Re: decent non-embeded firewall

> My Netgear FVS318 router/firewall has developed a nasty habit of
> rebooting every time it gets both portscaned and repeated gnutella
> requests (who still runs gnutella anyway?) so I am looking to put in a
> boarder router/firewall to protect it (read replace it if not for the
> lack of an 8 port switch) However the wife will not let my drop an old
> ugly tower were I need it to go. However I do have a box I am using for
> "web tv" purposes that I can toss a firewall on. My requirements are
> simple:
>       * Runs on top of a stranded distribution (Ubuntu, Fedora/CentOS,
>         OpenSuSE, etc) not as a stand alone isolated distribution on
>         dedicated hardware. 
>       * Does port forwarding
>       * Does NAT 
>       * Does Static Routes (Important if I have another router behind
>         it) 
>       * Does Statefull inspection
>       * Does not break IPSec/PFS/L2PT/Etc. 
>       * Does custom black listing
>       * Prevents DoS (Syn flood, ICMP flood, UDP flood, port scans,
>         ping of death, IP spoofing, land attack, tear drop attack, IP
>         address sweep attack, Win Nuke attack, etc) 
>       * Does intrusion detection, preferably with email alerts

> Would be nice if it also does:
>       * GUI configuration 
>       * QoS 
>       * DHCP 
>       * IAC (Outbound rules) 
>       * SNMP2 
>       * Decent logging/reporting 
>       * GUI Dashboard 
>       * DynDNS 
>       * Web content filtering 
>       * DNS Proxy
>       * Black list service

> Bryan O'Neal 
> O'Neal & Associates 
> Phone: (602) 295-4356
> Fax:     (602) 795-6050
> E-Mail: Bryan.ONeal@TheONealAndAssociates.com