wiki:WikiStart

Version 12 (modified by huub, 15 years ago) ( diff )

--

Welcome to the Proxy Factory project

Objective

The aim of this project is to build a 'factory' based on Nanobsd to generate proxy images, similar to the 'nodefactory' that is used for generating node-images. We will try to incorporate the results of the Hogeschool Leiden project 'generic proxy'.

Functionality

  • proxy server for internet access from wleiden.net (no access to local subnet if present), e.g. tinyproxy
  • name server for wleiden.net, e.g. nsd
  • ntpd server for wleiden.net
  • sshd server for administrative use
  • snmpd server for monitoring

Approach

We will use the NodeFactory as the basis for this project, based on nanobsd, but build on FreeBSD-8.0. Tinyproxy, ntpd, sshd, snmpd are already included in the packagelist.

  • rebuilding the nodefactory on the basis of FreeBSD-8.0 No surprises here. We do not need the patches to the driver modules, only usbdevs.patch is still required.
  • kernel configuration needs some adjustments for 8.0.

Previous (and other ongoing) work

Basic work on configuration of a proxy-PC has been done by Dennis, see http://svn.wirelessleiden.nl/svn/projects/proxy/.

There is also a howto-description for building proxy-images on the basis of the (outdated) FreeBSD6.0 configuration: http://svn.wirelessleiden.nl/svn/projects/proxy/proxy_op_soekris.txt.

Recently Richard has provided some notes on building a proxy for a Soekris-compact flash card: http://svn.wirelessleiden.nl/svn/projects/proxy/2.0/

Generic Proxy project

The goal of the parallel Generic Proxy Project is the development and implementation of a (prototype) device that provides internet proxy functionality to a (community) (wireless) network, supplementary equipped with a simple user (web) interface and management features for the network operator. The device should be a self contained and embedded board. If there are a limited number of gateways to the public internet, the bandwidth to the internet is proportionally limited and randomly distributed. Balancing the load over the available bandwidth will decrease congestion on the relatively small (wireless) backbone. The "Generic Proxy" appliance aims at resolving this issue in a flexible manner. Adding bandwidth and/or extra gateways to the network will become a manageable function of the network.

The project is an initiative of Hogeschool Leiden and is sponsored by Stichting NLnet. Project results and prototype equipment are donated to Stichting Wireless Leiden and all software developments are made available to the Open Source Community.

The project started in July 2009.

From the website we quote freely:

web interface

One of the features of the 'generic proxy' is a web interface for easy of administration.

The functionality present in the 'generic proxy' appliance overlaps with existing applications such as pfSense and m0n0wall. These are distributed under the BSD open-source license. The implementation of the Generic Proxy appliance is based upon these proven concepts and techniques. Upon looking through the back end code of pfsense and monowall it was concluded that using these directly or adding to these would harm maintainability of the code in the long run. Both pfsense and monowall, albeit being working solutions, have not structured their code such that it is easy to remove from, or add to, the base functionality.

With that in mind the decision has been made to merely use pfsense as a baseline on how to get specific tasks done, while attempting to set up a structured and easily maintained version. This is not intended to be a fork or competitor to pfsense or monowall, as only a subset of their features is implemented. But we do strive to set up the system so that the code can be re-used easily.

For present status see the project website and FunctionalRequirements and WebInterface pages.

About Trac

For a complete list of local wiki pages, see TitleIndex.

Note: See TracWiki for help on using the wiki.