Single linux box with iptables, snort, antivirus and squid proxy

Conzy · 03-16-2017, 10:20 AM

I'm looking to create a single linux box probably running Ubunutu to act as a router/gateway using iptables to implement firewall rules. I would also like to install snort to monitor all the traffic, some anti-virus and probably squid to put my list of bad websites into.. Is it possible to have each of these services running on the same box and for packets to be passed between them then if they pass everything forwarded on to the destination on the LAN. Or would simply running all these services on the same box work?

whynotkeithberg · 03-16-2017, 02:11 PM

yes.. you could have them route through localhost or their own local IP address as long as they're not all utilizing the same ports.

However, I would recommend checking out PFSense. It's a full distribution that can do all of this with much better security & easier management as well as more features. Plus BSD is better as a router/firewall platform than linux. FreeBSD especially has been customized by TelCo's and ISP's to have a quick network stack.

jefro · 03-16-2017, 03:53 PM

Hello and welcome to LQ.

Generally all those programs will run on a single system. You can run any number of physical systems to combine but complex. You can run one single free virtual machine maybe to do all of this too.

I respect pfsense and they do make free versions available as well as hardware that you may wish to consider.

I'd also suggest that you look at other UTM or firewall distro's to consider. I have liked Untangle but others exist.