

$ sudo dd bs=4M if=ipfire-2.21. of=/dev/mmcblk0 status=progress conv=fsync Just copy the image to SD card and configure your Internet connection (Step 4). Note: I provide my own IPFire 2.21 image created on Raspberry Pi 3B. Therefore, we need to assign wireless interface to the Green segment. The PI 3B boards, however, offers only two integrated ports. If one wants to configure Blue zone for wireless interface, only the combination of Red + Green + Blue is available. The installation process, however, does not offer combination of RED + Blue segment.


In accordance with documentation, a wireless interface should be assigned to the Blue zone. The board offers two integrated network interfaces at all.ĭuring the installation, we will assign Ethernet interface to Red segment. It has integrated 2.4 GHz WiFi 802.11n (150 Mbit/s) on Broadcom BCM43438 chip and it also provides a single integrated 10/100 Ethernet port. Therefore, I chose the Pi 3B board to run IPFire 2.21. Raspberry in version 3B is equipped with 1.2 GHz 64-bit quad-core ARM Cortex-A53 processor and 1 GB of RAM. Clients on this network segment must be explicitly allowed before they may access the network.Īccording to IPFire ARM compatibility list, Raspberry PI 3B board is very well supported since IPFire 2.21. Since the wireless network has the potential for abuse, it is uniquely identified and specific rules govern clients on it. Blue represents the "wireless" part of the local network. Nothing from Red is permitted to pass through the firewall unless specifically configured by the administrator. Red indicates "danger" or the connection to the Internet. Clients on Green can access all other network segments without restriction. It is usually comprised of a wired, local network. This is where all regular clients will reside.

Each segment represents a group of computers who share a common security level. These different segments may be enabled separately, depending on your requirements. Updates are digitally signed and encrypted.ĭuring the installation of IPFire, the network is configured into different, separate segments (zones). The modular designs allows to extend basic functionality by installation of add-ons that can be easily deployed with the IPFire package management system - pakfire. IPFire employs a Stateful Packet Inspection (SPI) firewall, which is built on top of netfilter (the Linux packet filtering framework). IPFire is a modular opensource firewall distribution with a primary objective of security.
