home use, I have a Linksys e3000 running tomato-usb. I much prefer it over DD-WRT, and it has the benefit of being free and open source with no "software activation" features like DD-WRT.

  • flyfly Member

    pf + openbsd

  • @prae5 said: I don't think m0n0wall does - i think it can only do it on a service level.

    Sure it can - it's called Traffic Shaper in the web UI.

  • prae5prae5 Member

    @sleddog said: Sure it can - it's called Traffic Shaper in the web UI.

    I'll take your word for it - last time i looked at it in m0n0 it couldn't do it on a subnet basis and the traffic shaper only shaped traffic and didn't allow bandwidth accounting, but i stand corrected :)

  • YKMYKM Member

    +1 pfsense

  • If you want a spend a couple of bucks you can get a cheap Mikrotik that will blow anything else out of the water in terms of bandwidth management capability. Good firewall as well.

  • jarjar Patron Provider, Top Host, Veteran
    edited March 2013

    I just put Endian up at the school and I love it. It's on an old celeron with 256mb ram and seems to handle a fair amount of rules and filters without capping the CPU or slowing our 12mbit Internet.

    What impressed me was just how quick it was to setup for the feature set you get.

  • JacobJacob Member

    12Mbit, Aha! I'm not sure on what my school has, but we've got probably 200-300 computers on each floor not including laptops, etc.. so I imagine it's quite alot.

    @jarland said: slowing our 12mbit Internet.

  • jarjar Patron Provider, Top Host, Veteran
    edited March 2013

    Well before I got there the whole school shared 1mbit ;)

    It was...a disaster. Less than 100 computers though.

  • @YKM said: +1 pfsense

    +1 Awesome to use, and blocks some DoS attacks if you know how to configure it correctly.

  • Pfsense all the way

  • +1 Mikrotik here :)

  • dnwkdnwk Member

    @mnpeep said: and blocks some DoS attacks if you know how to configure it correctly.

    Any Tutorials?

  • @dnwk said: Any Tutorials?

    >

    Just installing the snort package will help filter some attacks.

  • @all thank you guys.. i wil try pfsense later after testing zentyal, so far zentyal is very slow in loading web management interface even if i already installed additional 512mb of ram.

    how do pfsense manage bandwidth? priority based or fairness based? can i assign bandwidth limit per ip or per network?

  • @grayfuz said: how do pfsense manage bandwidth? priority based or fairness based? can i assign bandwidth limit per ip or per network?

    Short read on it's traffic shaping here - http://doc.pfsense.org/index.php/Traffic_Shaping_Guide#Setup_Limiters

    Personally I still don't have a router that's capable of over 25Mbps WAN to LAN so I use a old laptop with XenServer, USB NIC and 128MB ram allocated. Pushes my 100Mbps fine with multi-WAN failover. I tried some traffic shaping, but it murdered my current setup.

Sign In or Register to comment.