[lug] An idea...

rm at mamma.varadinet.de rm at mamma.varadinet.de
Sun Aug 6 07:33:18 MDT 2000 

On Sat, Aug 05, 2000 at 06:59:21PM -0600, PC Drew wrote:
> Here's an idea that I'm gonna throw out for comments, cheap shots, or
> one-liners from everyone.
> 
> This whole topic of using linux as a firewall got me thinking.
> Linksys came up with the Cable Modem/DSL firewall that I use...why
> don't I make and market my own?
> 
> [...]
> 
> Why am I writing this email?  Because I'm want people's thoughts about
> basically getting some small embedded linux machines, loading a VERY
> stripped down version of linux (i.e. Linux Router Project?), loading
> DHCP, NAT, firewall software, etc.  And making a secure, easy to use,
> linux firewall appliance that's CHEAP.
> 
> Also...who feels that they aren't able to VPN with their
> friends/neighbors/work easily and would like to?  Well, this would be
> another feature of this firewall appliance.  It would use SSH to VPN
> with whatever network the user wants.  If the user so inclined, it
> would also allow the two networks to use the Network Neighborhood in
> Windows to share files (i.e. with samba).
> 
> What are your thoughts?  Does anyone have any experience with embedded
> linux appliances?  Is it something that could be done inexpensively
> (the software would be free and GPLed, I'd donate my time to make
> these boxes so I'm referring to the hardware)?
> 
> If anyone knows of a product like this, I'd appreciate the help
> getting my foot out of my throat.

Hmm, we basically did something very similar (and, no, i'm not
involved in it anymore, just sold it off ... :-)
A few things to consider: we (developers) would have _loved_
to have the thing run on _really_ small hardware, but i guess
unless you talk about selling shiploads of it PC based systems
end up cheaper. Also, unless you have a lot of development power
it's substatialy easier to find drivers for the hardware if you
stay within the PC/intel field. If you want to ship a 'black box'
firewall then you need to be aware that the most expensive part
of the project will be setting up a working customer support ...

It's fun to do, but there are a lot of tricky traps in unexpected
places ;-)

  Ralf

P.S.: if you do find a hardware vendor that's willing to build
it in a _really_ small box, tell me. I know some programmers who
would be _very_ interessted ... ;-)

More information about the LUG mailing list