< All in the Family >

By Psynaps (All in the Family, Darkspear) 01-27-10

What it is:
This is a quick guide on how to transform an old computer into a high performance PfSense firewall/router. Here I will describe a specific scenario where your system will allow game traffic (or traffic of your choice) to take priority over all other network traffic, especially torrents. Additionally, torrent users on your network will be able to make hundreds to thousands MORE connections than your current consumer router is capable of. The typical hardware router (e.g. linksys, d-link, actiontec, etc) is slow (200mhz), can fail/choke under load, and often needs to be restarted after making only a few hundred simultaneous connections. Many routers will simply not support the large volume of connections that are common with proactive Internet activity due to their memory and processor limitations. In this post I will show you how these limitations can be easily overcome such that you, and all your network users, can use a broadband Internet connection to it's full potential while pwning wicked face on-line.

Who it's for:
- Gamers: Reduce latency and improve gaming performance, even while downloading large files and torrents.
- Shared housing occupants (e.g. dorm rooms, roommates of any kind): Optimize your network so that games or VoIP gets priority while everyone is still able to use the internet and enjoy the significant performance improvements provided by a PfSense firewall. Are your roommates downloading torrents (or some form of morally questionable material ) and hogging all the bandwidth while you are trying to raid? Problem solved.
- Family: Control which computers are most important on the network with QoS; and protect your family from malicious intrusion and denial of service (with snort add-on).
- Individuals on a budget: The software is open-source and FREE (thanks Scott Ullrich, Chris Buechler, and PfSense team). You will see what makes these guys awesome when you download the software.

What you can do:
You can set the priority of your internet traffic using Quality of Service (QoS). Here is a simple example of how I use QoS on my home network:
1st priority - On-line games, such as World of Warcraft (WoW) as the top priority. I need the best latency possible for optimum gaming performance (see the trafic shaping image below)
2nd priority - Web browsing (HTTP), instant messengers, VoIP (Vent, SIP, skype), PPTP VPN, and others as secondary priority.
3rd priority - Peer-to-Peer file sharing (p2p; bittorrent, uTorrent), and all other undefined protocols as the last priority with a reduced available bandwidth.

You can prioritize Internet traffic however you want, its not limited to gaming. Not only does it provide QoS, but list of features/addons truly makes this a professional firewall/router.

How to do it:
You just need an old computer and two (or more) network cards. I've this on a tested on a PIII 800Mhz, Duron 1.2Mhz, and P4 3.2Mhz. It only takes minutes to install (see video below), and it works great on each of the systems I've tested. Don't let your old computer go to waste, put it back to work for you.
Download it here: http://www.pfsense.org/
How TO installation guide: http://doc.pfsense.org/index.php/HOWTO (focus on step 1 and 2)
Watch the video: http://www.youtube.com/watch?v=e_XgY6jqLeQ (Below)





I will be updating this post over the next few days with screenshots, guides, and information to help you install your personal pfsense firewall/router.




Download screenshots:





Assigning network interfaces example:


The "golden ticket," here is the trafic shaper. Just run the wizard, then you can tweek the settings. Here is an example of my set up, notice how I focus on Ack.

This is a decent guide on configuring pfsense for the first time.

Also see: http://www.richardsmrt.com/cgi-bin/phpBB3/viewtopic.php?f=6&t=19

so do you need to format the old computer or just change to bios to boot differently?

First you tell the bios to boot to CD. Then when the computer boots to the pfSense disk, it will format the HD and install pfSense to disk.