Best firewall gateway version of Linux ?

Simon Haddon simon at sibern.com.au
Tue Feb 12 13:37:03 EST 2002 

I use IPCop and find it really good.  There was one minor configuration 
issue that took 2 minutes to fix and it has been rock solid since.

>>>>>>>>>>>>>>>>>> Original Message <<<<<<<<<<<<<<<<<<

On 12/02/02, 10:36:11 AM, Michael James <michael at james.st> wrote regarding 
Re: Best firewall gateway version of Linux ?:


> A couple of friends want to surf their Transact line from both a Mac and 
a PC. it would be handy but not nessessary to connect both at the same 
time.

> I plugged everything, Mac, PC, settop box, and printer into a hub.
> Each could connect but not simultaneously.

> Now I CAN connect twice through the same VDSL modem.
> >From a Redhat and a Suse box simultaneously.
> This only works to Netspeed, Webone won't wear it.

> Differences are they have the settop box,
>  I have the Marconi FLX modem.
> Also they are using the transact supplied software,
>  I'm using roaring penguin and smpppd.

> Originally I thought a linux connection server would be overkill
>  but it would also provide firewalling (and printer sharing).
> BUT it would have to really be stable, setup and forget. For years.
> They don't want the hassle, I don't want the work.

> So, in the fast-moving world of Linux,
>  (150Meg of patches since Suse7.3 came out)
>  can a box firewall itself well enough to survive unpatched.

> Using ipchains it's easy to setup a firewall
>  that allows only outgoing connections.

> Suse with reiserfs seems pretty immune to power-cycling,
>  (which is how they would fix any hangups).
> And the new Suse firewall has options to protect itself from attacks
>  even from the interior network.

> Smoothwall and gibraltar are also attractive,
>  just a CD, no writeable media.
> Power-cycling puts them into a known state.
> User upgradeable, just insert the new CD.

> Is linux ready to power the maintenance-free black-box internet 
appliance?
> --
> A right not exercised is a privilege
> a privilege not exercised is illegal.

> Michael James                 michael at james.st
> 8 Brennan St                  Phone: +61 2 6247 2556
> Hackett, ACT 2602             Mobile: +61 4 1747 4065
> AUSTRALIA                     Fax: +61 2 6278 0011

More information about the linux mailing list