Hardware options for new build?
-
Well it doesn't seem to be having any problems with just those lists loaded in pfBlocker.
I would expect to be able to run Squid there as well with mostly default settings.
Adding Snort/Suricata to that might be a problem though.
Steve
-
@stephenw10 Thanks for taking a look at that. I realized that I need to do this incrementally and with specific purpose so I will be able to devote more time next month and will probably build a VM for testing purposes. I may still have to look at HW options, if I recall I think the FW PC is maxed out in ram (4gb), I need to check on that. Would additional ram make a difference or is it CPU that is the bottleneck? Since its running FreeBSD I cant use a system reporting tool to get system information to look up the specs online, gonna have to take it apart. This will be a good time to clean it out and replace a couple of fans.
-
For a 300Mbps WAN I wouldn't expect the CPU to limit throughput unless you loaded up ever list and signature you could find. And you would exhaust the RAM trying to do that.
Steve
-
@stephenw10 So if I add more ram (if possible) I should see an improvement in system performance and resource utilization as I restart services?
I am not looking to load everything only those which reduces/eliminates ads, allows me to restrict access to certain sites and provides for protection from external threats.
Knowing what to load such as lists and such is the key, need to get up to speed on the various options.
While on the subject of lists, why have so many squid proxy blacklists disappeared? I read one guy who use to publish a pretty popular list say that due to the political and social environment he had to stop publishing and it seems like all of the other lists I could find were also no longer active.
Are these lists a good tool to have? Do you know of any good one(s) that are still active?
Cleaned out the PC, replaced CMOS battery so it boots up without my having to press F1, and installed new fans to keep things cool, it sounds like a mini turbine now. I am going to have to unplug one of the fans to bring down the noise, I am sure people can hear it when I am on conf calls. They have helped drop the normal op temp by 2+ degrees C which is a good thing.
PS...Just confirmed that the MB only supports 4gb of mem so will have to start loading stuff carefully and see where it settles out. Good thing that I dont have to buy new HW right now, I can wait and see how it works out and wait for a good deal on refurbished or new equipment.
-
If it exhausts the RAM and starts SWAPing you will see performance tank! So much so that I often just disable SWAP at install. That can prevent crash reports being stored though.
So keep an eye on the usage. You'll probably be fine though, 4GB is still quite a lot.Steve
-
@stephenw10 I started the proxy server and have been holding steady at 24% and load averages are in the 0.9x's. I noticed that amazon product images were not displaying and office 365 was having server connectivity issues, I went and disabled man in the middle filtering and the issues resolved. I was under the impression from what I read that this would need to be configured to be able to restrict web sites that use encrypted DNS. I guess now would be a good time to back up the config...again. Thanks for the input.
-
The system did a reboot all on its own last night, I have the crash report but dont know enough about the contents to even take a guess at what happened. I shutdown the squid proxy server and so far has been running stable. I am going to restart the service later to see if it happens again. Would be nice to have some sort of cipher or something to see if the report can shed light onto what happened.
-
You can pm me a link to it if you upload it somewhere if you like.
-
All recommendations and advice is welcomed.
NETGATE 4100 BASE
Would be nice to your setup but is not matching the
price range.NETGATE 6100 BASE
Offers more options, able to activate more services
but on the other end more away from your price
range wish.But please don´t forget that electric power is here in both cases low as it can be! And you might be also able to safe money over the years I mean, to get something more back than horse power.
PC Engines APU4D4
Offers not that hard power like the both Netgate devices
but also low electric power using and silent on top! It
offers the ability to install a mSATA, WiFi and Modem
card if needed.Others may love the option for a procom or protectli
directly from the internet, may be an option also but
if electric power may be also a point to keep an eye
on it is not that real thing for home installment. -
@dobby_ Appreciate the input. I was looking a the netgate devices but dont have a rack and want to maximize ROI by maybe leveraging for other uses like a log server or to run everything virtually. I have not yet decided but am leaning towards an i5 processor and 8-16gb mem (depending on planned uses). I have a new Dell for automation and am impressed with the quality and price so am keeping an eye on deals to see what pops up. I would like fanless due to size but when all is said and done I can get a mid tower PC with its expansion capabilities for the same cost as a comparable fanless unit. I am testing PFS as a VM and if it works as expected I may use VM for most of my needs so a PC would almost be a must.
-
@stephenw10 Will do, appreciate it. I will get it uploaded and send you the link.
