choosing an affordable firewall for my small network
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
choosing an affordable firewall for my small network
firewalls with big names mean high prices .i have played with some firewalls. and i think there are more affordable solutions out there i'm now inthe rpocess of testing ideco . I am running on CentOS 5.3 x64. any suggestions?
If your not opposed to running a full sized machine as a firewall I would look into PFSense, its by far the best OpenSource firewall/router I've ever used. I'd do that or load DD-WRT on a Linksys or other compatabile router. Keep in mind that there is a known HTTP remote exploit for the older versions of DD-WRT , and a lot of the newer cisco linksys WRT models don't have enough ram to run some of the newer images. Also if you don't mind paying a little more you could also run PFSense off of an embedded PC and a CF card.
I've used them all ,and I agree. Per hardware specs you get more out of PFsense than anything else. I've had the same machine for a router for like two years now, I tried Untangled and it worked, but it was VERY slow on my hardware. I then tried smoothwall which was also VERY slow. I then tried Clarkconnect which was usable and I really like the built in dyndns functions, but it had way to much stuff running, It's really meant for a small office as a DC. So I went to m0n0wall, and I found it to be much faster, but still lacked the extra features I wanted, so I started using PFSense and it's a comfy mix of speed, and functionality for me. I'm sold on PFsense, it's got the ability to run a wireless AP as well and I've been using it as an additional wireless access point in my office at work and it's been up longer than my Netgear Prosafe wg302 which is just a broadcom board running embedded Linux. I've also played with vyatta, but I've not gotten it to work the way I wanted it to.
I guess the best thing is to use old desktop hardware and try to find an opensource firewall/router that works best for your situation.
Does linksys still manufacture that WRTGL series routers that can run on a linux third party firewall like tomato??If it does then i thnk its good to get a WRTGL
ok so i wanted to use pfSense, but figured it is based on FreeBSD, and i wanted something linux-based. so i ended up installing ideco (the one that i was initially testing www.idecogateway.com) and some of the things i liked about is that it allows you to set most firewall rules under Windows and that's something my boss liked thanks for your comments and suggestions!
IPCop and endian
come to my mind. both share common source with monowall aka shorewall.
Might have mixed up mono and shorewall but all of the four mentioned share a family.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.