[clug] Home Firewall dedicated OS
ianmcleod75 at gmail.com
Tue Aug 25 23:38:57 MDT 2009
So either Shorewall or Clark Connect will be fine then - and don't
customise it... All I want is a gateway / router / VPN server... So
these things are save to expose directly to the Internet then - or no
less safe than my NAT / firewall Billion modem sitting directly on the
Internet. Updated Snort and firewall systems does sound like an
improvement though - compared to the basic firewall on my modem..
What about VoIP and wireless? Currently my modem provides VoIP and VoIP
QoS functionality - won't this break if I bridge the modem? We have
Naked ADSL so VoIP is not an option - it's an essential utility.
David Tulloh wrote:
> Ian McLeod wrote:
>> Seems a better solution to set up home VPN is to bridge the modem to
>> a dedicated OS.. Is this a *viable* option in terms of investment in
>> time and maintenance required for the average small home network? And
>> secure enough compared to a hardware firewall and NAT (modem)?
>> Seems there is SmoothWall and ClarkConnect free editions and
>> something called Devil Linux..
>> Any experience with these things? Not concerned with philosophical
>> implications of a commercial company vs puritan GPL or whatever, just
>> something that is free and works well and is relatively easy to set up.
> I used the free version of Smoothwall for several years and was happy
> with it, I was using it as a gateway/firewall/nat router, I never
> explored any VPN options.
> The installation and setup was very simple, management was done
> through a web interface. It was very much like a modern modem or
> router to run.
> My only criticism was that I had to manually update it, it would
> indicate when updates were available but only if I actually looked at it.
> Keep in mind that these distros are good firewalls but aren't really
> designed for general use, I recall the updates would happily replace
> configuration files you shouldn't have changed. So if you are trying
> to do something that the distro isn't designed for (web hosting, file
> serving or whatever it doesn't support) you should probably go with a
> more general choice.
More information about the linux