Whats everyones favorite linux firewall?

Shorewall

i prefer to write my own script with a set of iptables (the linux packet filter) rules. have a look at www.netfilter.org or your local documentation for information and examples. there are some tools that will give you a graphical configuration interface too.

sl mritch.

Hi,

I like IPCOP. That's a linux distro firewall oriented and you can easily configure it through a web interface

Oliv'

I personal prefer PF from OpenBSD many a time I tried to configure iptables but I could n't get it to work. Perhaps I am not very good at this firewall things, but PF worked for me. One big reason is its documentation, which IMO is superb; and it is one thing, that IMHO, is lacking in netfilter/iptables, a good and comprehensive guide with real life examples to get you up and running. Another reason is that PF is human readable and when you write your own scripts they make sense, at least for me.

I'm not trying to start a flame war for this, someone ask for favorite firewall and I stated my opinion and reasons.

Have a good day everyone.

Firestarter is nice for the simplest of setups. Anything more then *really* basic, I use Shorewall.

Jeremy

I've heard BSD firewalls are easy to understand and to configure, have to get around to having ago at building one.

I like both IPCOP and Smoothwall, out of all the firewalls i've tried so far...Mandrake MNF, Astaro, Clarkconnect, IPCOP and smoothwall, these have been the easiest to setup and the quickest to install, and running in the shortest amount of time (around 15 minutes).

I was using smoothwall before but I chagned over to m0n0 wall about a month ago and I haven't looked back. It doesn't have as many features that smoothwall has (IDS, proxy, etc.) it's just a firewall router. I currently running it on a celeron 500 or something and I'm about to move the install all over to a 40MB compact flash card. I wouldn't recommend it over smoothwall for a networking newb but if you know what your doing or want to learn then the level of control you get with m0n0 is very nice.

i prefer to type iptables rules myself too. i think it is the best way. do it yourself
iptables is not hard that much. it is enough to know how it works and surely network knowladge is necessary. after that u just type the rules such as speaking a language.

as mritch sugested www.netfilter.org is the start point.

good luck.

Another wote for PF. It is my firewall of choise!

I use iptables myself, but you have to be pretty darn good with iptables to make a solid firewall. (which, iptables are not that hard to learn, but there is a lot to block manually).

In the future I want to try to learn Shorewall.

I use iptables but I configure the firewall using Guarddog, which makes it really easy.

It does everything I need it to do, including letting me open one high-numbered port for administering my domain's webspace. Everything else that isn't specifically opened by me, is blocked by default.

Guarddog's one of the most useful tools I've discovered yet, and I rate it ten out of ten.

I guess iptables. I mean ipchains is old and all. I use FireHOL to help script iptables firewalls. The syntax is easy to learn & understand. I've setup & configured OpenBSD's firewalls using PF and its pretty good. FireHOL's syntax, IMO, is similiar in the ease of use to PF.

Pure and simple IPTABLES scripting