Linux firewall

DingleBerry

DingleBerry

DingleBerry

Associate
Joined
19 Oct 2002
Posts
1,731
Location
Cloud Cuckoo Land
I've got a epia I've been using as a mail/subversion server for a while. Since it needs linux reloading on it anyway i thought I might as well set it up as a firewall too. What kind of tools are there about for this kinda thing? I'd prefer to use ubuntu server as a base as I know my way around it. Are there many advantages over just using what ever the router does (i thnk its a netgear of some sort)?

My router has got an internal hub, I guess I'll have to bypass that and use an external one?
 
iptables is the main firewalling tool for linux, however there are many dedicated firewall operating systems, for example IPCop which might be of use to you?

iptables will work fine in ubuntu server, its just a case of learning how to set up rules on the different chains, which can be tricky to grasp at first but there are many GUIs to iptables to make things easier and lots of guides. The basic concept of iptables is that it consists of 3 chains, INPUT, FOWARD and OUTPUT each of which you set up rules for, which dictate how packets behave on the network.


Not to sure on how it compares to your routers firewall, but i would imagine it would give you a lot more control over what the firewall does. However if your already behind a NAT thats a fair level of protection already implemented.

Hope thats some help.
 
Have a look at Smoothwall or m0n0wall. Both are dedicated firewall distros, based on Linux and FreeBSD respectively, on which you'd be able to install your server apps.
 
Since you want to run mail/subversion a dedicated firewall distro will probably not be your first choice, but I still want to mention Endian Firewall that I came across last year.

I had been running smoothwall for many years and now run Smoothwall (2 fixes 8) and Endian side by side (for different subnets). I like them both but Endian has so many options I like, e.g. content filtering, time restrictions, http and ftp antivirus. You can probably set this all up in Smoothwall and it might even be in a version newer than 2.



ikapod
 
I always liked IPCop tbh. But all these router distros are much of a muchness.

I had an old K6-2 box I set up as a router a while back, but I put debian on it so I could have a web and samba server running on one of the subnets too. Just depends what you want really.
 
You must log in or register to reply here.
Back
Top Bottom