Deploy m0n0wall Open Source Dual Stack Firewall with 6in4 Tunnel

This project involves creating a physical network firewall using the open source m0n0wall software.

m0n0wall is based on FreeBSD, but you don't need to be a FreeBSD guru to install it. It is open source, and free to download and use. It supports only 6in4 tunneling, so you will need a real public IPv4 address for the outside ("WAN") network interface. If you have ISP service that includes at least one public IPv4 address, you can replace your existing router or firewall with this box (assuming you can disable the NAT capabilities of your existing ISP router box, which is called putting it in "bridge mode").

You will need an "x86" box to install this on. That can be an inexpensive (or decomissioned) desktop computer, or a small inexpensive "network appliance box". The box should have at least 64MB of RAM, a HDD, and at least two network interfaces (supported by FreeBSD 6.2, such as Intel, D-Link, etc). During installation you will need a video interface and monitor, a keyboard (PS-2 or USB) and either a built-in IDE or SATA CD/DVD drive or an external CD/DVD drive connected by USB. Once it is  up and running you can remove the monitor, keyboard and CD/DVD drive - all further interaction, including administration, is done via network (ssh or web).

For higher reliability, you can deploy m0n0wall on a Compact Flash (or other memory module), but this is a bit more complicated. See the m0n0wall website for details. You can make a "poor man's SSD" with an IDE or SATA to CF adapter and an old CF card. FreeBSD will see this as just a regular HDD, so installation is simple.

Install and Configure m0n0wall to Create a Dual Stack Firewall (pdf)