From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1QC2A4-0008MB-DW for garchives@archives.gentoo.org; Tue, 19 Apr 2011 04:03:36 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 0C2BE1C0FF for ; Tue, 19 Apr 2011 04:03:35 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 009DF1C017 for ; Tue, 19 Apr 2011 03:32:05 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp.gentoo.org (Postfix) with ESMTP id 864091B4040 for ; Tue, 19 Apr 2011 03:32:05 +0000 (UTC) X-Virus-Scanned: by amavisd-new using ClamAV at gentoo.org X-Spam-Score: -3.299 X-Spam-Level: X-Spam-Status: No, score=-3.299 required=5.5 tests=[AWL=-0.700, BAYES_00=-2.599] Received: from smtp.gentoo.org ([127.0.0.1]) by localhost (smtp.gentoo.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b0iiw9f378qQ for ; Tue, 19 Apr 2011 03:31:58 +0000 (UTC) Received: from lo.gmane.org (lo.gmane.org [80.91.229.12]) by smtp.gentoo.org (Postfix) with ESMTP id C84DB1B4038 for ; Tue, 19 Apr 2011 03:31:57 +0000 (UTC) Received: from list by lo.gmane.org with local (Exim 4.69) (envelope-from ) id 1QC1fP-00082B-UV for gentoo-user@gentoo.org; Tue, 19 Apr 2011 05:31:55 +0200 Received: from c-98-215-231-30.hsd1.in.comcast.net ([98.215.231.30]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 19 Apr 2011 05:31:55 +0200 Received: from reader by c-98-215-231-30.hsd1.in.comcast.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 19 Apr 2011 05:31:55 +0200 X-Injected-Via-Gmane: http://gmane.org/ To: gentoo-user@lists.gentoo.org From: Harry Putnam Subject: [gentoo-user] [OT router advice] a router capable of detailed logs Date: Mon, 18 Apr 2011 22:31:38 -0500 Organization: Still searching... Message-ID: <878vv69asl.fsf@newsguy.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 Content-Type: text/plain X-Complaints-To: usenet@dough.gmane.org X-Gmane-NNTP-Posting-Host: c-98-215-231-30.hsd1.in.comcast.net User-Agent: Gnus/5.110016 (No Gnus v0.16) Emacs/24.0.50 (gnu/linux) Cancel-Lock: sha1:spl87xaJLLkHCTQS8O7prq/HJ9A= X-Archives-Salt: X-Archives-Hash: 5da628c0f86985d0c681a5f5c51b7acc This is way OT, but this list is such a great resource I suspect the advice gotten here will be more to the point. ( I have posted to a network hardware group as well) I've bumped my home lan router to a gigabit from the old 10/100 (NETGEAR FVS318). I made the move for the gigabit lan ports mainly. That is, I was happy with other aspects of the old router. I ended up with a cisco RVS4000 v2. The cisco solved the gigabit problem with 4 lan ports and even a gigabit on the Internet port... (which is probably not really doing any thing on a cable connection). And it wasn't hideously expensive ($112.91). I could have solved the problem with gigabit switches behind the router for lan usage, just as well, and may go to that yet, and move back to the old NETGEAR router. But somehow I expected the cisco to be something that was `excitingly' new and fun to play with. I'm disappointed in the cisco so far as logging is concerned. The logs give only bare information like this: Mar 10 10:24:21 - [Firewall Log-PORT SCAN] TCP Packet - 60.173.11.56 --> 98.217.231.32 Mar 10 10:24:21 - [Firewall Log-PORT SCAN] TCP Packet - 60.173.11.56 --> 98.217.231.32 [...] No mention of which port is involved. Not only on port scans but ports are never reported. And of course if you wanted to pursue any of it by way of google, you'd need the port number. The Old Netgear sent logs like this (wrapped for mail): Sat, 2007-07-28 12:00:11 - TCP packet - Source: 161.170.244.20 - Destination: 70.131.83.195 - [Invalid sequence number received with Reset, dropping packet Src 443 Dst 1385 from WAN] ------- --------- ---=--- --------- -------- I went for the cisco instead of a newer `gigabit' NETGEAR after seeing several bad reviews about them. And I just assumed the cisco would have as good or better other features. Another little problem is that the Cicso had reached its end of life and was reported as such by cisco, well before I bought it. But of course, retailers (not cisco) don't bother to give that kind of info, but the result is that a kind of blackball list that was part of the deal is no longer kept up to date. So, cutting to the chase; can anyone recommend from actual use, a home lan router that has gigabit lan ports and very configurable/ informative logging options? ps - I'm not interested in running an old linux or openbsd, machine as router. Having a silent cool router the size and weight of a medium book is too appealing.