Gentoo Archives: gentoo-user

From: Pandu Poluan <pandu@××××××.info>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] [OT router advice] a router capable of detailed logs
Date: Tue, 19 Apr 2011 10:19:05
Message-Id: BANLkTimDrgy53rjyr9uHaDX2CnJzA=TYWw@mail.gmail.com
In Reply to: [gentoo-user] [OT router advice] a router capable of detailed logs by Harry Putnam
1 On Tue, Apr 19, 2011 at 10:31, Harry Putnam <reader@×××××××.com> wrote:
2 > This is way OT, but this list is such a great resource I suspect the
3 > advice gotten here will be more to the point. ( I have posted to a
4 > network hardware group as well)
5 >
6 > I've bumped my home lan router to a gigabit from the old 10/100
7 > (NETGEAR FVS318).
8 >
9 > I made the move for the gigabit lan ports mainly.  That is, I was
10 > happy with other aspects of the old router.  I ended up with a cisco
11 > RVS4000 v2.
12 >
13 > The cisco solved the gigabit problem with 4 lan ports and even a
14 > gigabit on the Internet port... (which is probably not really doing
15 > any thing on a cable connection).  And it wasn't hideously
16 > expensive ($112.91).
17 >
18 > I could have solved the problem with gigabit switches behind the
19 > router for lan usage, just as well, and may go to that yet, and move
20 > back to the old NETGEAR router.  But somehow I expected the cisco to
21 > be something that was `excitingly' new and fun to play with.
22 >
23 > I'm disappointed in the cisco so far as logging is concerned.
24 >
25 > The logs give only bare information like this:
26 >
27 > Mar 10 10:24:21  - [Firewall Log-PORT SCAN] TCP Packet - 60.173.11.56 --> 98.217.231.32
28 > Mar 10 10:24:21  - [Firewall Log-PORT SCAN] TCP Packet - 60.173.11.56 --> 98.217.231.32
29 > [...]
30 >
31 > No mention of which port is involved.  Not only on port scans but
32 > ports are never reported.  And of course if you wanted to pursue any
33 > of it by way of google, you'd need the port number.
34 >
35 > The Old Netgear sent logs like this (wrapped for mail):
36 >
37 >  Sat, 2007-07-28 12:00:11 - TCP packet - Source: 161.170.244.20 -
38 >  Destination: 70.131.83.195 - [Invalid sequence number received with
39 >   Reset, dropping packet Src 443 Dst 1385 from WAN]
40 >
41 > -------        ---------       ---=---       ---------      --------
42 >
43 > I went for the cisco instead of a newer `gigabit' NETGEAR after seeing
44 > several bad reviews about them.  And I just assumed the cisco would
45 > have as good or better other features.
46 >
47 > Another little problem is that the Cicso had reached its end of life
48 > and was reported as such by cisco, well before I bought it.  But of
49 > course, retailers (not cisco) don't bother to give that kind of info,
50 > but the result is that a kind of blackball list that was part of the
51 > deal is no longer kept up to date.
52 >
53 > So, cutting to the chase; can anyone recommend from actual use, a home
54 > lan router that has gigabit lan ports and very configurable/
55 > informative logging options?
56 >
57 > ps - I'm not interested in running an old linux or openbsd, machine as
58 > router.  Having a silent cool router the size and weight of a medium
59 > book is too appealing.
60 >
61
62 Have you checked out Mikrotik's RB750G? 5 GbE ports:
63
64 http://routerboard.com/pricelist/download_file.php?file_id=256
65
66 Mikrotik OS is Linux-based, the firewall is Netfilter-based, and it's
67 Lua-scriptable.
68
69 Rgds,
70 --
71 Pandu E Poluan
72 ~ IT Optimizer ~
73 Visit my Blog: http://pepoluan.posterous.com