advise on a linux firewall 2

[feshangi]

i would like to setup a linux firewall on my network to block some unwanted ports and direct some particular ports to particular servers. i looked at firewall-jay.sf don't know if it's a best option for me to go with since it goes on top of another linux os. i also looked at IPCop and i liked this one because it's one linux software which contains os and firewall. i am lost and don't know what kind of firewall do i need! all i want to do with this firewall is to be just a good firewall box and nothing else!

i would really appriciate if someone can give me some advice.

have a happy new year,

mike

 

[thedaver]

Jay's firewall is just another friendly interface to the configuration of the IPTables controls which are at the heart of modern linux firewalls. If you don't care for Jay's firewall config tool, find another that suits you. But don't confuse the OS and the firewall utility.

The firewall configuration is an application much like a printer config or graphics config. The IPTables rulebase is what gets configured based upon your NICs, port preferences and desired outcomes of routing logic.

There really isn't a linux OS that is purely firewall - to draw a similarity to Cisco's IOS. However, there are instances where a linux distribution has been stripped down to provide the barest elements of support to run firewall services in the most memory efficient manner (sometimes not requiring a disk drive). These are the kinds of factors you should also weigh.

I would guaranty that Jay's firewall would do the job if you'd try it.



Hosting Solutions for Home or Business.

http://www.surfinbox.com/hosting/

 

[feshangi]

appriciate you help. I am going to install Jay's firewall and try it out.

 

[Eddiefdz]

If you are looking for a great linux firewall take a look at

http://m0n0.ch/wall.

By the way, those are zero's on m0n0. This is by far the best linux based firewall that i have ever used. I have tried all sorts such as ipcop, smoothwall, jaysfirewall, etc.. Chcek this out and let me know if you need any help.

Enjoy!

Eddie Fernandez
CCNA, Network+, A+, MCP

 

[feshangi]

Eddiefdz, you just made my day

I like this one a lot and looks like exactly what I was looking for. I really like how it looks. Very user friendly. Do you think a Pentium I, 64 MB RAM, 2.5 GB HD, 2 ISA NICs would be good enought or should I use a better box? What I like about this box is it's very little so I can fit it next to my server but if you think I have to use a better box I will do so.

Thanks for the link

Mike

 

[marsd]

Whoa.
ISA nics? You are looking for pain on a modern network.
Please get some modern hardware.
Your server machines will thank you and so will the
support guys.
I had an older 486 that I used with 2 nics as fw/router
and one of the nics went bad and started flooding the
network wiith bad traffic. There were almost no errors
in ifconfig. Lesson: These boards and drivers are
legacy stuff and will not scale and do not have the kernel
support that allows you to make good decisions about their
condition most of the time.
If you can't pick up a P120+ -w- three free pci slots for less than a $150 you are in a bad place.

 

[feshangi]

Thanks marsd,

My other box which I can use is a Pentium II, 192 MB of RAM, 20 GB HD, Few PCI Slots, and over all a better hardware.

The box that I mentioned earlier has only one PCI slot and 3 ISA slots.

Mike

 

[feshangi]

i installed m0n0 firewall and it can't be any better. i am so happy with it. thank you Eddiefdz for telling me about this amazing firewall.

thanks,

mike