Dealing with the Packets

Maintaining a home or small business network can be a huge hassle these days with so many devices that interact by wireless, Ethernet and from the Internet. You may have gaming consoles, multimedia centers, laptops, servers and workstations all needing a stable network setup. Now you could easily go buy a Linksys (w/DD-WRT of course) or DLink router, and configure it for your needs, I would recommend this for the standard user but if you want a DIY project to add advanced features and monitoring to your network I would suggest something more. In the past I would have used a open source project called IPCop (Simple IPTables packet filtering firewall), which has worked great in many deployments for small businesses I have consulted with, and as well as for my home network.

Recently however I had noticed the community and project had started to become slightly neglected, and as well was catering mainly to a German audience. So I went out in search of alternatives, I discovered several solutions that seemed promising including Smoothwall and M0N0wall, but they were still lacking many of the features of IPCop. I then took a closer look at the IPCop community and discovered a branch off IPCop that was being updated, offering both commercial versions but as well keeping an open source version. The software was called Endian and I am now using the community version that took much of the IPCop base, updated it and included a new, slicker web interface.

Sample of features:

  • Multiple Uplinks (Bonus if you have a backup ISP connection)
  • Updated and slick web interface
  • Same graphs as IPcop, showing system/network load, current connections, services, etc
  • Easy DHCP management features
  • Dynamic DNS integration
  • ClamAV scanning of downloads
  • Traffic Shaping
  • Snort Integration
  • NTop Integration
  • Port forwarding and network partitioning
  • SIP, HTTP, DNS Proxy with content filter
  • OpenVPN integration, IPSec VPN support
  • Lots of Logging options

Having SNORT/NTOP integrated makes troubleshooting issues simple, analyze the traffic and easily block problem traffic. Outbound firewall configuration is super easy as well for keeping certain users from using unsupported services such as bittorrent, just allow http/s with content filtering and you got a simple net nanny type setup.

Checkout Endian at http://www.endian.com/en/community/overview/