Firewall software to use?

pilot1 · 03-10-2003, 06:15 AM

I have a computer that i'd like to turn into a firewall for my network, it has the following specs: 200mhz proccessor, 32mb RAM, and 4 gig hard drive, Netgear FA310TX NIC and a 3Com NIC.

What software is the best to use for a computer with those specs?
It's currently running RH 7.2, but I can replace that with whatever is nescessary.

I also have a wireless Linksys NAT/Router, would I plug the 2nd NIC into the Uplink port of the NAT, or the WAN port?

acid_kewpie · 03-10-2003, 06:32 AM

well the system you have is not really related to the software, the only thing worth thikning about is that you are running a 2.4 kernel, which redhat 7.2 does. All firewalls on linux are created under the same software, and what you would think to be the firewall software is actually just a front end to iptables and netfilter, it's all kept very much under the hood.

i like the firestarter front end, does everythign i need it to, and makes iiptables configuration so much less painful

pilot1 · 03-10-2003, 06:46 AM

I'm familiar with IPtables, is there any advantage to using firestarter, OpenBSD, Firewall One or Smoothwall instead of manually setting IPtables up?

acid_kewpie · 03-10-2003, 07:12 AM

OpenBSD is a unix variant, like linux, not a firewall. the advantage of somethign like firestarter is that it's extremely easy, rather than extremely hard. an average iptables script can easily be a few hundred lines if you're doing it meticulously, and if you're not comfortable with iptables that's a non starter... ultimatley though having a good knowledge of iptables will help you no end.

pilot1 · 03-10-2003, 07:19 AM

I realize OpenBSD is a unix variant, i've just heard it's a good *nix variant to use for a firewall.
I'll try firestarter, thanks.

acid_kewpie · 03-10-2003, 07:31 AM

Yeah, it is meant to be quite good actually, but naturally it ends up at a point where it's horses for courses and all that. there is always a level you can find to suit your needs against your abilites. i'm still chickening out personally....

pilot1 · 03-10-2003, 08:27 AM

Hmm...
This is just for a home network, but i'd like to have as much security as possible without buying expensive firewall appliances.

Do you have any links with information on firewalls in OpenBSD, and do you know how similar it is to Linux?

I might as well at least look into it, i'm not in a rush to replace my NAT and I have alot of time on my hands so I might as well make the best firewall I possibly can.

Burke · 03-10-2003, 10:48 AM

Take a look at ClarkConnect 1.2 (1.2 is based on RedHat 7.3. They'll have a newer version next month based on RedHat 8.0). This is ideal for a home network. When you get it registered (FREE), you get a dynamic dns entry at their *.pointclark.net ... the "*" being the username that you choose when registering. It makes a nice little firewall (Frontend to IPTABLES), also capable of having a DMZ, Samba shares, E-mail, multiple Domains for Apache web hosting, FTP, and includes SNORT pre-configured

http://www.clarkconnect.org

eishv · 03-11-2003, 06:51 AM

smoothwalls really good and easy to setup.
www.smoothwall.org

stickman · 03-12-2003, 06:34 AM

The besf place to get info about OpenBSD pf is probably the benzedrine site. There are some sample files somewhere on the page.

Pcghost · 03-12-2003, 12:03 PM

Don't do it man. Writting an iptables script from scratch may seem daunting but it's way worth it.