[KLUG Members] Which Linux Firewall?

[Bruce Smith]

> Check out http://www.smoothwall.org 

Very slick and easy to setup.  All configuration is web based.

I've set it up twice for home networks.  Once on a dialup like
you described, and once with 2 NICs for a cable modem.

The smoothwall box has to be DEDICATED (no users doing anything else)
and the machine you have is extreme overkill, since a 386 w/16MB can
handle a full T1 connection without delay.  

You box will certainly do the job, and you can turn on some extra
services, like squid proxy, to help use some of your extra CPU cycles.
 
> I'm not sure about submitting the log, but the dshield website
> has specs for writing your own client. Someone somewhere will
> probably end up writing a client for smoothwall or the underlying
> firewalling programs it uses. (ipfilter? ipchains? not sure.)
> If smoothwall uses ipfw, there appears to be a linux client for it.

smoothwall uses ipchains.  There is a new fork of smoothwall that 
uses ipfilter in the works that I'm going to keep an eye out for.

I don't recall ever seeing a builtin interface for either web 
site, but then again, I never looked.   :-)

> Would the smoothwall expert kindly chime in now? :)

I don't consider myself an expert (even though I demo'ed it
at a recent KLUG meeting).  But I like the package, I use it 
at home, and I've installed it in dialup and broadband
environments both.

--------------------------------------------
Bruce Smith                bruce@armintl.com
System Administrator / Network Administrator
Armstrong International, Inc.
Three Rivers, Michigan  49093  USA
http://www.armstrong-intl.com/
--------------------------------------------