Looking for BLOATED firewall -- preferabely ubuntu based.....
UbuntuThis forum is for the discussion of Ubuntu Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Looking for BLOATED firewall -- preferabely ubuntu based.....
Ok so here is the issue. We have many "firewall" linux distros each usually containing the same old stuff (DHCP, webadmin,NAT, so on)...
Well how about a slightly more bloated distro?? Most of current distros can run on minimal hardware (300mhz/128MB RAM is fine upto 100 users). Hey I am all for that speed and minimalist thought process.
However I believe many of us have PCs that hanging at the 600-1GHZ with 512MB of RAM and with harddrives in the 40-60gig range that we would/do use for firewalls sometimes because we dont have or dont want to use ancient P1s with 96mb of RAM. But imagine if we had a firewall that could do more and could expand at users wish?
So take a firewall like IPCop. Now say it was based on Ubuntu. So Joe Smchmoe decides to use that 40GB extra space for some minor file storage. Few commands later (sudo apt-get install...) BINGO he has a small file server. Limit it your local network and BAMN its easy to use, fast, and not too bad in the security end. Then hey lets do a little Music streaming with GNUMP3...BAM its up!
Anybody following me here? Blunty put: A firewall used for more than just routing.
Definitaly a much greater security risk but nonetheless its one that is more calculated.
I would strongly prefer it to be Ubuntu or at least debian based because these distros are my overall favorites (but they do have their shortfalls also)
Oh and one last thing: IT NEEDS/MUST BE FREE.
thinking it over i realize that its more of a media/etc PC with firewall capabilities.. But nontheless the question still stands.
What are you trying to say, Ubuntu can't already do that? All the linux distros that I know of can do what you want. So what is the the problem, just do it.
The PC i'm using now is a Firewall, router, file server and music streamer for my network, and it's also my dosktop PC. I think you'll find iptables rocks :P
What are you trying to say, Ubuntu can't already do that? All the linux distros that I know of can do what you want. So what is the the problem, just do it.
But how many of them come with little overhead? Most distros are often too bloated. Why do I need X if all my administration is done remotely? Or Gnome? you see my point?
Also how many of them have a Web Administration panel? On how many of them can you update remotely without spending a hour trying to configure it?
And the features go on on that these distros by default dont have.
@binary...
One of the reasons/requirements for something like this is that it has to be stand-alone. Whats the point of leaving a desktop on 24/7 that provides all the services but wastes 3 times the energy? I not against per-say but at the same time I want a standalone box. Also what happens when the load gets higher (ex. You start playing Doom 3)? You cant expect that same performance.
It should be something I could put say in my basement or attic.
The machine works well as a firewall/router, even under heavy load (eg, playing games, or recompiling the kernel). Obviously the file server performance does decrease when doing those things, but for my needs it performs fine.
(Pentium 4 @ 8.2GHz
512MB DDR RAM
180GM HDD
1Gb/s Ethernet)
As I don't have an old machine lying around anymore (gutted it for parts a while ago), this setup works fine for me.
There is an Ubuntu server ISO that you can use to set-up a standalone box, but you have to install webin separately (explained in this thread)
but it's not hard to setup. You can setup your server to run automatic updates in a few ways, one quick and dirty was is to set-up a cron job, or just install SSH, easy remote admin there.
The machine works well as a firewall/router, even under heavy load (eg, playing games, or recompiling the kernel).
But you must agree as soon as you have a load of say 7-15 computers/devices you may start to experience noticable speed lag. Now drop the overall lan to 100Mbs rather than 1Gbs and you will probably think twice. But who knows maybe not.
Also webmin is a FAR FAR cry from the format of IpCop and Smoothwall's web interface. I have used webmin and while it has many many merits its still not the type of interface I would call excellent. Decent yes but it needs some fixing. But thats another story. Suffice it to say that Webmin at its current stage would not do at least not for something of this nature.
I not trying to be a flamer here just wanted to point out my opinion. How many people would IPCop and Smoothwall have if they had a interface that was lacking majorly? or one that was not made for it?
Besides once again many of us just because of reason X (replace with whatever sensible reason you got) want that standalone box. The box we can count on to be there. Whereas a desktop PC could crash because that cutting edge game didnt run through wine or you have to leave your place disconnected whenever you wanted to test out some other distro or whatever.
The ability to drop a computer into a network regardless of OS (Linux or Windows) that could print, go online, listen to music, and be protected at the same time without having to modify it for over 5 minutes is beautiful. Worst case scenario a small script on a CD/Floppy/USB/Email/or whatever you favorite medium for distrubtion is could do some of the dirty work in 30seconds.
Now hows that for an idea? Maybe I am dreaming here but I for one see a great potential here for something like this.
In fact I may just start to work on something like this. I have several computers laying around (need some parts though) and I have a 5X5 room which could serve as a nice lab for me.... hmmm...
Linux is Linux. Start with the distro you prefer for your firewall and just add whatever else you need/want and basically build your own distro. Then you'll have exactly what you want.
Agreed. Thats fine for single guy who has several days to research what he wants and then hand code it so that is fits whatever he wants. But what about later?
*2 weeks later*
... you know lets try out a adding file server. Ok lets see here here and here.....
*6 hours later*
ARRGH! Why cant my clients connect???? Where did I make that mistake??!!?
-----------------------
Whereas in something like this he could just click for example, other services--> install--> file server --> select one from list (samba,ftp, etc...). Click click type name and DONE!
Besides what happens if you want to duplicate your setup 4 weeks later for your buddy who wants something like this?? More than likely you forgot many things in the process and need to learn most of it again. Like remembering 500 lines of code all in your head.
Sure custom builds are great but the problem with custom is that it is custom with no standards to adhere to.
But how many of them come with little overhead? Most distros are often too bloated. Why do I need X if all my administration is done remotely? Or Gnome? you see my point?
Have you heard of the Ubuntu Server iso? You don't need to install X. And no, I don't see your point. If all you want to do is click your mouse, then use Windows, or you could make your own scripts and document what you did so you will remember down the road, or you could wait for someone to do this for you.
Microsoft release plenty of crap. But often its on the right track with the wrong coding and testing. Linux often uses Microsoft ideas and then deploys them properly.
IF you consider every system administration task MUST be done in the commandline then go ahead and stay in the dark ages.
Why the heck would I want to hand create the DHCP server file when I could simply used a application that could more easily portray my options and I could be done in 2 minutes rather than ten?
Honestly whenever I read about linux people being assholes I often think "No way! They are always pretty good" until today when I read you post.
To sum it up, you are all for making Linux a pain in the ass the learn and use. You must feel great!
Basically, You've got to do it the way it has to be done. If you don't like it, change it. Or as the previous poster says, go and use Windows.
I appreciate that it's frustrating but you've got to remember that linux has a different policy to windows and things are done differently. The amount of servers that use linux are so great that perhaps the developers deem it doesn't need to be easier.
Last edited by extrasolar; 09-04-2006 at 03:58 PM.
Have you heard of the Ubuntu Server iso? You don't need to install X. And no, I don't see your point. If all you want to do is click your mouse, then use Windows, or you could make your own scripts and document what you did so you will remember down the road, or you could wait for someone to do this for you.
Oh and one last thing: You want to tell me that Ubuntu Server ISO has little overhead..... hmmm... sure definitely less than the Desktop CD but lets see it compare to a 50mb power of Smoothwall or the 43mb of IPCop?
You have got to be kidding me. Ubuntu Server has hundreds of packages that are useless (at least for this application) and take up space and processing power. Besides who wants to download 600 meg iso just so that they can get rid of the junk?
People much rather download a 200mb ISO and install it and have it ready to go.
It easy to see that you dont understand the concept of a standalone, low-overhead, multi-function box. It needs to be fast and efficient.
Basically, You've got to do it the way it has to be done. If you don't like it, change it. Or as the previous poster says, go and use Windows.
I appreciate that it's frustrating but you've got to remember that linux has a different policy to windows and things are done differently. The amount of servers that use linux are so great that perhaps the developers deem it doesn't need to be easier.
I have been using MS-DOS since I was 6. My first command I learned was "cd" aka change directory. Then once Windows 3.1 came around I was on it. And so on and so forth.
But when I ditched Windows two years ago I came to linux with a goal to make it easier to use. Sure its pretty easy to understand if you have be breathing linux since you were a kid but not all of us had that.
My dad has been working at Microsoft as a technician for 15 years. Rarely does he use GUIs. Mainly its commandline because commandline is great.
But when he does use GUI realizes that it has its place in world too. As soon as one is released that does whatever he used to do in the commandline he uses it. That saves him time. Besides the guy is 55 years old and he sick and tired of computers. He is not going to be wasting his time in the commandline when he can do the same in 2 minutes.
I guess thats one of the reasons I want to work with linux to help it achieve a its full potential.
As for guis I am not saying we all must deploy X and use that with GTK and etc. No. I am looking for at least something that is straight forward.
Guis in a terminal are great. Heck even simple question interfaces can get the job done.
But when I ditched Windows two years ago I came to linux with a goal to make it easier to use. Sure its pretty easy to understand if you have be breathing linux since you were a kid but not all of us had that.
Nope, I am almost as old as your father, been only using linux about 4 years.
Quote:
I guess thats one of the reasons I want to work with linux to help it achieve a its full potential.
Well, as I stated in my other thread, then do something about, and I am sure alot of people will appreciate you for your contribution.
Quote:
Oh and one last thing: You want to tell me that Ubuntu Server ISO has little overhead..... hmmm... sure definitely less than the Desktop CD but lets see it compare to a 50mb power of Smoothwall or the 43mb of IPCop?
Nope, didn't say that at all. If you had read my post and some of the others, you would have read that about any distro can be customized to your liking and even to a small size.
Quote:
It easy to see that you dont understand the concept of a standalone, low-overhead, multi-function box. It needs to be fast and efficient.
I understand this quote just fine, thank you. When you become defensive in your posts, then you start mistating what someone has said.
Quote:
Honestly whenever I read about linux people being assholes I often think "No way! They are always pretty good" until today when I read you post.
To sum it up, you are all for making Linux a pain in the ass the learn and use. You must feel great!
You can call me all the names you want, I am a big boy and can handle it, but keep everbody else out of your litlle hissy fit.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.