Using Rock64 as a firewall
#1
Hi,

I am pondering this and am wondering if anyone has tried any of the dedicated offrngs on a Rock64. Both ClearOS and IPFire have Arm builds, but I have no idea if they work with the R64. Has anyone tried those out or any similar offerings?

Thank you in advance.

Sent from my SM-T537V using Tapatalk
#2
i think there is [was?] a centos for pine64 but not sure of rock64. but to be honest the 1st thing that popped into my head was a concern that rock64 could be a bottleneck for the whole local network depending on what activity goes on in an average 24hr period. so, why the rock64 as firewall?
#3
(10-08-2017, 12:49 PM)jl_678 Wrote: Hi,

I am pondering this and am wondering if anyone has tried any of the dedicated offrngs on a Rock64. Both ClearOS and IPFire have Arm builds, but I have no idea if they work with the R64. Has anyone tried those out or any similar offerings?

Thank you in advance.

Sent from my SM-T537V using Tapatalk

Can not see why another Gig ethernet on that USB port shouldn't work as the latest Ayufan builds and base builds for Xenial seem quite solid.
Not really sure about the secondary eth on the rock which is 100mbs but think the linux drivers are relatively in place and if you can find a usb eth that works then its highly likely you could prob get something going.

Ipfire seems like a good choice would be good to know how you get on.
#4
Hi,

I will order something and test it out. Regarding why, well, my home router is very old and needs an upgrade and so why not?

I will thoroughly test the R64 implementation prior to using it in production and so hopefully will identify any issues.

My near term plan is to test out the ipfire image on the rock as is. If it passes that smoke test then I will look to add additional accessories including a dedicated Rock64 for the project.

Sent from my XT1254 using Tapatalk
#5
(10-08-2017, 02:50 PM)jl_678 Wrote: Hi,

I will order something and test it out. Regarding why, well, my home router is very old and needs an upgrade and so why not?

I will thoroughly test the R64 implementation prior to using it in production and so hopefully will identify any issues.

My near term plan is to test out the ipfire image on the rock as is. If it passes that smoke test then I will look to add additional accessories including a dedicated Rock64 for the project.

Sent from my XT1254 using Tapatalk

Prob a lot of work getting it ready for the Rock64 and distro based firewalls are a better choice.
Zentyal is Ubuntu and actually the firewall / network / dhcp / dns part actually always worked really well.

Untangle I guess you could build it on debian.

Or Shorewall / webmin which is what I normally do in fact I tell a lie usually just iptables but use the webmin interface.
Lockdown webmin to local host and install openvpn.

Trying to think of more distro based firewalls that are buntu/deb versions.
Webmin gets a lot of criticism in its open state, which makes install and initial config easy then you just lock it down and you can always unlock it for maintenance.
Its pretty damn shit hot but Zentyal works well.

Post way as I might join you in the production of a Rockwall. Smile
Debian Jessie, Webmin & Shorewall look a good bet.
Zentyal no Arm64
Untangle.... mweh
http://shorewall.org/VPNBasics.html
http://www.webmin.com/deb.html
#6
So you have got me thinking more about this. Thank you. To be honest part of the goal was to get some web filters going and it just seems like the Rock would not be good for this.

Yes, it can do a basic firewall with the tools that you suggest, but it seems that the more full featured options require an x86 or equivalent.

Sent from my XT1254 using Tapatalk
#7
(10-09-2017, 04:05 PM)jl_678 Wrote: So you have got me thinking more about this. Thank you. To be honest part of the goal was to get some web filters going and it just seems like the Rock would not be good for this.

Yes, it can do a basic firewall with the tools that you suggest, but it seems that the more full featured options require an x86 or equivalent.

Sent from my XT1254 using Tapatalk

I think your looking in the wrong place as yeah the rock64 could very well do web filtering and prob best way to go is to install squid or many of the proxy / web filtering piggy in the middle stuff then use DansGuardian.
The balabit zorp stuff is prob the best if I spelt that right.

In fact you might of set me a little project of a ubuntu xenial shorewall webmin squid dansguardian snort lizardfs box Smile

It is a struggle with Arm64 finding binary repos but Xenial seems to be the best bet for the above.


Possibly Related Threads…
Thread Author Replies Views Last Post
  Pine Rock64 eMMC lifespan moonspell79 3 331 08-19-2021, 06:46 PM
Last Post: bcnaz
  Rock64 No Audio - Solved wbecks 12 16,942 08-13-2021, 01:23 PM
Last Post: blakeadam
Question Hardware issues with Rock64 grobbs 11 2,484 07-24-2021, 10:23 AM
Last Post: robinkyle11
  Trustzone support for Rock64 capablegh 1 304 07-17-2021, 10:15 AM
Last Post: capablegh
  Python GPIO Library for the Rock64 (R64.GPIO) Leapo 37 40,632 07-02-2021, 03:20 PM
Last Post: klausfelix
  rock64, compile problems "illegal instruction", "memory fault" -> ddr_333Mhz? klausfelix 0 265 07-02-2021, 03:13 PM
Last Post: klausfelix
Information Serial Console for the Rock64 MarkHaysHarris777 33 33,585 06-24-2021, 12:24 PM
Last Post: mikeklien
  lost eletronic component rock64 marvin1986 1 531 06-01-2021, 06:27 PM
Last Post: 8bit
Shocked Rock64 - Reboots after few minutes addezai 2 761 04-22-2021, 07:03 PM
Last Post: addezai
  Rock64 Long Term stability ramprasad 4 2,380 03-16-2021, 07:23 PM
Last Post: Rocklobster

Forum Jump:


Users browsing this thread: 1 Guest(s)