On Fri, Aug 01, 2003 at 07:11:18AM -0400, Tom Allison wrote: > Steve Lamb wrote: > >On Fri, 01 Aug 2003 03:11:46 -0400 Tom Allison wrote: > > > > > These take an existing computer (Pentium 200 with 64MB RAM and 1GB > > > hard drive, some would argue it's hardly worth pulling from the > > > dumpster). > > > > Oddly enough I'd argue that those are wasted on a router. :) > > True. > > But when I run squid & snort on the same box, it's not a complete > waste since these actually require some CPU cycles and disk IO to do > their job. I currently run with all the RAM in use and about 30% in > swap, but it's nothing that I would ever notice and whatever is in > swap isn't anything I need during routing surfing (no disk IO beyond > logging 99.9% of the time I've noticed it). > > If I skipped squid I could probably get buy with much much less of a > machine.
We use a P166 w/ 64Meg and a 1.5 Gig drive for our company's firewall. It runs a custom iptables script that I maintain along with a transparent Squid proxy for web surfing, Exim w/ Spam Assassin mail filter for spam tagging, and FreeS/WAN, PoPToP, and SSH for remote access. I have a continual IPSEC tunnel to it from my home office for my wife and myself. The box was built out of discarded PC components when I started for the company, and has served in this capacity nearly flawlessly. Only problem I've had with it is that I didn't limit the number of Spam Assassin processes that could run at one time when I initially installed it. Since I corrected this, it's been running fine. -- Jamin W. Collins Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
