Best firewall gateway version of Linux ?

Alex Satrapa grail at
Tue Jan 15 12:32:07 EST 2002

On Tuesday, January 15, 2002, at 10:30 , Burn Alting wrote:

> Don't know if this will create a war, but I'd like to get some idea of 
> the
> most common version of Linux used on as firewall/gateway system (eg
> Smoothwall, etc). I'm assuming the most common would mean the one of the
> better ones.


> Also, how nasty is it to also make the firewall one's mail router 
> (sendmail)?

Erase that meme!  That's a very dangerous thought!

The firewall should be *only* a firewall.  You'll find the rules get 
complex enough *without* running services on it.

My ADSL connection connects to my masquerading ipchains firewall (Debian 
GNU/Linux - woody).  One of my friends uses iptables, and his rules are 
a lot simpler, since the iptables stuff allows for things like "allow 
incoming packets that are part of an established connection."

My mail/web/zope/whatever servers run on a separate machine.  The 
firewall does its DNS lookups through the internal name server.  The 
only service visible from the outside world is SSH.  I'm not even sure 
that's safe.  After all, I put the network together, and I don't really 
know what I'm doing.

If your mail "router" (Mail Transport Agent, or Mail Delivery Agent?) is 
only used for sending mail outwards, it can quite happily live inside 
your network.  I don't have a domain of my own, so my "mail server" is 
quite happy to live inside.  I use fetchmail to collect mail from my 
"permanent" mailboxes.


More information about the linux mailing list