Firewall...?

ziggy1621 · 12-23-2005, 01:21 PM

Merry christmas to all...

I just picked up an old box from a client. Its got an AMD-K6 MMX, so guessing its gonna be about 233Mhz. It has a 4 Gb hard drive in it also.

I know its plenty good for a firewall program, so my question is WHAT firewall program and which version of linux should I run it on?

What are the suggestions from the forum?

thx in advance,

ziggy

win32sux · 12-23-2005, 04:02 PM

well, the linux kernel (v2.4/v2.6) standard firewall is netfilter... the tool to configure it is iptables... you will have these pretty much regardless of which distro you choose... most "firewall programs" you see are just front-ends for iptables...

http://netfilter.org/

http://iptables-tutorial.frozentux.n...-tutorial.html

so basically what i'm trying to say is that as long as you have at least kernel 2.4 you can use any decent distro on that box in order to have a cool firewall...

some iptables front-ends you might like:

http://www.shorewall.net/

http://www.simonzone.com/software/guarddog/

http://www.fs-security.com/

but if you're comfortable working from the command-line your best bet is to forget the front-ends and just write your own iptables script...

PS: merry christmas to you also...

ziggy1621 · 12-23-2005, 04:20 PM

thx alot dude! That gives me some "Holiday Reading" to do.

ziggy

alaskazimm · 12-23-2005, 05:17 PM

One other thing you could do with an old, slow comp is to make it a stand alone firewall. There are a couple of distros that do this - Smoothwall and IPCop to name just two. They would run just fine on that hardware.

Currently I'm running Smoothwall on a P3 700 mhz which is really overkill but it was the only old comp I could get for free. So a K6 should do fine.

www.smoothwall.org
www.ipcop.org

2damncommon · 12-23-2005, 09:56 PM

I have run both Smoothwall and IPCop at various times on my Pentium 100, 32MB RAM, 1GB hard drive (upgraded from 512MB).
They have worked great for my small home network. I added a wireless router/access point a few months ago.
If you are talking stand alone firewall either is worth checking out.

amosf · 12-24-2005, 06:39 AM

Smoothwall here on a P166/32... Easy firewall.

win32sux · 12-24-2005, 06:54 PM

there's also Devil Linux: http://www.devil-linux.org/ MWAHAHAHAHA!!!

i've also read great things about clarkconnect (though i've never used it): http://www.clarkconnect.com/

there' like tons of gnu/linux distros made specially for gateway servers... but if all you need is a firewall then any generic distro will be fine... slackware, debian, fedora, you name it...

PS: there's also some non-Linux (BSD) options which seem interesting, such as: http://www.m0n0.ch/wall/

ziggy1621 · 12-24-2005, 07:45 PM

Well I have taken alaskazimm's advice and went with smoothwall... So far I like it. As said in this post, it looks easy. And I see it has many other options bundled into it. More specifically excited about Snort.

thx again. I'll post if i get stuck.

alaskazimm · 12-26-2005, 11:16 AM

Glad to help!

Smoothwall also has support forums that are worth checking out if you haven't already.

ziggy1621 · 12-26-2005, 12:00 PM

Will do! I'm guessing that the configuration part of the firewall is based on iptables rules. Does anyone know of a good tutorial? I'm using an old one, just because it was the most basic for me to jump into, now that I have HOW the rules are written, I want to learn some of the more advanced reasons why you would want rule X in chain Y.

Thanks again,

ziggy

win32sux · 12-26-2005, 02:44 PM

seems like their webserver is currently down, but's it's probably the most recommended iptables tutorial here at LQ:

http://iptables-tutorial.frozentux.net/

http://freshmeat.net/projects/iptables-tutorial/

EDIT: just realized this tutorial was already recommended in my first post... =)
either way, in case you haven't looked at it yet because of the web server being down, here's a link to a cached copy on google:
http://64.233.187.104/search?q=cache...-tutorial.html