[ previous ] [ next ] [ threads ]
 
 From:  Jesse Guardiani <jesse at wingnet dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: Re: Experiences in 50+ user organizations?
 Date:  Thu, 24 Feb 2005 22:33:11 -0500
Rob Sharp wrote:

> I would hardly compare Checkpoint NG to a home grown firewall thats using
> IPFW. Checkpoint runs on the Nokia IPSO (bsd varient) or linux or win2k.
> But it loads it's firewalls drivers over the OS.  Checkpoint NG is a
> far more powerful firewall.  Not trying to dis monowall cause I think
> it's awesome, just your simplifying checkpoint and probably sonicwall.
> 
> I run monowall on a IP110 (Cyrix 266, 64 ram, 5 gig 2.5 ide) and I can
> push 40 mbps with a custom kernel and some tweaks (link0 and kernel
> polling) and I can do about 3 mbps of blowfish openvpn.  I don't use
> traffic shaping since it seems to break port forwarding on 1.2b3.

Do you mean 1.2b5? The only problem I've ever had with Traffic Shaping
under 1.2b3 is that it doesn't work with NAT, and that's the O/S's fault.


> On Fri, 25 Feb 2005 11:11:54 +1100, Barry Mather
> <barry dot mather at dorecentres dot com dot au> wrote:
>> To get back slightly to the topic in hand ...
>> 
>> Checkpoint firewall NG - runs on a version of unix ...
>> 
>> Sonicwall - runs a version of unix
>> 
>> Why be scared to use open source when so many other LARGE vendors do
>> .....
>> 
>> -----Original Message-----
>> From: Eric Collins [mailto:eric at tawifi dot com]
>> Sent: Friday, 25 February 2005 10:33 AM
>> To: m0n0wall at lists dot m0n0 dot ch
>> Subject: Re: [m0n0wall] Re: Experiences in 50+ user organizations?
>> 
>> Now while I agree with Jesse on a "saturated" T1 its is kinda touch and
>> go, especially if you have alot of shaping going on, but I have several
>> client T1's that I use the 4801's on and they are fine 99.9% of the
>> time, no problems whatso ever. So no I dont think it would be a problem.
>> 
>> I also use the 4801 on my home connection which is 5mbit Wifi and it
>> purrs along just fine with no problems.
>> 
>> As for your wifi feed I think the soekris boards will be just fine, we
>> use them in several 5-10mbit wifi feeds without problems, and I am sure
>> alot of other people use them in the same way.
>> 
>> Now the Soekris did not work for our datacenter, but with the amount of
>> traffic we push it is not surprising in the least.
>> 
>> -Eric
>> 
>> Seth Rothenberg wrote:
>> 
>> >>I tend to agree with this....
>> >>I wouldn't place a Soekris 4801 on anything larger
>> >>than a saturated T1 though.
>> >>
>> >>
>> >
>> >I have 2 questions on this thread -
>> >which has been getting me nervious....but maybe unnecessarily...
>> >
>> >So, if you have a not-saturated T1, Soekris is OK?
>> >(I have two 4521 in service and would like to keep them a while :-)
>> >
>> >What about a wifi feed?  I am looking at buying
>> >Towerstream's 5Mb/s feed soon, for about 20 people,
>> >hoping to grow...hoping the soekris would last a while...
>> >
>> >....and, if not a soekris, even 4801 from sounds of it,
>> >what then?   i.e., a GHz class SBC with 2 pcmcia ?
>> >(do you give up the fanless part? :-)
>> >Any suggestions?
>> >
>> >
>> >Thanks
>> >Seth
>> >
>> >
>> >
>> >
>> >---------------------------------------------------------------------
>> >To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> >For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>> >
>> >
>> >
>> >
>> >
>> 
>> --
>> Eric Collins
>> Sr Network Administrator
>> Tawifi.com
>> 
>> Downtown Tucson WiFi Network
>> http://www.tawifi.com
>> 
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>> 
>> Dore Achievement Centres (Pty) Ltd - Hotline: 1300 55 77 11
>> 
>> www.dorecentres.com.au
>> 
>> This e-mail message may contain confidential or privileged information
>> and is intended solely for the individual to whom it is addressed. If you
>> are not the named addressee you should not disseminate, distribute or
>> copy this e-mail. If you have received it in error please notify us
>> immediately by telephoning 1300 55 77 11 and destroy this e-mail and
>> any attachments. E-mail transmission cannot be guaranteed to be
>> secure or error-free as information could be intercepted, corrupted,
>> lost, destroyed, arrive late or incomplete, or contain viruses. The
>> sender therefore does not accept liability for any errors or omissions in
>> the contents of this message, which arise as a result of e-mail
>> transmission. The content of this email is not necessarily that of the
>> Dore Acievement
>> Centres unless otherwise specified.  This email was scanned for possible
>> viruses and was sent on 25/2/2005 by barry dot mather at dorecentres dot com dot au to
>> m0n0wall at lists dot m0n0 dot ch
>> 
>> 
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>> 
>> 
> 
> 

-- 
Jesse Guardiani, Systems Administrator
WingNET Internet Services,
P.O. Box 2605 // Cleveland, TN 37320-2605
423-559-LINK (v)  423-559-5145 (f)
http://www.wingnet.net