Using Rock64 as a firewall
#1
Hi,

I am pondering this and am wondering if anyone has tried any of the dedicated offrngs on a Rock64. Both ClearOS and IPFire have Arm builds, but I have no idea if they work with the R64. Has anyone tried those out or any similar offerings?

Thank you in advance.

Sent from my SM-T537V using Tapatalk
#2
i think there is [was?] a centos for pine64 but not sure of rock64. but to be honest the 1st thing that popped into my head was a concern that rock64 could be a bottleneck for the whole local network depending on what activity goes on in an average 24hr period. so, why the rock64 as firewall?
#3
(10-08-2017, 12:49 PM)jl_678 Wrote: Hi,

I am pondering this and am wondering if anyone has tried any of the dedicated offrngs on a Rock64. Both ClearOS and IPFire have Arm builds, but I have no idea if they work with the R64. Has anyone tried those out or any similar offerings?

Thank you in advance.

Sent from my SM-T537V using Tapatalk

Can not see why another Gig ethernet on that USB port shouldn't work as the latest Ayufan builds and base builds for Xenial seem quite solid.
Not really sure about the secondary eth on the rock which is 100mbs but think the linux drivers are relatively in place and if you can find a usb eth that works then its highly likely you could prob get something going.

Ipfire seems like a good choice would be good to know how you get on.
#4
Hi,

I will order something and test it out. Regarding why, well, my home router is very old and needs an upgrade and so why not?

I will thoroughly test the R64 implementation prior to using it in production and so hopefully will identify any issues.

My near term plan is to test out the ipfire image on the rock as is. If it passes that smoke test then I will look to add additional accessories including a dedicated Rock64 for the project.

Sent from my XT1254 using Tapatalk
#5
(10-08-2017, 02:50 PM)jl_678 Wrote: Hi,

I will order something and test it out. Regarding why, well, my home router is very old and needs an upgrade and so why not?

I will thoroughly test the R64 implementation prior to using it in production and so hopefully will identify any issues.

My near term plan is to test out the ipfire image on the rock as is. If it passes that smoke test then I will look to add additional accessories including a dedicated Rock64 for the project.

Sent from my XT1254 using Tapatalk

Prob a lot of work getting it ready for the Rock64 and distro based firewalls are a better choice.
Zentyal is Ubuntu and actually the firewall / network / dhcp / dns part actually always worked really well.

Untangle I guess you could build it on debian.

Or Shorewall / webmin which is what I normally do in fact I tell a lie usually just iptables but use the webmin interface.
Lockdown webmin to local host and install openvpn.

Trying to think of more distro based firewalls that are buntu/deb versions.
Webmin gets a lot of criticism in its open state, which makes install and initial config easy then you just lock it down and you can always unlock it for maintenance.
Its pretty damn shit hot but Zentyal works well.

Post way as I might join you in the production of a Rockwall. Smile
Debian Jessie, Webmin & Shorewall look a good bet.
Zentyal no Arm64
Untangle.... mweh
http://shorewall.org/VPNBasics.html
http://www.webmin.com/deb.html
#6
So you have got me thinking more about this. Thank you. To be honest part of the goal was to get some web filters going and it just seems like the Rock would not be good for this.

Yes, it can do a basic firewall with the tools that you suggest, but it seems that the more full featured options require an x86 or equivalent.

Sent from my XT1254 using Tapatalk
#7
(10-09-2017, 04:05 PM)jl_678 Wrote: So you have got me thinking more about this. Thank you. To be honest part of the goal was to get some web filters going and it just seems like the Rock would not be good for this.

Yes, it can do a basic firewall with the tools that you suggest, but it seems that the more full featured options require an x86 or equivalent.

Sent from my XT1254 using Tapatalk

I think your looking in the wrong place as yeah the rock64 could very well do web filtering and prob best way to go is to install squid or many of the proxy / web filtering piggy in the middle stuff then use DansGuardian.
The balabit zorp stuff is prob the best if I spelt that right.

In fact you might of set me a little project of a ubuntu xenial shorewall webmin squid dansguardian snort lizardfs box Smile

It is a struggle with Arm64 finding binary repos but Xenial seems to be the best bet for the above.


Possibly Related Threads…
Thread Author Replies Views Last Post
  ROCK64 v3 can it boot from USB? Tsagualsa 4 122 Yesterday, 11:31 AM
Last Post: Macgyver
  rock64 v3 spiflash Macgyver 0 27 11-28-2022, 02:18 PM
Last Post: Macgyver
  How well does Rock64 deal with HDR and Atmos on Kodi? drvlikhell 1 118 11-20-2022, 07:41 PM
Last Post: tllim
  OpenWRT on the Rock64 CanadianBacon 9 2,908 11-05-2022, 03:07 PM
Last Post: wilsonYan
  my rock64 dosen't work rookie_267 0 238 10-07-2022, 07:50 PM
Last Post: rookie_267
  Rock64 u-boot for eMMC Build Error mexicanflyer 0 275 09-18-2022, 02:29 PM
Last Post: mexicanflyer
  ROCK64 - Not start mathieu 0 483 07-11-2022, 03:49 AM
Last Post: mathieu
  Rock64 bricked shawwwn 6 3,068 01-29-2022, 05:49 AM
Last Post: shawwwn
  Rock64 board not working, no HDMI no Ethernet. EDited 2 1,657 01-26-2022, 08:46 AM
Last Post: TRS-80
  Rock64 <--> Rock64 Serial Connection mark1250 1 1,189 12-23-2021, 09:27 PM
Last Post: barray

Forum Jump:


Users browsing this thread: 1 Guest(s)