我的个人站点本文链接
原文标题 8 Open Source and Linux Router Projects
原文链接
By Eric Geier (NoWiresSecurity Founder & CEO) – originally published on LinuxPlanet
作者:Eric Geier (无线安全 的创始人和CEO)最初发表于:LinuxPlanet
翻译:CycleUser
The Linux and the open source community doesn’t just create great desktop and server solutions.They also create worthy router solutions, many which are open, free, and/or Linux-based. You’ll find firmware replacements for open Wi-Fi routers that you flash or upload to the router. Additionally, there are Linux-based distributions that install onto generic Intel/AMD PCs or run as LiveCDs. Plus there are options for embedded systems, servers, and appliances.
Linux和开源社区不仅创造了出色的桌面和服务器的解决方案。也产生了很有价值的路由器项目,很多都是开放的,自由的,或者有的可能是基于Linux构建而成。(翻译者注:开源路由也有基于FreeBSD等其他系统的解决方案。)在这些开放的路由项目中,你能找到可用于替代原版的固件,可写入或上传到路由器中。此外,还有在Intel或是AMD平台的通用个人电脑(翻译者注:即X86或者AMD64平台)安装运行的,以及一些光盘启动的Linux发行版,也能用于作为路由的解决方案。再加上嵌入式系统、服务器、类似装置等也可供选择。
Here we’re going to take a look at the most popular open source or Linux-based router projects. Now let’s get started!
现在咱们就来看看最流行的开源或者基于Linux的路由项目吧。
DD-WRT
DD-WRT is arguable the most popular, feature-rich, and wellmaintained open source firmware replacement for wireless routers,embedded systems, and PCs. Its Linux software runs on compatible open routers and systems.The first versions of DD-WRT were actually based on the Alchemy firmware from Sveasoft, which we’ll discuss later.The founder and main developer of DD-WRT is Sebastian Gottschall (BrainSlayer).
DD-WRT可用于无线路由器,嵌入式系统,个人电脑等,是最流行的,功能最丰富,维护最完善的开源固件,这还有争议的。(翻译者注:其实OpenWrt才能称得上第一,这是翻译者的个人观点,勿喷。)它所含的Linux软件可运行于各种兼容的开放路由和系统之上。DD-WRT的第一个版本基于Sveasoft公司的Alchemy固件开发的,这个我们稍后讨论。其创始人和主要开发者是Sebastian Gottschall (即BrainSlayer)
DD-WRT provides all the usual features of wireless routers. It also features the typical features found in firmware replacements.Like other comparable firmware replacements, DD-WRT can operate like a normal wireless router or can be put into three different modes: Client, Bridge, and Repeater. Additionally, it supports VLANs and virtual SSIDs. It also features QoS, hotspot functions, a VPN client and server, and much more. DD-WRT also has additional features not found in other firmwares, like support for PCs.
DD-WRT提供了无线路由器的所有常规功能。也支持一些替换固件所具有的典型功能。与其他替换固件类似,DD-WRT能像普通无线路由一样进行配置,实现三种模式:客户端,网桥,中继。此外还支持虚拟局域网和虚拟的SSID(翻译者注:可以简要理解为无线网的名称标识)。还支持QOS,热点功能,VPN客户端和服务端,等很多功能。(翻译者注:QOS是网络服务质量 (QoS: Quality of Service) ,就理解为带宽优化分配吧,VPN是虚拟专用网。)DD-WRT还有一些其他固件不具有的功能,例如对PC的支持。(翻译者注:这简直太无视OpenWrt了。)
RouterOS
Though the code is not open and it is more of a commercial offering, RouterOS from MikroTik is Linux-based. It installs onto and turns regular PCs into a enterprise-level router.It gives you all the necessary features, including routing, firewall, bandwidth management, wireless access point, backhaul link, hotspot gateway, VPN server, and more.
代码不开放,使用商业授权,MikroTik出品的RouterOS却是基于Linux构建的。它可以安装在普通的个人电脑上面,并使其成为企业级的路由器,提供了全部必要的功能,包括路由,防火墙,带宽控制,无线接入点,信号隧道链接,热点网关,VPN服务端等等。(翻译者注:带宽控制就跟QOS应该是一个意思,信号隧道链接是啥我也不清楚,猜测可能是反向代理什么的么?不是很懂,望谅解。)
You can download and use all the features for free, for the first 24 hours. After the free trial you can use limited features or purchase a license starting at $45.
你可以下载然后使用所有功能,免费时长为24小时,过了之后只能使用有限的功能,除非购买一个价格为45美元的授权。(翻译者注:MikroTik,软路由器厂商,来自拉脱维亚。)
Untangle
Untangle can help protect, control, and monitor the online activities of small businesses, schools, and homes. It can be installed and run on a dedicated PC or ran inside Windows.Its core features are open source and licensed under the GNU Public License v2 (GPLv2).
Untagle能帮助保护和监控网络行为,适用于小企业,学校,和家庭。它可以安装和运行在专门的个人电脑里,或者运行在Windows系统中。其核心功能是开源的,并且使用GPLv2授权。
Though it can optionally replace the router of a network, it concentrates more on managing the Internet experience rather than provide network functionality like most of the other projects we’re discussing. Whether in router or standalone mode, it provides network-wide protection from a single centralized location–you don’t have to install firewalls and anti-virus software on each computer, for example.
虽然他也能替代网络中的路由器,但是更多情况下还是用于互联网体验控制,而不是提供网络功能,这和我们提到的其他项目有所不同。无论是路由模式还是单独运行状态,它都通过单一集中式定位提供了网络范围内的保护,你不必在每一台机器上都安装防火墙和杀毒软件。
Features offered for free include firewall, web filtering, SPAM blocker, virus and spyware protection, captive portal,AD blocking, protocol controls, and a VPN server. Their premium services offer enhancements and additional features.
免费的功能包括防火墙,网页过滤,垃圾邮件拦截,病毒和间谍软件防护,强制网络门户,广告拦截,协议控制,以及VPN服务。(翻译者注:captive portal强制网络门户是一个Web页面,它是使用公共访问网络的用户在被授予访问权限前必须访问和交互的页面。)
For more details and help on setting up Untangle, you can refer to a previous tutorial of mine on this site.
关于安装Untagle的更多细节和帮助,可以参考我在这个网站之前的介绍。
ZeroShell
ZeroShell can provide the main LAN services for small-to-medium-sized networks, similar to RouterOS. It’s offered on a Linux LiveCD, so it doesn’t have to be installed.It just needs a small drive to save the configuration.
类似RouterOS,ZeroShell能提供中小规模的局域网服务,以Linux的LiveCD(可启动光盘)形式运行,不需要安装,存储配置也仅需很小的存储器而已。
ZeroShell can perform as a router, firewall, RADIUS server, wireless access point, VPN, and more. It includes QoS, hotspot, and Internet load-balancing and fail-over features. It also supports VLAN tagging, multiple SSIDs, and Windows Active Directory.
ZeroShell的功能有路由,防火墙,远程用户拨号认证服务,无线数据接入点,VPN等等。还包括QOS,热点,网络负载平衡和故障转移功能。也支持VLAN标记,多重SSID,和Windows活动目录。(翻译者注:RADIUS:Remote Authentication Dial In User Service,远程用户拨号认证服务,用于在需要认证其链接的网络访问服务器(NAS)和共享认证服务器之间进行认证、授权和记帐信息的文档协议。Failover,故障转移功能,通俗地说,即A无法服务时,系统自动切换,使B能够及时地顶上继续服务,客户感觉不到这个为他提供服务的对象已经更换;一般fail-over特指计算机领域的数据库、应用服务、硬件设备等的失效转移。活动目录(Active Directory)是面向Windows Standard Server、Windows Enterprise Server以及 Windows Datacenter Server的目录服务。)
I’ve also done tutorials on ZeroShell for LinuxPlanet, covering several topics: introduction and setup, setting up RADIUS server for Enterprise Wi-Fi encryption, configuring captive portal, Internet gateway and router, and creating bonded VPNs for higher throughput and failover.
我在LinuxPlanet网站上面也对ZeroShell进行了介绍,包括以下几个主题:简介和安装,建立企业无线加密RADIUS服务器,配置强制网络门户,网关和路由器功能,以及创建既有高吞吐量又有故障转移功能的有保障的VPN。
Talisman Sveasoft
Sveasoft offers a wireless router firmware replacement, currently called Talisman, similar to DD-WRT. When scouring the net, you might find some controversy about Sveasoft charging for access to their Linux-based software. Right now, Sveasoft charges a $25-per-year subscription in order to download their firmware files. In addition to the basic firmware, they offer a VPN version with IPSec support and a mesh networking version.
Sveasoft提供的无线路由替换固件,现在命名为Tailsman,与DD-WRT比较类似。上网浏览的时候,你也许会发现一些关于对Sveasoft的软件基于Linux的却收费的争议。当前Sveasoft要价是25美元每年来进行订阅,才能下载和使用他们的固件文件。除了基本版之外,他们还提供IPSec支持的VPN版以及Mesh网络的版本。(翻译者注:Mesh网络即”无线网格网络”,无线多跳网络。多跳网络:任何设备节点都可同时作为接入点(AP)和路由器,每个节点都可以发送和接收信号,都可以与一个或多个对等节点直接通信。单跳网络:客户端通过一条与接入点(AP)的链路来访问网络,进行通信必须首先访问这一接入点(AP)。IPsec(Internet Protocol Security),是通过对IP协议(互联网协议)的分组进行加密和认证来保护IP协议的网络传输协议族(一些相互关联的协议的集合)。)
Tomato Firmware
Tomato is yet another firmware replacement for off-the-shelf wireless routers. Its similar to Talisman and DD-WRT but doesn’t include all the same features. Its a bit smaller, leaner, and simpler. It offers bandwidth traffic monitoring, different wireless modes, QoS, and site survey. Like DD-WRT its firmware and source is freely available.
Tomato也是一个用于无线路由器的替换固件,和Tailsman以及DD-WRT类似,但是不包含全部相同的功能,而是更轻巧,更精简,更简单。它提供了带宽流量监控,不同的无线模式支持,QOS功能,以及Site Survey(翻译者注:信号搜索,把AP或无线路由的SSID搜索出来)。和DD-WRT类似,固件和代码是开放的。
Vyatta
Vyatta touts itself as a cheaper and open source alternative to Cisco, targeted for enterprise-level networks.The router operating system offers all the core LAN services: NAT, routing, firewall, VPN, and QoS. They provide their core open source product for free with documentation. The subscriptions offer additional features, commercial add-ons, and commercial support.
Vyatta自称为廉价而且开源的思科替代品,目标是企业级网络。 这一路由系统也提供了完整的局域网核心服务:NAT(网络地址转换),路由,防火墙,VPN以及QoS。他们的开源核心的产品是免费的,同时附送说明文档。订阅版本提供了更多的功能,商用附加模块和商业支持。
CoovaAP
CoovaAP is a an OpenWRT-based firmware replace for wireless routers, specifically designed for Wi-Fi hotspots. It includes the CoovaChilli access controller, an embedded captive portal, and features bandwidth traffic shaping.It supports a variety of configurations, such as free access with Terms of Service acknowledgment and even commercial or paid access.
CoovaAP是基于OpenWrt的无线路由替换固件,专门为无线热点设计。包涵了CoovaChilli接入访问控制工具,嵌入的强制网络门户,和带宽流量统计功能。它支持多种配置,比如带有服务条款确认的免费接入模式,或者商用或付费的访问模式。
You can also find tutorials I’ve written covering CoovaAP on LinuxPlanet.
你也可以在LinuxPlanet找到之前我所写过的关于CoocaAP的指南。