Best firewall gateway version of Linux ?
rasjidw at bigpond.com
Tue Jan 15 23:03:25 EST 2002
On Tue, 15 Jan 2002 10:30, Burn Alting wrote:
> Hi Guys,
> Don't know if this will create a war, but I'd like to get some idea of the
> most common version of Linux used on as firewall/gateway system (eg
> Smoothwall, etc). I'm assuming the most common would mean the one of the
> better ones.
> Also, how nasty is it to also make the firewall one's mail router
> (sendmail)? This is in the situation that all other nodes within the
> firewall are personal systems which may be running or not, and either
> Linux, Solaris or M$ boxes.
Well Burn, your post certainly generated more responses than I've seen on the
CLUG list for a while! Good to see a lively discussion every now and then.
Most people seemed to recommend either a) not putting a mail server on the
firewall or b) doing your own custom made system.
Personally, I would also recommend not putting your mail server on your
firewall. On the other hand, you may have good reasons for wanting to do so.
If this is the case, and you don't want to build your own system (from
Debian or whatever) then you could probably do worse than the Mitel SME
server, previously E-Smith. (http://www.e-smith.org. Download using rsync
to save bandwidth.) It would make setting up the mail server a piece of cake.
Being a firewall is not the SME server's primary function, and I have never
used it in that capacity, so I can not vouche for it effectiveness. However,
I have been lurking on the e-smith developement list for a while now, and its
core development team seem very security conscious and quite competent.
As a caveat to the above, I will state that we use a SME server at work, but
it currently sits behind two firewalls (one of which is Smoothwall). We are
however, using it as a file-server which is one of its main functions. Why
anyone would make their file-server their firewall is completely beyond me,
but then the SME server is mainly aimed at people who would otherwise be
using Windows NT.
However, I could imagine using the SME server as firewall and mail-server,
with a second firewall between the SME server and the rest of the network.
No-one really answered the 'some idea of the most common version' part of
your question. However, I know that despite moves afoot from Smoothwall to
IPCop, a number of list members use Smoothwall.
Anyway, my 5 cents, for what it is worth.
More information about the linux