Hardware Needed for Packages

  • Hi all,

    Firstly, apologies if this has already been answered and I've missed it in my search …. I did read the advice about Snort needing a 512MB machine, but I don't know what throughput is assumed there.

    I'm looking to run pfSense on low-power/silent/small-form-factor hardware but with enough grunt to run some packages.  The Soekris net5501-70 initially looks good - it takes a 2.5" HDD - but may be underpowered with 500MHz Geode and 512MB RAM (without packages, I'd favour an ALIX 2C3/2D3 embedded setup). I don't need VPN. I need to support WAN throughput of up to ~20Mb/s and ~5 simultaneous users in a SOHO setup - I already have all other hardware including switch.

    In priority order, the packages I'd like to run are:

    • Snort
    • Squid
    • SquidGuard
    • ClamAV

    So, with the modest throughput I need, will a 500MHz Geode/512MB RAM with HDD be enough, or would I need something more?  If I did stick with the net5501 above, which packages would I be able to run?

    (BTW, currently I run Untangle on a clunky old Celeron 1.3GHz, but I don't need all of its apps, I want finer-grained control over the firewall, it takes 6 minutes to bootup and it uses 50-150W, which is wasteful since it's mostly left on due to the PITA bootup ... so I think I can do better).

    Thanks in advance.

  • Bert

    Pfsense is a firewall based application/os.

    ClamAV and application based filtering is not really part of pfsense. Snort is available as a package for pfsense, but it can be pretty cpu/memory hungry..

    Personaly I wouldn't do any virus filtering on a firewall, if you insist on doing it, then use untangled bridged with pfsense.

  • Squid and SquidGuard - yes

    Snort - not unless you're using a very low bandwidth (< 5 Mb/s, maybe < 1 Mb/s) with a very limited ruleset.

  • Thanks.

Log in to reply