[Cialug] New Firewall

[Tom Pohl]

I'm building up a new firewall box and I'm running into silly issues.

It's a brand new dell PE1950 with 4 NICs (2 embedded Broadcom  
NetXtreme II 5708 and 2 single port Broadcom NetXtreme 5721 pci  
cards) as well as a PERC 5/i raid controller with 2 160GB SATA drives.

I know this is overkill for a firewall, but hey, it's a cute little  
box and the 160gb drives were $30 more than the smaller (cheapest)  
option :)

I wanted to try out an all-in-one firewall distributions (firewall,  
QoS, VPN, proxy cache, etc) for some time, so I downloaded 3 of them  
(IPCop, Smoothwall Express 2.0, and pfSense).  While any of these  
*should* solve my needs, none of them seem to actually work.  Both  
IPCop and Smoothwall are linux based (kernel 2.4 era), and pfSense is  
an offshoot of m0n0wall and is FreeBSD based.

With the new hardware, of course I have issues.  Neither IPCop or  
Smoothwall work for me because they don't recognize the PERC 5/i raid  
controller and pfSense recognizes everything but after a small while,  
I get kernel errors regarding my onboard ethernet "bce0: Error  
mapping mbuf into TX chain" which a quick google search shows many  
people with similar issues.

It appears that these distributions really aren't geared towards  
newer hardware :)  I think I'm just going to be forced to roll my own  
firewall, but before I do, I wanted to ask y'all.  Does anyone know  
of a set of tools that will give me what I'm looking for that will  
install on top of a standard distribution instead of a stand alone  
distribution with a purdy web interface?

I'm totally cool with rolling it all by hand, but just would rather  
not if I don't have to!

-Tom