To make this project fit for purpose, packets need to be able to travel between the various interfaces and out to the internet. For IPv4 this means a NAT setup. Internal hosts will be given a public IPv6 address, if I can get a delegation from my ISP. As this system (and internal hosts) will be live on the internet, some kind of firewall would be prudent. Choosing a Firewall The firewall used...
Archives
Several tasks need to be accomplished in order to get the router booting. These are: Partition the destination device. Mount the appropriate file systems and extract the rootfs tarball. Set the admin user password and ssh authorized key(s). Install the bootloader to the device. Unmount everything and clean up. We'll use a script to help out with these tasks, and as it's specific to the NG300 hardware, the script will live in board/kerio_ng300/scripts/ng300_deploy.sh. #!/bin/bash set -e # Die if...
There's a few options available to create a root filesystem and a kernel for the NG300 router. I could choose to use the existing setup and hope it has everything I need, which is probably unlikely. Also, I would not be able to upgrade or apply any security updates, so this option is out. As the NG300 is essentially a standard PC, I could choose to install a Linux distribution such as Arch Linux...
A while back I found a Kerio NG300 network appliance on the 'Free Stuff' shelf at my local maker space. It appears that someone was doing a hardware refresh as various other network appliances, firewalls, and servers appeared there over several weeks. I grabbed the NG300 as I was looking to move on from the simple Linux NAT gateway I was running in a VM at home. It appeared perfect for the job as it...