[lug] Wanted: Tiny diskless, fanless Linux Box for Firewall/Router/Hub/NAT

Michael J. Hammel mjhammel at graphics-muse.org
Wed Mar 16 10:17:56 MST 2005


Lots of good answers so far.   I'll add my two cents.

On Tue, 2005-03-15 at 15:59, Siegfried Heintze wrote:
> Apparently none of these little boxes can accommodate multiple external IP
> addresses in such a way that I can host multiple web sites in Apache HTTPD.

Apache does support virtual domains on a single IP.  However, you
probably want two physical network ports:  one for the outside world and
one for the internal network.

> Can someone recommend a favorite diskless (well, maybe a floppy or CD
> reader), fanless linux box with a tiny footprint that I could bolt to the
> underside of my desk run Linux to fix my firewall routing problems? Linux
> firewalls will do what I need, won't they?

I'll add my vote for the mini-ITX mobos.  Very small (about 5.5"x5.5")
and some are fanless.  I have an EPIA-M 10000, but it's being used as a
MiniMyth client because of the built in harware MPEG decoder.  I bought
an external power supply for it so there is no power supply fan.  The
CPU doesn't have a fan but does have a moderately sized heat sink. 
There are some models where even the heat sink isn't required (so I've
heard).

There are other models, even the new nano-ITX, which is about the size
of a dollar. Pictures on mini-itx.com.

My model has a single network port plus a PCI slot.  A PCI riser could
be added to allow a second PCI-based ethernet card to be added
horizontally, thus keeping the height of the whole thing down to a
minimum.  Set up a PXE boot server on the inside network and you could
make it completely diskless, even sans Flash booting.  My box PXE boots
the OS from the MythTV server.

I put my board in a decorative wooden box my wife bought from Garden
Ridge.  Drilled a few holes for air circulation and cabling and added
some Power (back) and Reset(front) buttons to the box.  It never gets
hot with the lid shut.  Why people keep shoving computers in cold
plastic and metal cases is beyond me.  There was a time when that was
necessary, but I think that's past.  Hide the dern thing in a wall
behind a picture frame!  Put an LCD display in the frame and there's
your display (rotate the family pictures with gqview until you need to
access the system) and use a wireless keyboard.

Anyway, that's just for fun.  I'm not sure what dist to use for the
firewall as I just use RH and configure the iptables manually.  I allow
outbound traffic and block all incoming traffic (even ssh) so it's
fairly secure. My Apache staging server runs on a separate system.  But
the firewall is a manual config and if you're not familiar with iptables
(which I'm not either, really) you're better off finding a front end for
configuring them.  I just beg Sean and Kevin @ tummy.com for help when I
can get away with it.  :-)
-- 
Michael J. Hammel           
The Graphics Muse               Sarcasm is just one more service we offer.
mjhammel at graphics-muse.org  
http://www.ximba.org        




More information about the LUG mailing list