Best firewall gateway version of Linux ?

Rasjid Wilcox rasjidw at bigpond.com
Tue Jan 15 23:03:25 EST 2002 

On Tue, 15 Jan 2002 10:30, Burn Alting wrote:
> Hi Guys,
>
> Don't know if this will create a war, but I'd like to get some idea of the
> most common version of Linux used on as firewall/gateway system (eg
> Smoothwall, etc). I'm assuming the most common would mean the one of the
> better ones.
>
> Also, how nasty is it to also make the firewall one's mail router
> (sendmail)? This is in the situation that all other nodes within the
> firewall are personal systems which may be running or not, and either
> Linux, Solaris or M$ boxes.
>

Well Burn, your post certainly generated more responses than I've seen on the 
CLUG list for a while!  Good to see a lively discussion every now and then.

Most people seemed to recommend either a) not putting a mail server on the 
firewall or b) doing your own custom made system.

Personally, I would also recommend not putting your mail server on your 
firewall.  On the other hand, you may have good reasons for wanting to do so. 
 If this is the case, and you don't want to build your own system (from 
Debian or whatever) then you could probably do worse than the Mitel SME 
server, previously E-Smith.  (http://www.e-smith.org.  Download using rsync 
to save bandwidth.)  It would make setting up the mail server a piece of cake.

Being a firewall is not the SME server's primary function, and I have never 
used it in that capacity, so I can not vouche for it effectiveness.  However, 
I have been lurking on the e-smith developement list for a while now, and its 
core development team seem very security conscious and quite competent.

As a caveat to the above, I will state that we use a SME server at work, but 
it currently sits behind two firewalls (one of which is Smoothwall).  We are 
however, using it as a file-server which is one of its main functions.  Why 
anyone would make their file-server their firewall is completely beyond me, 
but then the SME server is mainly aimed at people who would otherwise be 
using Windows NT.

However, I could imagine using the SME server as firewall and mail-server, 
with a second firewall between the SME server and the rest of the network.

No-one really answered the 'some idea of the most common version' part of 
your question.  However, I know that despite moves afoot from Smoothwall to 
IPCop, a number of list members use Smoothwall.

Anyway, my 5 cents, for what it is worth.

Rasjid.

More information about the linux mailing list