So, I'm planning on setting up this (http://www.instructables.com/id/Raspberry-Pi-Firewall-and-Intrusion-Detection-Syst/) and I have a question concerning VPNs. Do I connect the proxy from a machine (a laptop for instance) behind the firewall or from the Raspberry Pi running the firewall as to filter all outgoing and incoming traffic through the Raspberry Pi?
don't use Pi for security stuff, it has a backdoor on it. (hint: it's made in the uk and approved by gchq)
>>57877483
That's a fucking shame, Snooper's Charter was the reason I was thinking about actually ramping up my security and anonymity for once.
Any recommendations for an alternative?
it's a 10/100 nic on USB2, so realistically about 30mbps top. And that's assuming it'll be able to wirespeed that.
Bad idea man.
>>57877530
Any recommendations to keep it cheap?
>>57877506
you need to use something old like pic or stamp. most of the stuff made in 2005+ is filled with backdoors.
grab on old PC (max 5 years) and install pfSense
Make sure you grab the Snort, squid, and pfBlockerNG packages.
Way better system than a Pi.
>>57877555
>>57877567
Thank you, I'll look into it now. Those sneaky nation states, ruining as much tech as possible for their buddies.
>>57877567
yeah this is a good idea, get an old laptop or desktop instead. I'm also planning to purchase a few laptops for messing around with tails+tor.
I suggest buying more than one because they might break on you quickly if they're very used.
It's also a good idea to get a desktop with a floppy drive, they don't make em anymore.
>>57877608
I'll just boot DOS and enjoy my ASCII.
>>57877608
if you get a laptop, grab an expresscard riser and a nic, or get a cheap managed switch to handle VLANS for wan and internal interfaces
>>57877567
i'm doing this
except it's running arch linux
and i'm fucking paranoid that a linux box is facing the open internet just haven't bothered to set up pfsense--too limited.
Bump to keep this interesting discussion alive.
http://www.pcengines.ch/
>>57878355
You God send, thank you!
>>57877483
Don't worry about it. The state doesn't actually give a fuck about the furry porn you watch.
>>57878468
Not why I need it, don't you know what the British government are doing to our rights in the United Kingdom, anon?
>>57877438
For deep packet inspection you need pretty fast hardware. I can imagine raspberry pi is not powerful enough and will slow your speeds and pings
>>57878520
So go more with >>57878355's suggestion, anon?
>>57877698
Why are you worried about linux on the internet?
Just set up a firewall and disable ssh or use fail2ban.
>>57877438
Mein Hund hat keine Nase, wie riecht er?