From grlug at grlug.org Sat Aug 10 22:41:39 2019 From: grlug at grlug.org (Grand Rapids Linux Users Group) Date: Sat, 10 Aug 2019 22:41:39 -0400 Subject: [GRLUG] Teaching opportunity at Davenport University Message-ID: If you have a master degree and daytime availability, classes start September 3rd. There is a need to teach an intro Linux class as an adjunct instructor try this link https://www.davenport.edu/jobs Faculty College of Technology 6191 Kraft Avenue S.E. Grand Rapids MI 49512 (616) 871-3981 (616) 554-5225 fax amccutchen at davenport.edu I value your opinion! Please click below to rate my customer service: http://great.davenport.edu/report/amccutchen -------------- next part -------------- An HTML attachment was scrubbed... URL: From grlug at grlug.org Mon Aug 26 18:45:33 2019 From: grlug at grlug.org (Grand Rapids Linux Users Group) Date: Mon, 26 Aug 2019 22:45:33 +0000 Subject: [GRLUG] firewall Message-ID: I'm in need of a firewall/router and I really don't want yet another old computer running 24/7 in the house. I have an old netgear wifi router that I have been using who's wifi wasn't reliable so I turned off the antennas and bought a unifi ap. I'm still using the old netgear for port forwarding and firewall tasks, but recently settings have been changing and I suspect that this is due to unpatched vulnerabilities. I've disabled most administration functions so I think I'm good for now, but I am looking for something to replace this. Does the raspberry Pi have a dual ethernet interface? Maybe flashing the netgear with some opensource firmware? Maybe unifi Security Gateway? If running an old computer is the best I guess I could do that as well. What are my best options? Share and Enjoy Ben -------------- next part -------------- An HTML attachment was scrubbed... URL: From grlug at grlug.org Mon Aug 26 19:56:11 2019 From: grlug at grlug.org (Grand Rapids Linux Users Group) Date: Mon, 26 Aug 2019 19:56:11 -0400 Subject: [GRLUG] firewall In-Reply-To: References: Message-ID: I'd be tempted by something like this. https://www.cnx-software.com/2019/02/20/nanopi-r1-allwinner-h3-gateway-dual-ethernet-wifi-bluetooth/ On Mon, Aug 26, 2019 at 6:47 PM Grand Rapids Linux Users Group < grlug at grlug.org> wrote: > I'm in need of a firewall/router and I really don't want yet another old > computer running 24/7 in the house. > > I have an old netgear wifi router that I have been using who's wifi wasn't > reliable so I turned off the antennas and bought a unifi ap. I'm still > using the old netgear for port forwarding and firewall tasks, but recently > settings have been changing and I suspect that this is due to unpatched > vulnerabilities. I've disabled most administration functions so I think > I'm good for now, but I am looking for something to replace this. > > Does the raspberry Pi have a dual ethernet interface? > Maybe flashing the netgear with some opensource firmware? > Maybe unifi Security Gateway? > If running an old computer is the best I guess I could do that as well. > > What are my best options? > > Share and Enjoy > Ben > -- > grlug mailing list > grlug at grlug.org > https://shinobu.grlug.org/mailman/listinfo/grlug > -- Roger Roger Roelofs Know what you value. -------------- next part -------------- An HTML attachment was scrubbed... URL: From grlug at grlug.org Mon Aug 26 20:52:46 2019 From: grlug at grlug.org (Grand Rapids Linux Users Group) Date: Mon, 26 Aug 2019 20:52:46 -0400 Subject: [GRLUG] firewall In-Reply-To: References: Message-ID: Dual interfaces: unfortunately, the RasPi only has one port, though it's gigabit if you want to do some vlan tinkering Open source: DD-WRT is pretty good if they support your hardware, might be worth a look. Tomato might also work for you, but it has a more limited set of supported hardware (hence my never having tried it). Unifi Security Gateway: I like my USG when it works, though I think I got a bad update and might need to ship it back. It also requires a controller running if you want anything do to anything with it more than VERY basic stuff (dhcp and dns configuration), so that'd be another computer (or raspi-like device) running on a regular basis, though I guess since you already have a Unifi AP, you've solved that issue somehow. If you're looking to get more into the Unifi space (and already have a controller), the USG would be pretty good. I've had more than my fair share off issues with it, but I get the feeling that I'm in the minority as most of the people I know that have them are pretty happy. Unifi ships updates pretty regularly and it generally gets out of your way. The downsides are that it takes a while to boot up and you'll need to turn off deep-packet inspection if you have more than 300Mbps of throughput. Otherwise, the Netgear Nighthawk is very solid and it just gets out of your way. --Thomas On Mon, Aug 26, 2019 at 7:56 PM Grand Rapids Linux Users Group < grlug at grlug.org> wrote: > I'd be tempted by something like this. > https://www.cnx-software.com/2019/02/20/nanopi-r1-allwinner-h3-gateway-dual-ethernet-wifi-bluetooth/ > > On Mon, Aug 26, 2019 at 6:47 PM Grand Rapids Linux Users Group < > grlug at grlug.org> wrote: > >> I'm in need of a firewall/router and I really don't want yet another old >> computer running 24/7 in the house. >> >> I have an old netgear wifi router that I have been using who's wifi >> wasn't reliable so I turned off the antennas and bought a unifi ap. I'm >> still using the old netgear for port forwarding and firewall tasks, but >> recently settings have been changing and I suspect that this is due to >> unpatched vulnerabilities. I've disabled most administration functions so >> I think I'm good for now, but I am looking for something to replace this. >> >> Does the raspberry Pi have a dual ethernet interface? >> Maybe flashing the netgear with some opensource firmware? >> Maybe unifi Security Gateway? >> If running an old computer is the best I guess I could do that as well. >> >> What are my best options? >> >> Share and Enjoy >> Ben >> -- >> grlug mailing list >> grlug at grlug.org >> https://shinobu.grlug.org/mailman/listinfo/grlug >> > > > -- > Roger > > Roger Roelofs > Know what you value. > -- > grlug mailing list > grlug at grlug.org > https://shinobu.grlug.org/mailman/listinfo/grlug > -- Thomas -------------- next part -------------- An HTML attachment was scrubbed... URL: From grlug at grlug.org Mon Aug 26 21:50:10 2019 From: grlug at grlug.org (Grand Rapids Linux Users Group) Date: Mon, 26 Aug 2019 18:50:10 -0700 Subject: [GRLUG] firewall In-Reply-To: References: Message-ID: I suggest pfsense Best choice: https://www.amazon.com/Firewall-Appliance-Gigabit-Celeron-AES-NI/dp/B07G9NHRGQ/ref=mp_s_a_1_3?keywords=pfsense&qid=1566870381&s=gateway&sprefix=pfsense&sr=8-3 Cheaper https://www.amazon.com/Firewall-Appliance-Gigabit-Celeron-AES-NI/dp/B07G9NHRGQ/ref=mp_s_a_1_3?keywords=pfsense&qid=1566870381&s=gateway&sprefix=pfsense&sr=8-3://www.amazon.com/SG-1100-pfSense-Security-Gateway-Appliance/dp/B07MTMPXKG/ref=mp_s_a_1_4?keywords=pfsense&qid=1566870453&s=gateway&sprefix=pfsense&sr=8-4 Or edge routers are nice and at 70 bucks. They used to run a version of vytta https://www.amazon.com/gp/aw/d/B00YFJT29C/ref=psdcmw_300189_t1_B07MTMPXKG > On Aug 26, 2019, at 5:52 PM, Grand Rapids Linux Users Group wrote: > > Dual interfaces: unfortunately, the RasPi only has one port, though it's gigabit if you want to do some vlan tinkering > Open source: DD-WRT is pretty good if they support your hardware, might be worth a look. Tomato might also work for you, but it has a more limited set of supported hardware (hence my never having tried it). > Unifi Security Gateway: I like my USG when it works, though I think I got a bad update and might need to ship it back. It also requires a controller running if you want anything do to anything with it more than VERY basic stuff (dhcp and dns configuration), so that'd be another computer (or raspi-like device) running on a regular basis, though I guess since you already have a Unifi AP, you've solved that issue somehow. > > If you're looking to get more into the Unifi space (and already have a controller), the USG would be pretty good. I've had more than my fair share off issues with it, but I get the feeling that I'm in the minority as most of the people I know that have them are pretty happy. Unifi ships updates pretty regularly and it generally gets out of your way. The downsides are that it takes a while to boot up and you'll need to turn off deep-packet inspection if you have more than 300Mbps of throughput. > > Otherwise, the Netgear Nighthawk is very solid and it just gets out of your way. > > --Thomas > >> On Mon, Aug 26, 2019 at 7:56 PM Grand Rapids Linux Users Group wrote: >> I'd be tempted by something like this. https://www.cnx-software.com/2019/02/20/nanopi-r1-allwinner-h3-gateway-dual-ethernet-wifi-bluetooth/ >> >>> On Mon, Aug 26, 2019 at 6:47 PM Grand Rapids Linux Users Group wrote: >>> I'm in need of a firewall/router and I really don't want yet another old computer running 24/7 in the house. >>> >>> I have an old netgear wifi router that I have been using who's wifi wasn't reliable so I turned off the antennas and bought a unifi ap. I'm still using the old netgear for port forwarding and firewall tasks, but recently settings have been changing and I suspect that this is due to unpatched vulnerabilities. I've disabled most administration functions so I think I'm good for now, but I am looking for something to replace this. >>> >>> Does the raspberry Pi have a dual ethernet interface? >>> Maybe flashing the netgear with some opensource firmware? >>> Maybe unifi Security Gateway? >>> If running an old computer is the best I guess I could do that as well. >>> >>> What are my best options? >>> >>> Share and Enjoy >>> Ben >>> -- >>> grlug mailing list >>> grlug at grlug.org >>> https://shinobu.grlug.org/mailman/listinfo/grlug >> >> >> -- >> Roger >> >> Roger Roelofs >> Know what you value. >> -- >> grlug mailing list >> grlug at grlug.org >> https://shinobu.grlug.org/mailman/listinfo/grlug > > > -- > Thomas > -- > grlug mailing list > grlug at grlug.org > https://shinobu.grlug.org/mailman/listinfo/grlug -------------- next part -------------- An HTML attachment was scrubbed... URL: From grlug at grlug.org Mon Aug 26 22:20:11 2019 From: grlug at grlug.org (Grand Rapids Linux Users Group) Date: Mon, 26 Aug 2019 19:20:11 -0700 Subject: [GRLUG] firewall In-Reply-To: References: Message-ID: DD-WRT / Open Router should handle just about any netgear router, and is secure and solid. I had it on an AC1200 range-extender for a few years, then ported the configs over to my current NightHawk, after I needed to expand my wifi range. It was also able to handle 2 public IPs on the cox business connection. Total cost is free. -Van > On Aug 26, 2019, at 18:50, Grand Rapids Linux Users Group wrote: > > I suggest pfsense > > Best choice: > https://www.amazon.com/Firewall-Appliance-Gigabit-Celeron-AES-NI/dp/B07G9NHRGQ/ref=mp_s_a_1_3?keywords=pfsense&qid=1566870381&s=gateway&sprefix=pfsense&sr=8-3 > > Cheaper > > https://www.amazon.com/Firewall-Appliance-Gigabit-Celeron-AES-NI/dp/B07G9NHRGQ/ref=mp_s_a_1_3?keywords=pfsense&qid=1566870381&s=gateway&sprefix=pfsense&sr=8-3://www.amazon.com/SG-1100-pfSense-Security-Gateway-Appliance/dp/B07MTMPXKG/ref=mp_s_a_1_4?keywords=pfsense&qid=1566870453&s=gateway&sprefix=pfsense&sr=8-4 > > > Or edge routers are nice and at 70 bucks. They used to run a version of vytta > https://www.amazon.com/gp/aw/d/B00YFJT29C/ref=psdcmw_300189_t1_B07MTMPXKG > > On Aug 26, 2019, at 5:52 PM, Grand Rapids Linux Users Group > wrote: > >> Dual interfaces: unfortunately, the RasPi only has one port, though it's gigabit if you want to do some vlan tinkering >> Open source: DD-WRT is pretty good if they support your hardware, might be worth a look. Tomato might also work for you, but it has a more limited set of supported hardware (hence my never having tried it). >> Unifi Security Gateway: I like my USG when it works, though I think I got a bad update and might need to ship it back. It also requires a controller running if you want anything do to anything with it more than VERY basic stuff (dhcp and dns configuration), so that'd be another computer (or raspi-like device) running on a regular basis, though I guess since you already have a Unifi AP, you've solved that issue somehow. >> >> If you're looking to get more into the Unifi space (and already have a controller), the USG would be pretty good. I've had more than my fair share off issues with it, but I get the feeling that I'm in the minority as most of the people I know that have them are pretty happy. Unifi ships updates pretty regularly and it generally gets out of your way. The downsides are that it takes a while to boot up and you'll need to turn off deep-packet inspection if you have more than 300Mbps of throughput. >> >> Otherwise, the Netgear Nighthawk is very solid and it just gets out of your way. >> >> --Thomas >> >> On Mon, Aug 26, 2019 at 7:56 PM Grand Rapids Linux Users Group > wrote: >> I'd be tempted by something like this. https://www.cnx-software.com/2019/02/20/nanopi-r1-allwinner-h3-gateway-dual-ethernet-wifi-bluetooth/ >> On Mon, Aug 26, 2019 at 6:47 PM Grand Rapids Linux Users Group > wrote: >> I'm in need of a firewall/router and I really don't want yet another old computer running 24/7 in the house. >> >> I have an old netgear wifi router that I have been using who's wifi wasn't reliable so I turned off the antennas and bought a unifi ap. I'm still using the old netgear for port forwarding and firewall tasks, but recently settings have been changing and I suspect that this is due to unpatched vulnerabilities. I've disabled most administration functions so I think I'm good for now, but I am looking for something to replace this. >> >> Does the raspberry Pi have a dual ethernet interface? >> Maybe flashing the netgear with some opensource firmware? >> Maybe unifi Security Gateway? >> If running an old computer is the best I guess I could do that as well. >> >> What are my best options? >> >> Share and Enjoy >> Ben >> -- >> grlug mailing list >> grlug at grlug.org >> https://shinobu.grlug.org/mailman/listinfo/grlug >> >> >> -- >> Roger >> >> Roger Roelofs >> Know what you value. >> -- >> grlug mailing list >> grlug at grlug.org >> https://shinobu.grlug.org/mailman/listinfo/grlug >> >> >> -- >> Thomas >> -- >> grlug mailing list >> grlug at grlug.org >> https://shinobu.grlug.org/mailman/listinfo/grlug > -- > grlug mailing list > grlug at grlug.org > https://shinobu.grlug.org/mailman/listinfo/grlug -------------- next part -------------- An HTML attachment was scrubbed... URL: