Slashdot Mirror

← Back to Stories (view on slashdot.org)

Embedded Linux VPN Router Near Release

Posted by simoniker on from the embed-this dept.

An anonymous reader writes "A new open source project aims to build a VPN router that supports all major routing protocols on a standardized hardware platform running embedded Linux. The "Linux Router Project - LR101" started in mid-2003 and plans a first release in January 2004. It is based on a dual-NIC VIA EPIA mainboard and a Travla case, along with Red Hat 8, zebra, FreeS/WAN, IP-tables, an other open source software, all compiled from source."

11 of 121 comments (clear)

  1. Re:Clarification needed. by wo1verin3 · · Score: 2, Informative

    It is based on a dual-NIC VIA EPIA mainboard and a Travla case, along with Red Hat 8, zebra, FreeS/WAN, IP-tables...

    Yes.

  2. RH8? by Jeffrey+Baker · · Score: 4, Informative
    Using a full blown RH 8 installations eems like an odd thing to do. Lots of people are using Soekris computers as routers, firewalls, access points, and VPNs, but they are generally run off stripped BSD or Linux installations with hardly any extraneous crap. Mine is running a very bare Debian installed into a 256MB compact flash.

    Soekris

  3. Re:Isn't it missing something? by bzzzt · · Score: 3, Informative

    According to the "tech details" page it's shipping with the Poptop pptp server...

  4. Not to be confused with... by ScottSpeaks! · · Score: 4, Informative

    ...the Linux Router Project, a floppy-based 386-compatible micro-distro which served as the basis for (among other things) Coyote Linux.

    1. Re:Not to be confused with... by fataugie · · Score: 3, Informative

      That's all well and good, but LRP was shutdown after Diesel Dave decided to call it quits. It was news on slashdot a few months ago (too lazy to link to it).

      LEAF is the successor (LEAF).

      --

      WTF? Over?

  5. Use a $80 wrt54g to do the same by Jim+Buzbee · · Score: 4, Informative

    Custom firmware for the wrt54g does/will do pretty much the same thing. Progress is very quick. See the forum here:

    sveasoft

  6. Re:Still No Shiva Support on Linux by TheCrazyFinn · · Score: 2, Informative

    It actually predates Shiva.

    It was developed by Infocrypt, which Shiva bought, and Shiva was in turn eaten by Intel.

    SST is legacy, as LANRovers have had IPSEC support since at least version 6.7.

    If your company doesn't use IPSec, it's probably going to get left behind when Intel finally dumps the old and crufty SST protocol.

    --
    "You've got an invalid haircut" -Warren Zevon - Life'll Kill Ya
  7. Re:Why not a WRV54G? by no+soup+for+you · · Score: 2, Informative

    WRV54G has max of 50 users. That might be a big deal for them, might not.

    --
    If you blog it...
  8. Re:Warning ! by Homology · · Score: 3, Informative
    If that's true, then it's illegal for a US citizen to contribute to the 2.6.0 kernel too, since that has crypto in it.

    Indeed, export of cryptographic technology from USA is hampered with strong restrictions. So many Open Source projects are quite careful to avoid breaking laws by having (much) development done outside USA, and also letting release builds be done outside US as well.

    For instance, OpenBSD has offered strong encryption for several years. The OpenBSD project is located in Canada, and a lot of development/release builds are done outside US. As Integrated Crypto shows :

    Hence the OpenBSD project has embedded cryptography into numerous places in the operating system. We require that the cryptographic software we use be freely available and with good licenses. We do not directly use cryptography with nasty patents. We also require that such software is from countries with useful export licenses because we do not wish to break the laws of any country. The cryptographic software components which we use currently were written in Argentina, Australia, Canada, Germany, Greece, Norway, and Sweden.

    When we create OpenBSD releases or snapshots we build our release binaries in free countries to assure that the sources and binaries we provide to users are free of tainting. In the past our release binary builds have been done in Canada, Sweden, and Germany.

  9. before using ipsec... by thanasakis · · Score: 2, Informative

    ..make sure that you have read this
    Discusses some serious considerations before deciding to use ipsec and ike. And since ipsec/ike is the only serious solution in many cases, these concerns should not be taken lightly. For example did you know that the ike implementation in 2000/XP simply checks the signer of the servers certificate and not the actual identity that is signed? This means that any other user with a certificate which is signed by the same authority as you can impersonate the server.

    The article is very lengthy, I know, but definitely worth your time.

  10. Re:"RealTek/NE2000 compatible NICs for the DMZ" by evil_one · · Score: 2, Informative

    The Realtek NE2000 compatable nic is NOT the same as the Realtek 8139. Typically the realtek ne2000 is an 8029. Very different chip.

    --
    Desperation is a stinky cologne