Reviewed: Yoggie Open Firewall SOHO
Here's a device that started out as a firewall and ended up as a powerful embedded development platform. It's based around an ARM CPU and includes an SDK to let you develop your own tools.
- Supplier: Yoggie Security Systems
- Web: www.yoggie.com
- Price: $79
An attractive price, but how good is it? Read on for our verdict...
We've looked at a Yoggie firewall product before, in Linux Format magazine issue 95. The Yoggie can stop viruses before they get to your machine, enforce black-or whitelist site filtering, and block ports in the normal firewall way. They've been used to protect innocent users everywhere, and we found the original device to be an extremely effective solution.
The only problem was that the platform was closed, and this is where the Open Firewall version steps into the breach. It's a special version of the Yoggie that comes with an SDK for developers and a back-door SSH server. The idea is that Linux experts can warp the Yoggie into their own security solution platform.
But when you plug everything in, the first thing you realise is that there's very little documentation and none that comes with the device itself. Online, there's a three-page PDF that accompanies the 160MB SDK download, and that's where you'll find the login and password details for the SSH account. After connecting to the Yoggie, you'll find a BusyBox Linux installation running version 188.8.131.52 of the kernel.
A quick glance at the output from 'df' reveals that, of the 48MB internal flash memory available, there's only 20MB to play with. You may think that the SD card slot could save the day and provide oodles of space, but with the delivered kernel this isn't functional, and other developers have been unable to get this to work.
Hacking is fun
The documentation includes a step-by-step guide to compiling and installing your own kernel, as well as building an example gdb package for installation on the Yoggie. This is accomplished through a chroot build environment, and it's relatively straightforward to use from any standard Linux desktop. The build scripts for the kernel and gdb are easy to understand and modify, but porting a large app like OpenVPN is going to be a massive undertaking, considering the limited storage space on the device.
A small community offers packages like Python and Nano, and we were able to run certain armv5tel binaries without touching the source code. If you're serious about developing for the Yoggie, you'll almost certainly need the additional debugging board in order to safeguard your device and enable you to replace the inaccessible bootloader.
Despite looking the same, this box differs from the original Yoggie Gatekeeper Pro we looked at previously. It offers only a slimmed-down set of features, seemingly identical to the home-friendly 'Pico' version. There's no policy configuration, no VPN or email support, and only limited reporting. But even worse is the omission of a Linux driver for the USB implementation, despite a driver being promised almost two years ago.
Despite the potential of a low-cost ARM development device like this, the Open Firewall feels only half-finished. It needs better support, more examples, a Linux USB driver and a newer kernel. If it had these, we'd be able to give our full support. But without, it's just too specialist and too restrictive.
Ease of use: 3/10
Value for money: 9/10
Overall: great value for money if you're looking for a hackable toy, but it could have been so much better. 6/10