I need a firewall for testing purposes and I was wondering what's the fastest way to have a linux firewall working... I was thinking in an iptables with a webmin in some fedora... Any suggestion?
Thank you all!
Printable View
I need a firewall for testing purposes and I was wondering what's the fastest way to have a linux firewall working... I was thinking in an iptables with a webmin in some fedora... Any suggestion?
Thank you all!
if it will be a dedicated box (i hope so) for firewall and you arent that good on linux, i recommend this:
www.smoothwall.org
It has Netfilter firewall (a.k.a. iptables), squid, snort, web admin, etc...
its a plug-and-play distro. You can get it also on linuxiso.
However if you want to learn about firewalls, i may advise you to go to netfilter line command interface (iptables) and learn how to use it. I think that configuring a firewall with iptables is very good for understanding how a packet-filter firewall works. Netfilter also can be configured to be a statefull firewall.
If you just need something to pound on, I'd grab a Live linux distro that you like that has IPTables on by default, or just throw Fedora 3, Suse 9.(whatever the latest is), mandrake, etc...one of them, and enable the firewall by default during install. This won't be a completely robust firewall that is tweaked for specific needs, but it will be something to smash your packets against. :D
Hi
A while ago, I was playing around with front-ends, more or less specific to iptables.
It simplifies a lot the configuration of the iptables-rules, so it might be of interest
for you. In my opinion, it is a good starting point in any case (eg. to understand rule-sets)
I started with firehol1].
--> Phish recommended fwbuilder[2]. That's the way to go in my opinion.
There is even another project, vuurmuur[3]
Cheers.
[1] http://firehol.sourceforge.net/
http://www.antionline.com/showthread...hlight=firehol
[2] http://www.fwbuilder.org/
[3] http://vuurmuur.sourceforge.net/
Thank you all... Smooth wall looks good, as the other suggestions ;)
I'm not a begginer in firewalls (i'm not an expert neither!!! :) ) but I always worked with "precooked" ones... Checkpoint, Sonicwall, etc... It will be intresting play around with linux...
One more time, thank you all. Antionline is an excellent community.
... don't overlook IPCop either - a branch off from Smoothwall or the otherway around and another dedicated firewall linux distro.
I have it running here to protect the home network, runs squid, snort, and traffic shaping - not a bad package at all in a 40mb iso. Content filtering via Dansguardian is also available through an addon package, but requires a bit more RAM to keep it all running nice.
Like Smoothwall - it takes around 10 minutes to install - so if you break it by over tweaking - no real harm done, 10 minutes or less and your back up and running.
I installed a smoothwall and it looks very good. Easy to install, to understand and well documented... Very interesting de DansGuardian optin in IPCop, I'll chek it out :)
Thank you.
If you need a firewall on your existing box, if you don't have a spare box, I'd recommend iptables with shorewall, cause shorewall is easy to configure and learns you to handle iptables.
Cheers
If you're looking for a GUI IPtables firewall (something like what Zone Alarm is for Windows) then I'd suggest Firestarter, I won't say I have personal experience with this package but from the site it seems to be a good IPtable configuration solution for people new to Linux.
What I miss in Smoothwall is the ability to restrict outgoing connections...
