Date: Tue, 15 Jan 2002 08:43:16 -0800 (PST) From: "Jason C. Wells" <jcwells@highperformance.net> To: Nathan Mace <nmace85@yahoo.com> Cc: freebsd-chat@FreeBSD.ORG Subject: Re: a CDROM based firewall Message-ID: <Pine.BSF.4.21.0201150821320.9183-100000@server.highperformance.net> In-Reply-To: <200201150509.AAA07250@uce55.uchaswv.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 15 Jan 2002, Nathan Mace wrote: > what do you guys think of a "free" style licenced BSD based firewall on a > bootable CDROM? i know that suse linux provides this as a linux based > product but it is commerical, and i'm not sure how popular it is or how well > it works. > > i was thinking that i could make an ISO image that when burned to a CDROM, > which when booted it would copy itself to memory, and then run from there. > you could setup a ram drive to be the /tmp directory, and optionally you > could have a hard drive to hold the log files. Or use syslog to log to a remote host. Disable VM alltogether and you need no hard drive at all. > i've talked to some people i know about this idea, and someone pointed out > that you'd have to burn a CDR every time you wanted to permenatly chage the > firewall rules, but what would be wrong with linking the filewall conf(rules) > file to a file on the floppy drive? you could edit it on a different CDROMs are cheap. If I were doing this for my own network, I wouldn't care about their cost. I eventually planned to do this, when I could next afford another computer. > computer, and then set the floppy disk to be phsically read-only. mount the > disk and restart the firewall deamon causing it to re-read the new file. > > anyone see any serious problems with this? anyone know if there are any > projects like this already out there? thanks I don't see any problems. Its just FreeBSD/ipfw used in a slightly unconventional way. You could do this in the time it takes todo a minimal install to a target directory, customize a kernel, and hack rc.firewall to suit your needs, and burn the ROM. (Someone might point out some kooky bootable CDROM / BIOS issues that I am unaware of.) LAter, Jason C. Wells To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0201150821320.9183-100000>