Home Firewall Rig - what network cards to use?

Jdonalds

Honorable
Jan 9, 2014
17
0
10,510
Hi there, I'm looking to build a home firewall. I'm building it using a cheap CPU and MOBO, 4GB of ram and a small HDD. I want to use it as a wireless access point. I plan on capturing all traffic.

Will any old wireless network card do? Is there an advantage to buying a $30 vs a $120 one?

Also is what's the difference between a $12 wired gigabit network card and a $150?

Any other suggestions or comments are welcomed. :)
 
Solution
You are almost better off buy a AP and connecting it to your machine. You would need 2 adapters to get dual band. A dual band router used as a AP will likely cost you less than 2 wireless cards. The antenna spacing also tends to be much better on a AP than on a nic card which means mimo works better.

Now if you goal is to capture wireless traffic you are going to have to look though the support list of chipsets to find which you can put in promiscuous mode. It tends to be very hard to capture wireless traffic with things like mimo and narrow and wide bands all mixed around. If the radio chip does not get all parts of the signal it will just give you nothing.

Capture in general if all you do is take the data and write it to disk...

cirdecus

Distinguished
I would buy the basic gigabit card. There are more expensive cards meant for different purposes like gaming, jumbo frames, etc that you won't need.

That being said, if you could mention the application you are using this for that would help. If you just want a fun project, I'd pick up an old 386 which would be more than enough for an open source firewall and even OpenVPN.
 

USAFRet

Titan
Moderator
Also is what's the difference between a $12 wired gigabit network card and a $150?

For a home firewall box, exactly nothing.
Data in, data out.

I have such a box. A $50 10 year old Compaq of craigslist provenance. Currently running untangle, but may change to pfsense in the near future.
This does NOT have to be an expensive box.

It sits over there in the corner and does its thing.
 

Jdonalds

Honorable
Jan 9, 2014
17
0
10,510


I'm probably going to be using CentOS as the distro. I'm looking to expand my knowledge and not interested in using a out of the box distro like DD-WRT.

Firstly I want to capture all traffic, secondly I want to have full control over port forwarding and lastly I want to run a VPN out of my house.

I'm assuming all of this is minimal workload on CPU and RAM and will mostly rely on the networking cards on storage (for the captured packets). Correct me if I'm wrong.
 

Jdonalds

Honorable
Jan 9, 2014
17
0
10,510


Quick question... when buying a wireless card, should I be looking for something, as I'm going to be using it for up to 10 connections simultaneously?

 
You are almost better off buy a AP and connecting it to your machine. You would need 2 adapters to get dual band. A dual band router used as a AP will likely cost you less than 2 wireless cards. The antenna spacing also tends to be much better on a AP than on a nic card which means mimo works better.

Now if you goal is to capture wireless traffic you are going to have to look though the support list of chipsets to find which you can put in promiscuous mode. It tends to be very hard to capture wireless traffic with things like mimo and narrow and wide bands all mixed around. If the radio chip does not get all parts of the signal it will just give you nothing.

Capture in general if all you do is take the data and write it to disk take very little cpu or memory. You start trying to do advanced filtering on the data as you capture it and it can greatly increase you cpu load. Processing the capture files after the fact if they are large also tends to use lots of cpu and memory.
 
Solution