Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
i prefer to write my own script with a set of iptables (the linux packet filter) rules. have a look at www.netfilter.org or your local documentation for information and examples. there are some tools that will give you a graphical configuration interface too.
I personal prefer PF from OpenBSD many a time I tried to configure iptables but I could n't get it to work. Perhaps I am not very good at this firewall things, but PF worked for me. One big reason is its documentation, which IMO is superb; and it is one thing, that IMHO, is lacking in netfilter/iptables, a good and comprehensive guide with real life examples to get you up and running. Another reason is that PF is human readable and when you write your own scripts they make sense, at least for me.
I'm not trying to start a flame war for this, someone ask for favorite firewall and I stated my opinion and reasons.
Have a good day everyone.
Last edited by blood_omen; 01-14-2005 at 10:23 AM.
Originally posted by blood_omen I personal prefer PF from OpenBSD many a time I tried to configure iptables but I could n't get it to work. Perhaps I am not very good at this firewall things, but PF worked for me. One big reason is its documentation, which IMO is superb; and it is one thing, that IMHO, is lacking in netfilter/iptables, a good and comprehensive guide with real life examples to get you up and running. Another reason is that PF is human readable and when you write your own scripts they make sense, at least for me.
I'm not trying to start a flame war for this, someone ask for favorite firewall and I stated my opinion and reasons.
Have a good day everyone.
I've heard BSD firewalls are easy to understand and to configure, have to get around to having ago at building one.
I like both IPCOP and Smoothwall, out of all the firewalls i've tried so far...Mandrake MNF, Astaro, Clarkconnect, IPCOP and smoothwall, these have been the easiest to setup and the quickest to install, and running in the shortest amount of time (around 15 minutes).
I was using smoothwall before but I chagned over to m0n0 wall about a month ago and I haven't looked back. It doesn't have as many features that smoothwall has (IDS, proxy, etc.) it's just a firewall router. I currently running it on a celeron 500 or something and I'm about to move the install all over to a 40MB compact flash card. I wouldn't recommend it over smoothwall for a networking newb but if you know what your doing or want to learn then the level of control you get with m0n0 is very nice.
i prefer to type iptables rules myself too. i think it is the best way. do it yourself
iptables is not hard that much. it is enough to know how it works and surely network knowladge is necessary. after that u just type the rules such as speaking a language.
I use iptables myself, but you have to be pretty darn good with iptables to make a solid firewall. (which, iptables are not that hard to learn, but there is a lot to block manually).
I use iptables but I configure the firewall using Guarddog, which makes it really easy.
It does everything I need it to do, including letting me open one high-numbered port for administering my domain's webspace. Everything else that isn't specifically opened by me, is blocked by default.
Guarddog's one of the most useful tools I've discovered yet, and I rate it ten out of ten.
Originally posted by walden Whats everyones favorite linux firewall?
I guess iptables. I mean ipchains is old and all. I use FireHOL to help script iptables firewalls. The syntax is easy to learn & understand. I've setup & configured OpenBSD's firewalls using PF and its pretty good. FireHOL's syntax, IMO, is similiar in the ease of use to PF.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.