Best firewall gateway version of Linux ?

[Bob Edwards]

Matthew Hawkins wrote:
> 
> On Wed, 13 Feb 2002, Alex Satrapa wrote:
> > I've been working on a Debian-based box with webmin and a couple of
> > scripts that I've pared down from the SmoothWall installation (the ones
> > responsible for doing the dial-up/disconnect from a web page).
> 
> Reading the doco on Gibraltar, I think an excellent thing to do would be
> to add a web based interface to it.  It'd be real funny to build a
> better one than they ship with the commercial version ;-)
> 
> Another neat thing to do would be to make it bootable from floppy, so
> systems without bootable cd-rom support could run Gibraltar.  Perhaps
> the quickest way would be to use one of those MS-DOS utilities for
> booting from cd-rom, and drop FreeDOS on a floppy and use that.  That
> would hopefully still leave enough room on the floppy for the config
> files that need to be there, and hence no disk swapping would be
> necessary.
> 
> --
> Matt

Some of our key routers boot entirely diskless off of an internal
fileserver (which obviously needs to be configured to not need
internet access in order to get going!). No floppy, CD-ROM, hard disk
etc. Simple enough to set up but not good for Ma & Pa, who probably
don't have a file server they want to leave running all the time.

For older machines, or for network interfaces with no boot ROM support,
it is necessary to boot from a floppy to get the network boot loader
up and running.

Uses BootP/DHCP, TFTP (not the standard one, though!) and Etherboot.

As for Web-based admin - forget it. All done with vi on the file server.
The routers pull down a specially configured kernel and initial RAM disk
and don't otherwise mount any other file systems. They log to a logging
host (which could be the boot-up file-server!).

Cheers,

Bob Edwards.