Hello! I’m a networking novice who recently decided to setup a DMZ on my home network so I can run self-hosted servers (e.g. Nextcloud and Matrix). I’m a new user of IPFire because it is excellent software that makes setting up a hardened Red-Orange-Green network very simple.
I tried running a DMZ before with a firewall setup that I cobbled together, but I found that my top issue was that outgoing connections from my green network became incredibly slow, to the point where they would often time out. My assumption based on my skills and the tools available at the time (both of which were meager) was that a lot of bots were trying to access my orange network. I assume that this would use most of my upload capacity, making outgoing connections very slow.
Here’s some more useful information:
- My upload capacity on a good day is 5 Mb/s.
- I should never have more than 5 “users” using my services at the same time (i.e. a few family members and friends)
So now that I’m running IPFire I would like to be able to preserve as much upload capacity as possible. From what I’ve read it seems that I would do this with the Suricata IPS. Here’s the Emergingthreats.net rule sets I’m using so far:
So based on all of that, I have the following questions:
- Am I on the right track with preserving my upload capacity?
- Is there a tool in the IPFire admin screen that I can look at to see how much of my upload capacity is being used? Right now my assumption is that I would look at the
txutilication on the Net-Traffic screen for the red0 interface. Is that correct? Or should I just use fast.com?
Thanks in advance!