My Netgear FVS318 router/firewall has developed a nasty habit of rebooting every time it gets both portscaned and repeated gnutella requests (who still runs gnutella anyway?) so I am looking to put in a boarder router/firewall to protect it (read replace it if not for the lack of an 8 port switch) However the wife will not let my drop an old ugly tower were I need it to go. However I do have a box I am using for "web tv" purposes that I can toss a firewall on. My requirements are simple: * Runs on top of a stranded distribution (Ubuntu, Fedora/CentOS, OpenSuSE, etc) not as a stand alone isolated distribution on dedicated hardware. * Does port forwarding * Does NAT * Does Static Routes (Important if I have another router behind it) * Does Statefull inspection * Does not break IPSec/PFS/L2PT/Etc. * Does custom black listing * Prevents DoS (Syn flood, ICMP flood, UDP flood, port scans, “ping of death,” IP spoofing, land attack, tear drop attack, IP address sweep attack, Win Nuke attack, etc) * Does intrusion detection, preferably with email alerts Would be nice if it also does: * GUI configuration * QoS * DHCP * IAC (Outbound rules) * SNMP2 * Decent logging/reporting * GUI Dashboard * DynDNS * Web content filtering * DNS Proxy * Black list service Can any one recommend something or am I left to cobble together what I can with iptables... Bryan O'Neal O'Neal & Associates Phone: (602) 295-4356 Fax: (602) 795-6050 E-Mail: Bryan.ONeal@TheONealAndAssociates.com Blogger Twitter Linkedin --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss