Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Wi-Fi Router Charts

Click for Wi-Fi Router Charts

Mesh System Charts

Click for Wi-Fi Mesh System Charts

Features and Architecture

LEAF-Bering uClibc traces its lineage back to what was once the "Linux Router Project". The goal was to create an operating system, based on Linux, which would provide the same functionality as a hardware router. LEAF stands for "Linux Embedded Appliance Firewall", and there have been (and still are) several variants, of which Bering-uClibc is probably the most current and actively developed, led by the LEAF-Bering uClibc team of Arne Bernin, Eric de Thouars, Eric Spakman, Luis Correia, KP Kirchdoerfer, and Martin Hejl.

LEAF-Bering uClibc (let's just call it LBU from here on out) has many features, including compatibility with a wide variety of hardware, advanced routing capabilities, IPV6 compatibility, security, simplicity, and flexibility. The basic LBU system includes DHCP, DNS caching, and SSH services, among other things.

The core of LBU, besides the Linux kernel itself, is the Shorewall firewall system, from Tom Eastep. Shorewall is a highly evolved application that reads easily edited (and well commented) configuration files to control the Linux kernel's Netfilter packet filtering system, and can therefore provide advanced routing functions, including stateful packet filtering.

In addition to the base packages that come with LBU, you can also download many extra packages (also Open Source and free) to extend or enhance the capabilities of the system. LBU is targeted mostly towards small or mid-sized networks, but it's really only limited by your imagination.

When an LBU system starts up, what happens is that the boot process creates ram disks (virtual disks held in memory) and expands the entire operating system there. Once the boot process is complete, no actual hardware disks are used because everything is held in memory. Because of this design, the system is very flexible when it comes to installation.

The basic LBU system comes as a 1680K floppy disk image, but you can also put the system on a hard disk, a CDROM, or anything else that your hardware can boot from. You can even store the boot files on one media and configuration files on another if you'd like. This design also makes the system more secure.

For instance, once you get your system configured like you want, you can simply write protect the LBU floppy disk or take it out altogether, and then even if your firewall gets broken into and taken over (which would be extremely unlikely), all you'd have to do is reboot and be back in business.

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Don't Miss These

  • 1
  • 2