Date: Tue, 16 Aug 2005 10:06:27 +0200 From: "Julian Stacey" <jhs@berklix.org> To: Simon Morgan <sjmorgan@gmail.com> Cc: freebsd-hardware@freebsd.org Subject: Re: BSD PPPoA Hardware Message-ID: <200508160806.j7G86RCB002927@fire.jhs.private> In-Reply-To: Your message of "Mon, 15 Aug 2005 23:18:19 BST." <de63970c050815151820c2126c@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Simon Morgan wrote: > Hi, > > I have a PPPoA ADSL connection and would like to use FreeBSD or OpenBSD > as a gateway/server and am looking for compatible hardware that would > facilitate this. I'm specifically looking to avoid combination modem > + routers and NAT and port forwarding in particular. This will be > a pure routed IP setup. Obviously stability is very important (So > far I've been using a SpeedTouch 330 with Linux which hasn't been > fun). > Does anyone have any suggestions? Any advice is welcome. I use FreeBSD-4.10, but ideally that needs an MTU re assembly daemon /usr/ports/net/tcpmssd to surmount the 1492 below tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1492 else some near sites have trouble (more distant get limited & compensated elsewhere I guess) But it only affects a few sites for me so I have not installed tcpmssd (lazy & I'd want to think how tcpmssd might affect fragmented packet firewall rules). FreeBSD-5.* doesnt need that tcpmssd daemon port, it's built in i hear. I use a personal site specific ipfw ruleset, since then FreeBSD has an ipfw default ruleset for you to start with /usr/src/etc/rc.firewall* There's also /usr/ports/security/pf I havent tried it. To quote pkg-descr: Packet Filter (from here on referred to as PF) is OpenBSD's system for filtering TCP/IP traffic and doing Network Address Translation. PF is also capable of normalizing and conditioning TCP/IP traffic and providing bandwidth control and packet prioritization. Version 2.00 of this port has the same function set as found in OpenBSD 3.4 There's also in /etc/defaults/rc.conf ipfilter_enable="NO" Better discussed on freebsd-security@ My Deutsch Telekom provided splitter has an 8 pin output for the DT provided ADSL modem, which is what I use. I have a recently acquired, never used SpeedTouch 330 with a 2 wire terminating in a 6 pin plug. (D'loaded manual last night) I've not had time to consider a 6 / 8 converter. What was the No Fun bit of Linux + SpeedTouch 330 as firewall ? Ive heard often enough that Linux is no fun, but if the SpeedTouch 330 has problems what were they please ? -- Julian Stacey Consultant Systems Engineer, Munich. http://berklix.com Mail in Ascii (Html = Spam). Ihr Rauch = mein allergischer Kopfschmerz.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200508160806.j7G86RCB002927>