[KLUG Members] A plea for firewall ideas

Rusty Yonkers therustycook at yahoo.com
Fri Sep 3 12:53:21 EDT 2004

Previous message: [KLUG Members] lpi presentation
Next message: [KLUG Members] copier toner
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

For the firewalls that I have done, I have just used SuSE (8 then 9
then 9.1) and iptables.  I have also used dansguardian for filtering.
 It seems to work well.  The largest one that I put in had like 120
users behind it so I guess it is not a heavy duty stress test but I
did not have any problems.


--- Adam Tauno Williams <adam at morrison-ind.com> wrote:

> > > >If you have ideas for firewall distros for  heavy use (sorry,
> smoothwall 
> > > >and the like won't cut it), let me know. ...
> > > Yes, I'd like to see more about this. What limits do you see,
> Adam? I
> > agree
> > > with the "other" Adam [Williams] that you've gotta be pumpin'
> SOME packets
> > > to swampp this stuff...
> > > Also, (From some lurking DL developer) ... why wouldn't DL face
> the same 
> > > limits?
> > I also am confused about the "limits".  Linux is Linux, if it's
> > smoothwall, Devil-Linux, Debian, SuSE, or whatever.  
> > If a slow Pentium 100-200 Mhz machine can firewall a full T1
> without
> > much noticeable increase in load average, then why can't a
> slightly
> > faster machine firewall a much larger pipe?
> 
> Right, my IBM x300 handles 4 ethernet segments (backbone, internet
> (2 T1s) via
> Cisco router, wireless, & DMZ).  Plus n number of inbound VPN
> connections and
> running as a filtering SMTP relay for inbound messages.  Never
> breaks a few
> percentage points of CPU utilization.
> 
> > Or does "limits" refer to some piece of required software not
> included
> > in smoothwall/ipcop?
> 
> Could be,  I gave up on firewall-specific distros since I kept
> having to work
> around thier limitations or constantly chaninging wierd
> administrative
> mechanisms.
> _______________________________________________
> Members mailing list
> Members at kalamazoolinux.org
> 
> 


=====
Russell C. Yonkers Jr. 
CNE, MCP, A+, CCNA, Linux+, Server+, Network+ certified
-----------------------------------------
Currently using SuSE 9, Mac OS X, Windows 2000, and WinXP 
And yes I run a network at home with Linux and Windows servers
See my personal website http://www.geocities.com/therustycook
Or my consulting site at http://www.atomicsupergeek.com


		
_______________________________
Do you Yahoo!?
Win 1 of 4,000 free domain names from Yahoo! Enter now.
http://promotions.yahoo.com/goldrush

Previous message: [KLUG Members] lpi presentation
Next message: [KLUG Members] copier toner
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Members mailing list