Re: decent non-embeded firewall

Top Page
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Andrew \"Tuna\" Harris
Date:  
To: \"plu>\"@lists.plug.phoenix.az.us>Main PLUG discussion list
Subject: Re: decent non-embeded firewall
Top posting because long email is long.

Did you ever look at Smoothwall? I'm going to implement it for one of my
clients pretty soon.

http://smoothwall.org/

Excerpts from Bryan O'Neal's message of Mon Mar 30 23:17:46 -0700 2009:
> My Netgear FVS318 router/firewall has developed a nasty habit of
> rebooting every time it gets both portscaned and repeated gnutella
> requests (who still runs gnutella anyway?) so I am looking to put in a
> boarder router/firewall to protect it (read replace it if not for the
> lack of an 8 port switch) However the wife will not let my drop an old
> ugly tower were I need it to go. However I do have a box I am using for
> "web tv" purposes that I can toss a firewall on. My requirements are
> simple:
>       * Runs on top of a stranded distribution (Ubuntu, Fedora/CentOS,
>         OpenSuSE, etc) not as a stand alone isolated distribution on
>         dedicated hardware. 
>       * Does port forwarding
>       * Does NAT 
>       * Does Static Routes (Important if I have another router behind
>         it) 
>       * Does Statefull inspection
>       * Does not break IPSec/PFS/L2PT/Etc. 
>       * Does custom black listing
>       * Prevents DoS (Syn flood, ICMP flood, UDP flood, port scans,
>         ping of death, IP spoofing, land attack, tear drop attack, IP
>         address sweep attack, Win Nuke attack, etc) 
>       * Does intrusion detection, preferably with email alerts

>
> Would be nice if it also does:
>       * GUI configuration 
>       * QoS 
>       * DHCP 
>       * IAC (Outbound rules) 
>       * SNMP2 
>       * Decent logging/reporting 
>       * GUI Dashboard 
>       * DynDNS 
>       * Web content filtering 
>       * DNS Proxy
>       * Black list service

>
> Can any one recommend something or am I left to cobble together what I
> can with iptables...
>
> Bryan O'Neal 
> O'Neal & Associates 
> Phone: (602) 295-4356
> Fax:     (602) 795-6050
> E-Mail:  

>
>
> Blogger <http://twitter.com/BryanONeal>
> Twitter <http://mlwtech.blogspot.com/>
> Linkedin <http://www.linkedin.com/in/thebryanoneal>
>

---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss