Recommend a softwall that suits my needs

[hat]

I've been trying to turn an old computer into a router (been using m0n0wall), but it's not right for my needs. I need a DMZ function like traditional consumer-grade routers have, where I can forward every port to my server, yet still be able to forward other ports individually to other computers on the network.

 

[Batou1986]

You can install DD-WRT on an x86 system i don't know if the SPI firewall is up to par for what you want but i have no problem getting 08R2 to work nice with it.

I know it DMZ port/range forwarding and triggering work awesome with it as well as UPnP which was a nice surprise.

Other than there's a few other linux based routers http://en.wikipedia.org/wiki/List_of_router_or_firewall_distributions

 

[hat]

You can install DD-WRT on an x86 system i don't know if the SPI firewall is up to par for what you want but i have no problem getting 08R2 to work nice with it.

I know it DMZ port/range forwarding and triggering work awesome with it as well as UPnP which was a nice surprise.

Other than there's a few other linux based routers http://en.wikipedia.org/wiki/List_of_router_or_firewall_distributions

Heh, I did some poking around on my own and found out that DD-WRT has a Generic PC platform. I've been using that, it works great for my needs. Even faster than m0n0wall too...

I was looking for a faster router, not something more secure (although I do imagine DD-WRT ought to be more secure than what I had before... even though I am poking massive holes in the firewall). My cheapo Netgear WGR614v9 couldn't handle the load I was imposing on it.

 

[hat]

Alright, now I'm having problems with DD-WRT. It seems to be putting the computer in standby mode! I've randomly lost connection twice now. The power light on the case will be blinking... I'll press the button and the router will wake back up. I'm gonna poke around in the BIOS and see if I can find anything in there... I looked around in the DD-WRT GUI and didn't find anything pertaining to power options.

>ed: I'm pretty sure the power saving options in the BIOS were kicking in. Not sure why it didn't do the same thing in m0n0wall, maybe it prevents power saving, or maybe m0n0wall just loaded it more... my current average CPU load is 0% and I'm using 6% of the 256MB RAM in there... if I were a BIOS, I would think that would be idle enough. Turned everything off relating to power saving I could find in the BIOS... that should do the trick.

 

[qubit]

You have two excellent choices here my friend.

www.ipcop.org It's a Linux-based free open source firewall that takes over the PC. I've been using this for years with zero problems and it has a DMZ. It's got a good feature set, too.

www.astaro.com Also a Linux-based free* mixed source firewall that takes over the PC. I've recently moved over to this, because the feature set completely blows away IPCop and of course has a DMZ. Also, it's updated much more often. IPCop development has been glacial over recent years and does leave you wondering if there are any unpatched security holes lurking in it.

Note that due to the extra flexibility, Astaro isn't as easy to figure out without the manual than IPCop is.

*It's "free", because the company actually sells hardware firewall appliances and gives away the software for free to install on a PC, but does have some restrictions on features compared to the installation on the appliances. Also, it includes a mixture of open source and proprietary software. You can install just the open source features, but of course all the good stuff is locked away in the proprietary software.

You'll want the Home version, as it has very few disabled features and limitations, while the Business version has many.

Finally, I started a thread on here about Astaro that would help you, but I can't find it now - I've used the built-in search and google, but no dice. I'm wondering if it got nuked during the recent data loss outages on here?

Anyway, the important thing to know about setting it up, is that the DHCP server is off after initial install, so make sure that your PC is on the same network as the Astaro default - 192.168.100.1 if I remember correctly. I had lots of fun troubleshooting and reinstalling before I realised this. And the manual isn't clear on this point.

 

[hat]

Thanks, I'll keep those in mind if I ever get sick of DD-WRT in the future.

34 minutes of uptime and no idle router... looks good.

24+ hours of runtime... pretty sure those BIOS settings were making it idle.

 

[hat]

Heh, how can I change the MAC address my modem sees in DD-WRT? I used to be able to change my router's MAC address, reboot the router and modem and end up with a different IP. I've changed it in Setup > MAC Address Clone, but it doesn't give me a different IP. I don't see an option anywhere else.

 

[Batou1986]

Your doing it right you isp controls the ip i used to be able to do a full reset on my cable modem and get a new ip.
Are you able to confirm the MAC change on the router?