I did something cool and fun today. We had this old, dead, doorstop of a hardware firewall at the office called a “WatchGuard Firebox II”. Cost something along the lines of $12,000 when it was new. They go for about $40 on ePay now, and nobody is bidding. Ron hands it to me and says, “Pop this thing open, see if there is anything useful in it.” So, I popped it open, and it’s basically an x86 PC inside. AMD processor, DIMMs, PCI slots, etc. No keyboard/mouse port, but I see a serial port, so I’m not too concerned.
I’ve been using m0n0wall as my software firewall of choice for a while now. It’s basically just FreeBSD, the pf packet filter, and some php scripts for a nice web gui to give you a good firewall/router/VPN server, all crammed into about 7MB.
I figured I would do a quick Google and see if anybody had tried to hack these things to put a different OS on them (they ran Linux by default out of an 8MB onboard flash, but with everything locked up tight so you couldn’t really change it). Turns out somebody had already done the work to put m0n0wall on one, so in a few short hours, I had done it too. This thing is super sweet. A nice rack-mountable box with 3 ethernet ports, dedicated to being a router/firewall/vpn server. We tested it on a 100Mbit network connection going through the firewall and I was able to maintain wire speed (about 11MB/s) for a 3GB transfer, so it is plenty fast enough.
Now we’re snapping up all the cheap ones on ePay so we can each have one for home and maybe give some to our friends.
Post a Comment