Hello

Im looking for a very easy to use ( GUI please ) firewall that can be run on an older computer. This computer will protect a bunch of other computers that are behind it. The only catch to this is that it has to do many Public outbound IP's (20 for now and 50-100 later ).

I have found alot of info about alot of really great looking products, however most of them appear to only do 1 or 2 outbound IP's or have to forward to local IP addresses. I need something that can do many IP's and just hand them off without forwarding to local IP address.

Any ideas, links or just general info would be great.


Thanks for your time.

2Gunz

You can try firestarter or firewall builder or guarddog I don't know if one of those will match what you need.You'll have to check it out.

fwbuilder will do fine, but it's not a Linux distribution, it's a script builder (just like the name implies). It builds iptables scripts for a firewall. You'll still need to install a Linux distro and lock it down. I suspect that firestarter and guarddog are various flavors of firewall builders as well. In each case you would need to install the system and do the hardening yourself.

I think IPCop firewall is of your interest!

yes - ipcop and look no further

Sil

2Gunz, What do you mean, "many Public outbound IP's"? Do you mean public internet IP's?

I dont think IPCop will do "many Public outbound IP's" ...
IP cop is based on the GPL of Smoothwall. You can only have 1 WAN IP if your using the GPL. Smoothwall will do multiple WAN IP's if you have the Corp version (With an added module), but it costs $$.

If you mean you have 1 WAN IP and you want to have multiple private IP'S (internal network) then I recommend Smoothwall above all. The GPL is free, It has an EASY to use web interface (GUI), and the latest release (2 beta 7) has a load of new features. It does DHCP, web caching, port forwarding, IDS, remote acces, logging, dynamic DNS, basic VPN... & more from the web interface. It is secure (It does what it does for a living), and has a quick responding team for security patches, which can be applied also through the web interface.
See it here:
http://www.smoothwall.org

Yes Im looking for a firewall that can do many public internet addesses.

Well actually, IPCop is a fork of Smoothwall and it's superior to the GPL version in every way. I don't doubt the commercial version of Smoothwall is better than IPCop, but then of course you have to pay.

IPCop will actually listen on multiple public IPs for incoming connections. The only catch is that you cannot NAT to more than one IP for outbound connections (everything gets NAT'd to the default IP). You can do redirection (portforwarding) differently for each external IP, so you can direct traffic on multiple IPs to multiple web servers, etc, it's just that when anything inside the network opens an outbound connection that is not part of an existing stateful session, then it will use the default IP (which is one of the reasons why I switch to OpenBSD and wrote my own firewall in PF).