Creating a low-power machine

[Rob Perkins]

Hi,

I think unlike most modders I'm trying to do something relatively
contrarian.

I'd like to build a

-- low-power
-- fanless (heatsinks, prefer to avoid water cooling)
-- linux
-- two Ethernet ports, one for the cable modem, and one for the rest of
the net. That's right, it's a firewall/proxy machine.

....type machine. The form factor should be very small, and the cost
should likewise be very small, maybe just a couple hundred bucks for the
hardware.

I'd also like guidance on the best linux distro for this sort of thing.

On that machine, I want to install linux, and on top of linux, a
GPL/Open Source proxy and firewall software which I can deposit a decent
and long list of internet websites.

The purpose of the machine is to serve as a ad/porn/hate site filter for
my kids, aged 1 through 10. I want Open Source so that I can modify the
code if I want to, and so that I'm not beholden to some subscription
entity for thier interpretation of what I ought to be blocking.

Any ideas?

Rob (replies to newsgroup only please)

 

[Vilmos Soti]

Hi,

I think unlike most modders I'm trying to do something relatively
contrarian.

I'd like to build a

-- low-power
-- fanless (heatsinks, prefer to avoid water cooling)
-- linux
-- two Ethernet ports, one for the cable modem, and one for the rest
of the net. That's right, it's a firewall/proxy machine.

Take a look at http://www.soekris.com site.

Vilmos

 

[Mike T.]

Hi,

I think unlike most modders I'm trying to do something relatively
contrarian.

I'd like to build a

-- low-power
-- fanless (heatsinks, prefer to avoid water cooling)
-- linux
-- two Ethernet ports, one for the cable modem, and one for the rest of
the net. That's right, it's a firewall/proxy machine.

...type machine. The form factor should be very small, and the cost should
likewise be very small, maybe just a couple hundred bucks for the
hardware.

I'd also like guidance on the best linux distro for this sort of thing.

On that machine, I want to install linux, and on top of linux, a GPL/Open
Source proxy and firewall software which I can deposit a decent and long
list of internet websites.

The purpose of the machine is to serve as a ad/porn/hate site filter for
my kids, aged 1 through 10. I want Open Source so that I can modify the
code if I want to, and so that I'm not beholden to some subscription
entity for thier interpretation of what I ought to be blocking.

Any ideas?

Rob (replies to newsgroup only please)

Well, what you plan to do is possible. It is also a wasted effort. Any
10-year-old could defeat it in about 30 seconds or less. You hook up cable
modem directly to computer (bypass linux box with ethernet cable). Then
fire up Internet Explorer, it detects the new proxy settings, and you are
done. But I wouldn't have to tell a 10-year-old how to do that, they
already know.

But if you insist on trying it, look into the mini-itx form factors with a
VIA processor. Should work OK with any distro of linux (try mandriva), can
be passively cooled, won't take up much space or power, etc. -Dave

 

[Arno Wagner]

Hi,

I think unlike most modders I'm trying to do something relatively
contrarian.

I'd like to build a

-- low-power
-- fanless (heatsinks, prefer to avoid water cooling)
-- linux
-- two Ethernet ports, one for the cable modem, and one for the rest of
the net. That's right, it's a firewall/proxy machine.

...type machine. The form factor should be very small, and the cost
should likewise be very small, maybe just a couple hundred bucks for the
hardware.

I'd also like guidance on the best linux distro for this sort of thing.

On that machine, I want to install linux, and on top of linux, a
GPL/Open Source proxy and firewall software which I can deposit a decent
and long list of internet websites.

The purpose of the machine is to serve as a ad/porn/hate site filter for
my kids, aged 1 through 10. I want Open Source so that I can modify the
code if I want to, and so that I'm not beholden to some subscription
entity for thier interpretation of what I ought to be blocking.

Any ideas?

I have something similar running for several years now. It is
a VIA mini-ITX board with a 800Mhz Via C3. Not fanless, you
have to go down to 600MHz for that. Still quite fast enough
for what you want.

For the second network card, I used the single PCI slot.
There are also mini-ITX boards with two network interfaces.

As for other cooling, I have a fan in the case, but I also
use a 3.5" disk. With a 4200/5400 rpm notebook HDD you should
be fine in a metal case without cooling.

As distro I use Debian stable, with automatic updates
every few days. No problems, except for the one time
when PAM was changed and I had errors in /etc/shadow.

Arno

 

[gfretwell]

Hi,

I think unlike most modders I'm trying to do something relatively
contrarian.

I'd like to build a

-- low-power
-- fanless (heatsinks, prefer to avoid water cooling)
-- linux
-- two Ethernet ports, one for the cable modem, and one for the rest of
the net. That's right, it's a firewall/proxy machine.

Sounds like a place for an old laptop. Turn off the display for bigger
savings. They have power management that will run the CPU at low power
and cycle down the drive.
I am using an old laptop as a file/print/FAX/firewall server. The
battery is pretty much toast but it will act as a short term UPS

 

[Lew Pitcher]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

I think unlike most modders I'm trying to do something relatively
contrarian.

I'd like to build a

-- low-power
-- fanless (heatsinks, prefer to avoid water cooling)
-- linux
-- two Ethernet ports, one for the cable modem, and one for the rest of
the net. That's right, it's a firewall/proxy machine.

...type machine. The form factor should be very small, and the cost
should likewise be very small, maybe just a couple hundred bucks for the
hardware.
http://www.gumstix.com/

I'd also like guidance on the best linux distro for this sort of thing.

see the gumstix site. They supply a customized distro


- --

Lew Pitcher, IT Specialist, Corporate Technology Solutions,
Enterprise Technology Solutions, TD Bank Financial Group

(Opinions expressed here are my own, not my employer's)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFEahkBagVFX4UWr64RAjG1AKC6j9LqTnX3HhcXrM8O/KT3S9NCpgCgzlsD
p8c2CVKMQ71IDSN2PJ5zUsM=
=Mb4s
-----END PGP SIGNATURE-----

 

[Bob Eager]

I think unlike most modders I'm trying to do something relatively
contrarian.

I'd like to build a

-- low-power
-- fanless (heatsinks, prefer to avoid water cooling)
-- linux
-- two Ethernet ports, one for the cable modem, and one for the rest of
the net. That's right, it's a firewall/proxy machine.

http://www.pcengines.ch

Don't know about Linux support, but it certainly runs FreeBSD OK. And
who wants to run an an upstart wannabe UNIX like Linux anyway?

 

[Rob Perkins]

I have something similar running for several years now. It is
a VIA mini-ITX board with a 800Mhz Via C3. Not fanless, you
have to go down to 600MHz for that. Still quite fast enough
for what you want.

Thanks, Arno, I think that's precisely what I'm going for.

Do you know of good firewall softwares which can sit on debian stable,
or the linux which comes with the VIA board, and one of those master
seed lists I've seen around, for white/blacklisting etc?

Rob

 

[Rob Perkins]

Well, what you plan to do is possible. It is also a wasted effort. Any
10-year-old could defeat it in about 30 seconds or less. You hook up cable
modem directly to computer (bypass linux box with ethernet cable). Then
fire up Internet Explorer, it detects the new proxy settings, and you are
done. But I wouldn't have to tell a 10-year-old how to do that, they
already know.

Mine doesn't. I've quizzed her on it, obliquely. (Her talents run in
other directions, and she doesn't have an interest in hate or porn.) And
my wife wants it in the house. That's pretty much the end of the
question; we're trying to prevent predatory popups and spam with it. A
low power linux distro seems appropriate as *part* of the strategy.

Thanks for the recommendation on hardware.

Rob

 

[General Schvantzkoph]

Thanks, Arno, I think that's precisely what I'm going for.

Do you know of good firewall softwares which can sit on debian stable, or
the linux which comes with the VIA board, and one of those master seed
lists I've seen around, for white/blacklisting etc?

Rob

Don't know anything about Debian but Fedora Core 5 installs a firewall as
part of the standard install. That's the norm for all of the complete
distros like FC, Mandriva, SUSE. If you want to use a Debian based distro
you might want to use Ubuntu. They do a better job of keeping Ubuntu up to
date and it's probably a little more user friendly then straight Debian.

As long as you are installing Linux on a server you should also consider
putting it on your daughters machine so you can have the piece of mind of
knowing that if a virus does slip though your filtering server it won't do
any harm. OpenOffice, Evolution, Firefox, Mplayer and GAIM should give her
everything she needs, with the exception of games, and you won't have to
waste your time cleaning viruses off of her machine.

 

[Unruh]

Hi,

I think unlike most modders I'm trying to do something relatively
contrarian.

I'd like to build a

-- low-power
-- fanless (heatsinks, prefer to avoid water cooling)
-- linux
-- two Ethernet ports, one for the cable modem, and one for the rest of
the net. That's right, it's a firewall/proxy machine.

Panasonic Toughbook laptops have no fans, are low power ( last up to 7
hours on a 5AHr battery-- ie they use just a few milliwatts of power) have one ethernet and one wireless network connection--
so just put your rest of the network on the wireless ( or put your cable
modem into a wireless router)

Acually I suspect if you took off the cover, no laptop would need a fan.
Convective cooling would be fine.

...type machine. The form factor should be very small, and the cost
should likewise be very small, maybe just a couple hundred bucks for the
hardware.

Ah, now you have trouble. The low power chips (Centrino, etc) are
expensive. The low power glue chips are also expensive. But then again old
laptops can probably be had for onle a couple of hundred bucks, and as I
say, remove the cover so they can convectively cook, and you should be
fine.

I'd also like guidance on the best linux distro for this sort of thing.

On that machine, I want to install linux, and on top of linux, a
GPL/Open Source proxy and firewall software which I can deposit a decent
and long list of internet websites.

laptops will run whatever Linux you want. I have Mandriva 2006 on a 40GB
hard drive.

The purpose of the machine is to serve as a ad/porn/hate site filter for
my kids, aged 1 through 10. I want Open Source so that I can modify the
code if I want to, and so that I'm not beholden to some subscription
entity for thier interpretation of what I ought to be blocking.

Any ideas?

You have my idea.

 

[Unruh]

Mine doesn't. I've quizzed her on it, obliquely. (Her talents run in
other directions, and she doesn't have an interest in hate or porn.) And
my wife wants it in the house. That's pretty much the end of the
question; we're trying to prevent predatory popups and spam with it. A
low power linux distro seems appropriate as *part* of the strategy.

Thanks for the recommendation on hardware.

I guess you could get a closet and lock the system with the ADSL modem/port
in there. If you have wireless then there are not even any lines except the
phone line/cable line running into there.

 

[Rob Perkins]

I guess you could get a closet and lock the system with the ADSL modem/port
in there. If you have wireless then there are not even any lines except the
phone line/cable line running into there.

Unruh, you just described the setup for all the kids' computers in my
home, with the addition that all the computers are in common areas, and
not the bedrooms.

Rob

 

[Rob Perkins]

Ah, now you have trouble. The low power chips (Centrino, etc) are
expensive. The low power glue chips are also expensive. But then again old
laptops can probably be had for onle a couple of hundred bucks, and as I
say, remove the cover so they can convectively cook, and you should be
fine.

Yeah, I noticed that. I take your point about old laptops, but I kind of
also wanted this to be a building project. A couple of my kids like
watching me put PC's together.

Rob

 

[CBFalconer]

I think unlike most modders I'm trying to do something relatively
contrarian.

I'd like to build a

-- low-power
-- fanless (heatsinks, prefer to avoid water cooling)
-- linux
-- two Ethernet ports, one for the cable modem, and one for the
rest of the net. That's right, it's a firewall/proxy machine.

...type machine. The form factor should be very small, and the
cost should likewise be very small, maybe just a couple hundred
bucks for the hardware.

I'd also like guidance on the best linux distro for this sort of
thing.

On that machine, I want to install linux, and on top of linux, a
GPL/Open Source proxy and firewall software which I can deposit
a decent and long list of internet websites.

The purpose of the machine is to serve as a ad/porn/hate site
filter for my kids, aged 1 through 10. I want Open Source so
that I can modify the code if I want to, and so that I'm not
beholden to some subscription entity for thier interpretation
of what I ought to be blocking.

Find an old '486 machine. I have one here that has no cpu fans,
just a heatsink. The whole thing draws about 30 to 40 watts when
the CRT is shutdown and the disks have spun down. It has 64 Meg of
memory. You can probably find the equivalent for free somewhere.
You may need to mount a modern disk (but older, slower ones eat
less power). You need no GUI nonsense, nor any rodentia, so an 80
Mhz '486 should be more than adequate. You probably need a
reasonably modern CD-ROM on the IDE bus to load it. Don't forget
an emergency boot floppy - you won't boot anything from CDs there.

--
"If you want to post a followup via groups.google.com, don't use
the broken "Reply" link at the bottom of the article. Click on
"show options" at the top of the article, then click on the
"Reply" at the bottom of the article headers." - Keith Thompson
More details at: <http://cfaj.freeshell.org/google/>
Also see <http://www.safalra.com/special/googlegroupsreply/>

 

[Captain Dondo]

Mine doesn't. I've quizzed her on it, obliquely. (Her talents run in
other directions, and she doesn't have an interest in hate or porn.) And
my wife wants it in the house. That's pretty much the end of the
question; we're trying to prevent predatory popups and spam with it. A
low power linux distro seems appropriate as *part* of the strategy.

Thanks for the recommendation on hardware.

Rob

visit OpenWrt.org; get a linksys WRTSL54GS, for about $100, and there is
your firewall, filter, wifi, all in one...

--Yan

 

[linnix]

Find an old '486 machine. I have one here that has no cpu fans,
just a heatsink.

We use Pentium 100s, since it is difficult to find 100M ethernet for
486/ISA.

The whole thing draws about 30 to 40 watts when

You can get it down by using flash drives. We estimate it to be
around 20 Watts, with motherboard and flash drives only.

the CRT is shutdown and the disks have spun down.

Make sure you don't touch the hard disks after booting; otherwise, it
will take off (sound like a jet) every few minuties.

It has 64 Meg of
memory. You can probably find the equivalent for free somewhere.
You may need to mount a modern disk (but older, slower ones eat
less power).

Flash drives need less than 1 Watt to run.

You need no GUI nonsense, nor any rodentia, so an 80
Mhz '486 should be more than adequate. You probably need a
reasonably modern CD-ROM on the IDE bus to load it. Don't forget
an emergency boot floppy - you won't boot anything from CDs there.

We usually set up a primary master drive (hda) and second master drive
(hdc) to fix each other. They almost never crash without reason
(operator error).

We can run a firewall with as little as 8M, but won't bother with less
than 32M these days.

See http://cfd.linnix.com

 

[John Doe]

The purpose of the machine is to serve as a ad/porn/hate site
filter for my kids, aged 1 through 10. I want Open Source so that
I can modify the code if I want to, and so that I'm not beholden
to some subscription entity for thier interpretation of what I
ought to be blocking.

If OEMs were allowed to modify Windows, to weld whatever they wanted
into the operating system instead of having to accept whatever
Microsoft's wants welded into the operating system, personal
computers geared for children might be one of the best results. Good
luck.

 

[johns]

Why don't you just do an "allow list" to bypass a dummy
proxy in IE ? Just put it on your daughters login. That list
is good for about 75 URLs, and if she is wanting to explore
on a subject, she can do it in your presence, and if you
approve of a site that she wants to add to the list, then
add it. The list will allow wild cards like *.edu since the
scumbags are mostly *.com. I keep a few text files
that are copies of the list, and then I can open the browser
and cut and paste in the updated list. It costs nothing,
and works perfectly. She ain't going nowhere that is not
on that list.
Here it is:
In IE ... Tools, Internet Options, Connections, lan settings ..
Check .... Use a Proxy ..... then Advanced
Check .. at top type in Dummy Proxy
Check .. use for all
Then see the box where you can add in the URLs
separated by ";" . Note, you can use partial URLs like
domain.com; another domain.com ...... or you can use
the entire URL ... it is a big string, so the size is limited.
Then, when you get a site she likes, also add it to her
Favorites, so she doesn't have to remember the URLs.

johns

 

[Vilmos Soti]

You might also want to take a look at OpenBSD.

Make sure you don't touch the hard disks after booting; otherwise, it
will take off (sound like a jet) every few minuties.

Or even easier, if you cut down seriously the root partition,
you can load the whole / into RAM and run it from there. Unmount
the disks then spun them down. But you need to ensure that changes
to config files are saved somewhere else.

However, for this you need a good amount of memory.
(at work I am playing with this, but the machines have half a GB memory,
but they also run X).

Agree. My firewall is a 486 running OpenBSD, and it is working
flawlessly.

Vilmos