The Phoenix firewall appliance
is an embedded linux
-based 1U rackmount unit. It is based on the Cobalt Systems
(now Sun Microsystems
motherboard. While fine for its purpose, the board is sort of underpowered for any serious tasks. It is powered by a MIPS
-based processor, the PMC-Sierra (neé Quantum Effects Devices) RM5231A. This is a 64-bit processor with a 32-bit system bus.
As sold, the Phoenix firewall appliance is a 1U rackmount box (19" wide) with two Fast Ethernet (100-Mbit) interfaces, some front indicator lights (Link, TX/RX, Firewall Up, Collision Detect, Disk, 100M) and a two-line LCD display, and six front-panel control/select buttons next to a recessed reset switch. If you're an off-the-shelf user, this box is configured using a Java applet that can be reached by browsing to port 8181 on whatever the internal interface is configured to. When you first boot the box, it generates a random passphrase and displays it on the front panel; once you log in via http it forces you to change that. You can reset the passphrase to a new, random one via the reset switch and resultant menu (it's referred to as the GUI Passphrase).
Technically, you don't need anything else to set up the machine. The basic network configuration can be done (and initially, must be done) from the front panel switches. The firewall rules and configuration (logging, etc.) are done from the Java management applet. This is fairly simple stuff. The box is capable of doing packet filtering, port forwarding and IP Masquerading, much as a simple linux ipchains-based firewall. However, the one major drawback from a hacker/home user point of view is that it isn't capable of handling dynamically-assigned IP addresses on the external interface. This isn't its target market, but they're old enough that they're filtering down to the hobbyist user, and that's a pain.
As mentioned earlier, the processor is a QED RM5231A. The is accompanied on the mainboard by a VIA 82C586 (for what, I don't know), some custom glue logic and some basic components such as a Cobalt IDE controller chip and what appear to be DECchip Tulip embedded ethernet interfaces (Digital DS21143 Tulip rev 65). There is a 4+ GB Quantum Fireball 3.5" IDE drive in the thing which serves to house the OS as well as the log files; the OS install appears to live in 49MB of the disk, leaving the remainder for logging and perhaps (I can't tell yet) for software images? I'm not sure how it handles the 'reset to factory defaults' command, and I haven't backed up the drive to determine if it can handle a trashed disk. :-)
The box is running what appears to be a highly wrenched version of RedHat Linux; from the kernel (2.0.34) I'm guessing a 5.1 base. Since it's a MIPS box (MIPSel, or MIPS little-endian for those of you who care) any tweaking needs to be done with a mips-little-endian target on compiles. On top of the RedHat stuff, Phoenix has installed the linux version of its Adaptive Firewall product. Warning: the software is enabled using cryptographic keys! Even on the embedded version, a key is required, so BE CAREFUL and don't delete the key without backing it up. Even if you do that, I have no idea if a key will survive a restore! Touch all this at your own risk.
How to get there? Well, the box will enable telnet access on a one-shot basis. From the Java applet or from the reset front panel menu (accessed with the recessed reset button) you can enable Telnet; the box will display a randomly-generated passphrase for the root account and open up telnet on port 2323 on the internal interface. Once you've logged out, however, it closes the port and erases the passphrase for security purposes. I'm working on getting a version of ssh working on it. :-)
Finally, a word to those planning to hack around with it- there aren't any compilers on the box (although 'make' is there). Since there is an ftp client, however, getting stuff onto the box isn't a problem. There are several linux-mips resources available on the net; a good place to start is the Paralogos MIPS Linux page, at: