Best firewall gateway version of Linux ?
Alex Satrapa
grail at goldweb.com.au
Tue Jan 15 12:32:07 EST 2002
On Tuesday, January 15, 2002, at 10:30 , Burn Alting wrote:
> Don't know if this will create a war, but I'd like to get some idea of
> the
> most common version of Linux used on as firewall/gateway system (eg
> Smoothwall, etc). I'm assuming the most common would mean the one of the
> better ones.
OpenBSD.
> Also, how nasty is it to also make the firewall one's mail router
> (sendmail)?
Erase that meme! That's a very dangerous thought!
The firewall should be *only* a firewall. You'll find the rules get
complex enough *without* running services on it.
My ADSL connection connects to my masquerading ipchains firewall (Debian
GNU/Linux - woody). One of my friends uses iptables, and his rules are
a lot simpler, since the iptables stuff allows for things like "allow
incoming packets that are part of an established connection."
My mail/web/zope/whatever servers run on a separate machine. The
firewall does its DNS lookups through the internal name server. The
only service visible from the outside world is SSH. I'm not even sure
that's safe. After all, I put the network together, and I don't really
know what I'm doing.
If your mail "router" (Mail Transport Agent, or Mail Delivery Agent?) is
only used for sending mail outwards, it can quite happily live inside
your network. I don't have a domain of my own, so my "mail server" is
quite happy to live inside. I use fetchmail to collect mail from my
"permanent" mailboxes.
Alex
More information about the linux
mailing list