Introduction: DIY Network Firewall From Legacy Parts.
Your router/firewall died and all the stores are closed. What do you do? What do you do? Time to go to the old parts bin and resurrect some parts. One unique idea about this set up is that instead of using an old fashioned hard drive, we well be using a compact flash card as the drive. For three reasons we do this. First is to cut down on the noise. A quiet pc is an ignored pc. Secondly, we want to cut down on the heat in the machine. Cooler parts should last longer. And the lastly, to reduce the electricity consumption till you can get a replacement unit if you decide to get one.
Teachers! Did you use this instructable in your classroom?
Add a Teacher Note to share how you incorporated it into your lesson.
Step 1: A Little Prep.
What we want to do is isolate our home network from the internet. The router we are building provides that protection. But there are several ways we can connect. The simplest has two parts one cable (known as the red network) goes to the internet and a second cable (known as the green network) goes to your home network. pfsense profides all the software to allow this to happen. You could also have two additional networks. one for wifi (the blue network) so it can be independent of your wired network and then one for the orange (DMZ or demilitarized zone) network for devices acting as servers that need direct access to the internet. for our purposes, we will just set up the red and the green network.
Step 2: What's Needed.
For your basic router you will need at least two network interface cards (aka nics) , a computer (an old pentium 1 at least 100 mhz/128mb ram with at least two pci slots. An old hard drive with at least two gigabytes or a compact flash card with ide interface. Possibly a switch for connecting multiple computers to the router. If you are only connecting to one computer then you will not need a switch. Lastly you will need the pfSense router software. You could probably go to a neighbor's house and quickly download the firmware to a cd. (http://www.pfsense.org/index.php?option=com_content&task=view&id=43&Itemid=44).
There are several versions, but I chose the 2 gigabyte version to fit on the compact flash card.
Hint: before installing the network cards be sure and write down the mac addesses (xx.xx.xx.xx.xx.xx) of the cards and the order they are in where they are plugged into the computer.
Step 3: Installing the Software.
Take the image you downloaded earlier and ungzip or that is extract the file. On linux you should be able to open a file browser then double click on the file so you can easily extract it.
Once the image file is extracted, you want to copy it to the compact flash. (Warning: the compact flash will be completely overwritten. Backup any files first.)
Copy the image to the compact flash card Be sure that the outfile (of) is the proper partition (use
$ sudo fdisk -l
) to be sure.
$ sudo dd if=pfSense-2.0.1-RELEASE-2g-i386-nanobsd_vga.img of=/dev/sdb
A nice utility to have is pv, you you can mark the progress of the image being copied to the compact flash card.
$ sudo apt-get install pv.
Then the command bedomes:
$ sudo dd if=pfSense-2.0.1-RELEASE-2g-i386-nanobsd_vga.img | pv | dd of=/dev/sdb
The compact flash is now ready for use and can be placed in the ide to compact flash interface.
Step 4: First Boot.
Time to flange everything down and boot the router. You should eventually get a menu. You should be able to boot default. You can ignore setting up vlans for now. That can be done later in the web interface. You will be asked to autodetect the the wan (internet) interface. Then you will want to set up the lan network and be sure to enable dhcp..Once that is done, shutdown and reboot. You are pretty much done.
Note: Some times pfsense can be finicky till all the settings are installed.
Step 5: The Web Interface.
Once everything is set up for the text environment, you should be able to reach the router via a web interface.
From there you can add or change any of the setup. Now you can take your time about replacing your router.
Internet again. Whoooppeee!!!!