www.zeroshell.org Forum Index www.zeroshell.org
Linux Distribution for server and embedded devices
 
 SearchSearch  RegisterRegister  UsergroupsUsergroups 
 ProfileProfile  Log inLog in  Log in to check your private messagesPrivate Message 

High Performance Firewall, QoS and NAT Router

 
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> ZeroShell
View previous topic :: View next topic  
Author Message
fulvio
Site Admin


Joined: 01 Nov 2006
Posts: 1070

PostPosted: Mon Feb 24, 2014 10:49 pm    Post subject: High Performance Firewall, QoS and NAT Router Reply with quote

Hi,
a new package is available as New Feature for Zeroshell 3.0.0.

This package includes special tunings for Connection Tracking module that allow Zeroshell to perform better processes such as:

- Stateful Firewalling
- Traffic Shaping
- Routing with NAT enabled

You should install this package in any case, but especially if:

- You want to take advantage of the installed RAM to speed up the connection tracking.
- On the LAN there are VoIP applications that use SIP or H323 protocols. In fact, these protocols require to be tracked to be correctly forwarded in the case the NAT is active.
- You notice a high load average of the system when the Firewall is processing a large number of TCP/UDP connections. This could be due to DDoS attacks or the presence of P2P traffic.

Regards
Fulvio


Last edited by fulvio on Sun May 11, 2014 1:22 pm; edited 1 time in total
Back to top
View user's profile Send private message Send e-mail
DrmCa



Joined: 12 Apr 2011
Posts: 207

PostPosted: Tue Feb 25, 2014 6:43 pm    Post subject: Reply with quote

I am using ZS since 1b14 with Linksys PAP2T ATA (SIP adapter) and in all these years I never needed to set up NAT for the ATA. It simply works fine without any settings on ZS side, don't know why.

Also, there is a lot of P2P traffic on the net and the machine ZS runs on is very low on CPU utilization (it's P4 2.2 GHz with 512 MB RAM).
Back to top
View user's profile Send private message
fulvio
Site Admin


Joined: 01 Nov 2006
Posts: 1070

PostPosted: Tue Feb 25, 2014 6:48 pm    Post subject: Reply with quote

The connection tracking for VoIP connections is automatically performed so you do not have to take any action.
Regards
Fulvio
Back to top
View user's profile Send private message Send e-mail
Display posts from previous:   
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> ZeroShell All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group