LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 06-28-2012, 11:27 AM   #16
cactusguy
LQ Newbie
 
Registered: Jun 2012
Posts: 1

Rep: Reputation: Disabled

I tried IPCop in my school setting for a bit, until the old hardware it was running on died. I found it very configurable, and had the features we needed. Squid and Updates caching were nice features. Dansguardian is nice content filter, too.

You should be able to store files on it, as its a Linux distro. Installation was pretty easy, too.

I want to try pfSense, but IPCop was easier to work with, IMHO. I'll probably install IPCop or pfSense when my family starts to have a need for content filtering.
 
1 members found this post helpful.
Old 06-28-2012, 11:45 AM   #17
frieza
Senior Member
 
Registered: Feb 2002
Location: harvard, il
Distribution: Ubuntu 11.4,DD-WRT micro plus ssh,lfs-6.6,Fedora 15,Fedora 16
Posts: 3,010

Rep: Reputation: 352Reputation: 352Reputation: 352Reputation: 352
+1 on ipcop, never used it myself, but i hear it's good
another suggestion would be smoothwall
Quote:
Originally Posted by zhjim View Post
Hi Hagrid,

when I take your info correct you have a wireless router so you would not have the firewall do the wireless stuff, right?
not if you place the firewall between the modem and the router, where it probably belongs anyways.
 
Old 06-28-2012, 12:49 PM   #18
smallhagrid
LQ Newbie
 
Registered: Jun 2012
Posts: 26

Original Poster
Rep: Reputation: Disabled
Most of the problem which had me asking here for guidance is simply...confusion.

There is SUCH a profusion of distros to choose from, and each one is so very different than the others - and to make it even more confusing, their websites are near impossible to use in finding nice, simple info !!!

Here's a great example of what I'm trying to point out:
http://www.clearfoundation.com/Software/overview.html

Here is what I'm hoping to pinpoint with regards to each/any distro:

- Is it truly free, or has it some time or other limited sort of licensing (IE: Astaro) ?
- Serious ease of use; made for any Joe, or needs a college education for setting it up ?
- Will it run on an ordinary old PC, or only certain h/w ?
- Is antivirus/spam protection included ?
- Does it update the above (or are updates even required ?)
- Does it offer built-in file sharing for when I am out of the house ?
- Is the ability to control a wireless router included and dead-easy to set up ?

Most of the charts & sites make finding the above, specific info into quite an adventure.

If in order to learn these specific details I need to register on their site - join their forum, post my queries, then wade through any replies which merely say 'I like this alot, etc., etc., etc...' without actually answering my questions, then=>
It's enough to make ME lose track of the info due to the simple brain overload.

My goals:
- To have ONE firewall box running 24/7 which INCLUDES the ability from that single box for me to use a file I need when I am away - for it to easily/simply control the wireless router I already have on hand with enough security so nobody sits in a car in front of my house at 3AM using our internet - and of course so that no faceless/nameless strangers from far away can waltz right into the kid's PCs and cause havoc.

This is NOT a career for me - so I don't want to spend my life trying EACH one to find the best fit - nor do I wish to learn anything very arcane to do this...

That is what was so good about the silly old win98 setup=>

It just ran & ran & ran, I'd check & reboot it once in a while, and we NEVER had any unwelcome visitors get through it that I know of.

The ancient 'B' wireless router we had was weak enough to only reach parts of the house, and it was replaced when I put in the Astaro box - but since I couldn't get any polite/helpful/simple info on just how to make the newer wireless work with the ASG, the router is in between the firewall box & the cable modem doing it's own thing.

And when this adventure is complete, I want the firewall chosen to just do it's things for some years before any changes are needed because I just don't have weeks & months to research, install & learn something totally new very often.

And that's MY story.
I hope it doesn't ruffle anyone's feathers; it's just how I roll.
Hopefully someone else here has a very similar situation and will empathize with me ?!?!?

Thanks.
 
Old 06-28-2012, 02:14 PM   #19
frieza
Senior Member
 
Registered: Feb 2002
Location: harvard, il
Distribution: Ubuntu 11.4,DD-WRT micro plus ssh,lfs-6.6,Fedora 15,Fedora 16
Posts: 3,010

Rep: Reputation: 352Reputation: 352Reputation: 352Reputation: 352
although i agree with your sentiment that you want something that 'just works' to some extent, to compare the win98 days to today is sadly comparing apples to oranges, back then there weren't as many people online and trying to actively cause trouble, the game has significantly changed from then, nowadays security isn't a 'set and forget' deal anymore, it's an ongoing process of installing software, updating software, auditing logs, keeping policies up to date, making backups in duplicate and triplicate etc...


no you shouldn't have to actually try them all, but read through the descriptions several, pick out a handful that seem to meet your needs and try them (maybe 3 or 4 at most, not dozens)
 
Old 06-28-2012, 03:22 PM   #20
jefro
Guru
 
Registered: Mar 2008
Posts: 10,255

Rep: Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256Reputation: 1256
You can't have free, easy, build it yourself, complex and advanced tools and have it configured without knowing how to read a web page.

Same also is you can't pay for a device prebuilt with complex and advanced tools that doesn't require some setup. At least you'd get service with the device and hopefully correct service support.

Your post asks for a lot in one question. Everyone tried to help with good suggestions. If you were to narrow down your questions more then the answers would be more clear.

Other than that, we are only regular people. What worked for me may not be what others have fallen in love with.
 
Old 06-28-2012, 03:53 PM   #21
smallhagrid
LQ Newbie
 
Registered: Jun 2012
Posts: 26

Original Poster
Rep: Reputation: Disabled
Thumbs up OK, that's enough for me.

Hello Frieza, and thanks.
A pertinent bit of information to the following:
Quote:
Originally Posted by frieza View Post
although i agree with your sentiment that you want something that 'just works' to some extent, to compare the win98 days to today is sadly comparing apples to oranges
I've a friend with a bunch of kids who's a total technophobe; ANYTHING more technical than plugging in a lamp terrifies him.
Coincidentally I made an old box of his (years ago) into the same kind of win98 thing I had - and it is still chugging along, AND=> if anything techie goes amiss at their house it is me he calls first, if only to be told he need to call the 'for pay' guy he uses.
At his house, as in mine - the only unwelcome visitors in all this time have been due to someone doing something bad with an email attachment (and no thinking besides...).

I believe the old win98 thing is usually referred to by guru types as 'security via obscurity', and I don't care what you call it, it still works well.

Thank you:
Quote:
no you shouldn't have to actually try them all, but read through the descriptions several, pick out a handful that seem to meet your needs and try them (maybe 3 or 4 at most, not dozens)
For saying that WITHOUT getting all snarky/critical (no names mentioned !!!).
I have been examining pages & pages of info on and off for several months now, hence the overload - and:
I AM IN NO WAY ILLITERATE, STUPID OR INCAPABLE OF READING A WEBSITE.

That having been said, there were several attempts a few years ago which made me give up because I could not get the old stuff I had on-hand to work with a few different distros.
Since then I am also diving into ZorinOS/Ubuntu and Linux itself has gotten a bit more friendly in many good ways, I think.

Since the present adventure started I've installed and am using (1) Astaro...
I have, ready to install (2) pfSense.
(3) Untangle claims great ease & simplicity, so I may try it.
(4) I cannot yet tell if Smoothwall will be beyond my tiny skills...
(5) I know with reasonable certainty that ClarkConnect 5 (which I happen to have on CD already) -does- do all that I've asked, but have yet to try it.
(6) The ClearOS site in no manner I can find shows clearly if the features I desire are present in the free version AND their site is very much unfinished, so I may skip any interest in that.

That makes 6 possible and/or already used choices, which I think is enough for me.

Fortunately for me, I have a few older PATA hard drives left over that I can pop into the same PC to try things on, so long as nobody else has some extreme 'internet emergency' that -must- be satisfied immediately while I am trying/learning things.

And to avoid any more snarky replies telling me how stupid & illiterate I must surely be - I will mark this thread as 'solved'; even though it is not as yet.

Thanks Again Frieza, for your understanding and kindly reply !!!
 
Old 07-07-2012, 03:49 PM   #22
smallhagrid
LQ Newbie
 
Registered: Jun 2012
Posts: 26

Original Poster
Rep: Reputation: Disabled
Lightbulb More details; still testing...

I've installed and am (still, for the moment...)using Astaro...soon to be changed though, and here's why I decided to leave the Astaro ASG behind=>

1. They offer it for 'free' to home users, which in reality translates thusly:
It is a promotional & time-limited thing with plenty of personal information required in order to use it.
2. It is limited to forum-based support: Great -if- you happen to understand high-level networking lingo like some sort of network engineer, and if you don't - expect to get totally unhelpful, snarky replies which basically say 'this is NOT for you, freeloader'.
3. It is a fully commercial product, truly aimed at big-payers.
4. The documentation provided seems to be (badly) translated into english which makes the site's info as well as the ~600 page manual a bit of a nightmare for an english-only person.

Let the trial installations begin !!!

I installed ClarkConnect 3.2 .
My thoughts about this one are that though it is quite old and no longer even supported, it appears to have all that I want 'right out of the box' - but it's missing any way to add separate DHCP for the DMZ NIC so sadly it is out.
There is something I truly like about this version though so it is a shame that I cannot use it

Then I tried installing Smoothwall 3 Express - but when it was 99% done I learned (the hard way...) that my UPS no longer helps in a short power failure !!!
It did not survive that, so I started over and it went fine this time (mostly)((I'll skip the excessive details)).
Nice enough too - but also quite cryptic the way one must find things by trial & error that aren't documented; I was lucky to find some helpful sites which got me through some lumps & bumps with Smoothwall.
My conclusion about this one: I don't really like it very much, but it looks like it may be the sole survivor after all.

Then came ClearOS.
Another one gone fully commercial - with things which were native to ClarkConnect 3.2 now as 'paid features'.
Tried configuring it several times now, and some things in it just will not work despite following their (out of date & incorrect) manual as closely as possible.
These folks are seriously in transition, still, from being a great source of freeware to becoming profit-centered; I'm not impressed.
I'll pass on this one.

I went -backwards- to ClarkConnect 5 CE, which was the same sort of disappointment as it also has features removed to payware, and is totally unsupported - so out it went too.

Then came Untangle.
(It's installation takes a reeeeaaalllly loooong time !!!)
It claims great ease & simplicity, so I tried it.
That much is true it's very cute & simple, while it seems to completely lack any sort of inbuilt file-sharing ability it still seems to be a very capable security tool...and ONLY that.
An important note====>If you are tempted to use this one=>

BE WARNED: When it starts into it's GUI at first it offers to install the packages 'most users' want...and guess what ?!?!? It's their premium stuff, which is NOT FREE and once started, there is NO WAY to pause or stop the download. Woof.
It made no friend in doing that.
This one is simply not what I seek, it's quite appealing visually, but really not for me.

Lastly:
After reading it's site more carefully I decided to just skip trying pfSense.

That makes 6 that I've installed & tried.
A couple seemed like good possible choices, but it looks like the only choice left now is Smoothwall.

This final 'round' will show me if I can handle that and I'll post more when I get through it...

Last edited by smallhagrid; 07-07-2012 at 09:29 PM. Reason: things forgotten
 
Old 07-07-2012, 10:48 PM   #23
smallhagrid
LQ Newbie
 
Registered: Jun 2012
Posts: 26

Original Poster
Rep: Reputation: Disabled
Oh dear - back to (almost) square one !!!
I totally forgot that SME Server even exists, and just learned of IPFire - downloading now...
 
Old 07-14-2012, 11:29 AM   #24
smallhagrid
LQ Newbie
 
Registered: Jun 2012
Posts: 26

Original Poster
Rep: Reputation: Disabled
OK, finished now=> in use & operation & very satisfied too.

SME Server:
Tried to get it working as claimed but failed miserably after wasting much time trying to find how to make it do the things it claims to do 'so easily'...maybe for someone who speaks/reads it's docs in it's native language...but not for this guy.
My rating=> About as easy/comfortable to get working as one of those desks you build from a box of parts (made someplace in Asia...); for an english reader it IS possible to read the words, but they make no sense at all & you end up guessing & getting really frustrated.

IPFire:
Now THIS is the cat's pajamas !!!
How could I have searched & somehow NOT heard of it ???!!!
It is great - very well done & highly recommended.
It's group are not native english speakers, but it's help pages are excellent & well done even so.
Everything I wanted is in it, easy to set up, 100% free, and the help one gets from these folks is very, very friendly & good.

IPFire is MILES ahead of all the others I've tried !!!
 
Old 07-14-2012, 10:50 PM   #25
nixblog
Member
 
Registered: May 2012
Posts: 426

Rep: Reputation: 52
Quote:
Originally Posted by smallhagrid View Post
Lastly:
After reading it's site more carefully I decided to just skip trying pfSense.
Just out of curiousity, why did you decide to skip pfSense?
 
Old 07-15-2012, 03:17 PM   #26
smallhagrid
LQ Newbie
 
Registered: Jun 2012
Posts: 26

Original Poster
Rep: Reputation: Disabled
Cool Truly...

I apologize, but the exact memory of that moment eludes me just now, however:
Quote:
Originally Posted by nixblog View Post
Just out of curiousity, why did you decide to skip pfSense?
I made a chart of what I was looking for exactly, and the categories are=>
Easy enough ?
100% free ?
Anti-malware included ?
Wireless support ?
File sharing local/VPN ?

And pfSense must have come up short someplace there...and the one which had EVERYTHING is IPFire.

Also, the pfSense installation I set up on the USB stick, which booted/ran on my notebook, somehow got damaged between here and there and would no longer read or boot; and I already had the CD of IPFire ready to go...and that's all I really needed after all.

Now I'm 100% all set, so further testing is off the menu; that was a long bit of doing as it was !!!

Thanks.
 
Old 10-03-2012, 04:01 PM   #27
deskt0plinux
Member
 
Registered: May 2008
Distribution: ubuntu debian knoppix centos puppy
Posts: 31
Blog Entries: 2

Rep: Reputation: 1
@smallhagrid, thanks a ton for all the info you put out here about your research of the various Firewall distros. It saved me a lot of time - order of 2-3 days.
 
Old 10-03-2012, 04:17 PM   #28
smallhagrid
LQ Newbie
 
Registered: Jun 2012
Posts: 26

Original Poster
Rep: Reputation: Disabled
It is wonderful to be appreciated deskt0plinux - so I also thank you !!!

BTW, IPFire is still seriously great, and I've easily gotten it to do all it promises EXCEPT for a single thing: It's built-in backup system is a stinker.

No biggie though as Redo Backup will absolutely 100% backup/restore this distro WITH all it's add-ons, maintaining it's configuration 100%.
(In fact I even restored my Redo backup to dissimilar h/w - booted, entered the console, ran 'setup' to change the NICs, and in 2 minutes had it online & working; this seriously impressed me !!!)

If you go to IPFire's support forum and search for my posts, they document all the stuff I needed to get working and include all the great assistance I got from other users there as well as the URLs of things I used in my own processes.
 
  


Reply

Tags
firewall, gateway, wireless


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Help picking a distro Silphx303 Linux - Distributions 15 02-22-2009 10:44 PM
Need help picking Distro mrnicks Linux - Newbie 6 03-01-2007 03:54 PM
Need help picking a new distro slickhare Linux - Newbie 4 11-22-2006 01:28 PM
Need help on picking distro linuxputz Linux - Laptop and Netbook 5 09-02-2004 01:25 PM
Need some help picking out a firewall. Travis86 Linux - Security 3 09-29-2003 09:59 AM


All times are GMT -5. The time now is 11:53 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration