Build your own Router

Originally Posted by Woodstock
hmmm decisions, to go with a embedded system or tack it on to the fileserver, seperate would probably be more secure, if you dont mind answering how much did you pay woodshop, that one looks awesome, wonder if there is one with integrated wireless. would it be difficult to have two internal interfaces (Ethernet and wireless)

There are WiFi cards that m0n0wall supports that can fit the mini pci slot, however the route i decided to take was to make the pcengines board simply a router and nothing more. i did NOT want to stick wifi on it because then it would have to deal with all my internal network traffic, Instead what i did is i hooked the m0n0wall directly to a 10/100/1000 switch then i'm using a NetGear Enterprise WAG102 WAP for get my a/b/g wifi but still keep the load off the router.

As for price, the board was $132, the CF cards was $10, and the CF card reader (for installing the OS image) was $5. Not cheep. as far as a router goes.. until you consider that it supports things like VPN which you got to normally buy thousand dollar cisco stuff to get.

Then there was the cost of the WAP, and the Case i'm still custom building etc.. There will be a summery thread about the whole setup once i'm done..

You can always just buy a WAP and connect it to a ethernet NIC :D

Originally Posted by Glider
You can always just buy a WAP and connect it to a ethernet NIC :D

Exactly what i did :) though there was more logic behind it regarding what does the traffic routing then "o just do this"

Originally Posted by Azh_fx
i just browsed over this, biut why make your own, when you can buy one for postage

http://www.digidave.co.uk/jshop/section.php?xSec=30

or have i missed the plot?

yes, the major bennifits of a linux router is flexibility (customization) and stability

There was a time when the uptime of a Linux server was measured in years... ;)

*Yawn*

Originally Posted by ParaHelix.org
*Yawn*

Off you go now, leave the real geeks to play. :D

Hi, just tried this again and hit a snag, My laptop recieves the IP via the dhcp server setup, I can ping the host pc but I cant access the outside, tried http,https and ping which all work fine from the host pc. hear is a copy of the script

It seems fine to me...

Try adding a default policy for all 3 chains that'll accept (in the script, or just in a terminal on the router)

iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT

Originally Posted by Glider
I personally recommend IP Cop if you want a all in one router distro ;)

I used IPcop for over a year with my home network. I've had zero problems. ;)

I have not used Linux before, but with my D-Link router reaching the point of needing resets every 15 minutes to maintain port forwarding for p2p, I am now considering building a linux router. However, can it really be this simple? Even the average consumer router has a considerable amount of features - firewall, QoS, etc. Can something as simple as you describe manage a significant number of connections through p2p with port forwarding without crashing the way many consumer routers appear to do? For example will this set up manage to handle eMule running with, say, 400 connections through TCP & UDP port forwarding without doing whatever it is that happens in my router and makes the ports appear blocked?

Originally Posted by greeneyedman000
I have not used Linux before, but with my D-Link router reaching the point of needing resets every 15 minutes to maintain port forwarding for p2p, I am now considering building a linux router. However, can it really be this simple? Even the average consumer router has a considerable amount of features - firewall, QoS, etc. Can something as simple as you describe manage a significant number of connections through p2p with port forwarding without crashing the way many consumer routers appear to do? For example will this set up manage to handle eMule running with, say, 400 connections through TCP & UDP port forwarding without doing whatever it is that happens in my router and makes the ports appear blocked?

Short answer: Yes

Longer answer: Hell yes :)

Thanks for that concise response! And the long winded one too!

I was hoping that someone would explain to me why a commecial router appears to collapse under the stain, but any old PC with some open source code would do better.

Since posting, I have taken some of your advice - the shortcut - and have started with IP Cop. Installing was simple enough. When I get time I'll replace the shaky DLink with this. I also found Copfilter, which I may try and set up once I am sure I have IP Cop running correctly.

Well, commercial 'all in one' routers often use a very low power CPU and have a very limited amount of RAM and ROM. Any junkjard PC will have many times more. That's why they can handle a lot more.

I have a P3 900 running as a gateway for a lot of servers that saturates a 8mbit line up and down all the time...

awesome, I think I'll have to do this with my new NAS box.

I set up an old Celeron PC with IPCop, which was actually pretty simple. The bioggest issue I had was makign the connection to my ISP, which for reasons I cannot explain, took several hours to recognise my new IPCop router and connect to it. Since then the performance has been outstanding. It is much more stable than DLink and higher transfer rates. I haven't tried using the CopFilter extension since their site advises against it is firewall security is a concern. Has anyone used this sucessfully? Is there an incrreased risk if you use the additional security features of CopFilter?