From owner-freebsd-questions@FreeBSD.ORG Mon Jan 23 14:37:18 2006 Return-Path: X-Original-To: freebsd-questions@FreeBSD.ORG Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2C48216A475 for ; Mon, 23 Jan 2006 14:37:18 +0000 (GMT) (envelope-from vctw@yahoo.com) Received: from web35808.mail.mud.yahoo.com (web35808.mail.mud.yahoo.com [66.163.179.177]) by mx1.FreeBSD.org (Postfix) with SMTP id 8C2A644377 for ; Mon, 23 Jan 2006 14:06:20 +0000 (GMT) (envelope-from vctw@yahoo.com) Received: (qmail 75960 invoked by uid 60001); 23 Jan 2006 14:06:18 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=S/TgENQo+9yeujTOOB9WstaeCgyVna8OPMswaRTKNKEQYqnnmqQE9kpmeRYIuRNPRgmL9JpDEhB0+tvVoEmCtl4kHYeoKWC6mmg299YLdxd9prSS3IPdytpjkQDRpvWgSy2Wx3xtR/XAZK+CBhx6yTqRrJZVBvf2GQM27Xn3VnA= ; Message-ID: <20060123140618.75958.qmail@web35808.mail.mud.yahoo.com> Received: from [220.133.1.96] by web35808.mail.mud.yahoo.com via HTTP; Mon, 23 Jan 2006 22:06:18 CST Date: Mon, 23 Jan 2006 22:06:18 +0800 (CST) From: Vincent Chen To: freebsd-questions@FreeBSD.ORG MIME-Version: 1.0 Content-Type: text/plain; charset=big5 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Mon, 23 Jan 2006 15:04:35 +0000 Cc: Subject: open source freebsd security appliance project X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 Jan 2006 14:37:18 -0000 Hi, all I have tried to build a security applicance based on FreeBSD 4.7 since 2001. Which contains: central syslog server (syslogd) ntp sevice (ntpd) dhcp server (dhcpd) dns (bind) IPSec (ipsec-tools) PPTP (mpd) firewall (ipfilter) traffic shape (ALTQ) IDS (snort) Utilization monitor (MRTG) Web console including 1. report system for firewall, ids, system 2. configuration interface for some sub-system (not actually working yet) Recently, I upgraded this appliance to FreeBSD 6.0. Now I got: * a new list of required package * a custom kernel configuration file for 6.0 * collection of my custom packages (mostly perl based) Old web pages for this appliance avaliable here: http://isolution.dyndns.biz/en/si/sc/feature.html Some code are broken after upgrade to 6.0. A document to put them all togather is not completed yet. I plan to start a open source project base on current resource and the goal is to build a small and compact FreeBSD security appliance, most importantly cost effective. The first step is starting a close test before release it to public and discuss how to proceed. If you are FreeBSD power user and interested, you are welcome to contact me and receive a copy of current work. Any suggestions are always welcome. Vincent Chen ___________________________________________________ 最新版 Yahoo!奇摩即時通訊 7.0,免費網路電話任你打! http://messenger.yahoo.com.tw/