[PLUG] Firewalls
Jason Kirtland
plug at lists.discorporate.us
Wed Nov 30 00:15:54 UTC 2005
fh wrote:
> Anybody using a dedicated Linux box as a firewall? [...]
> I'd love to hear the good and bad, the recommendations
> and caveats, etc.
> Also: Which package? Hardware requirements? Maintenance issues?
I run a LEAF Bering-uClibc firewall. It uses shorewall for firewall
configuration and hosts a few extra services like traffic shaping, DNS
and OpenVPN. LEAF is pretty easy to get running. It can run from
floppy, CD, hard drive, compact flash, etc., and doesn't need much RAM.
http://leaf.sourceforge.net/bering-uclibc/
I run it on a little fanless Soekris 4801 from compact flash. It
connects 6 network segments, including wireless, 2 DMZs and a VPN. I
pretty much never have to fuss with it. It's easily the most flexible
& yet worry-free server I've ever put together. It replaced a regular
distro on regular hardware firewall that was too far from worry-free
for my taste.
I might suggest trying out a floppy install first regardless of what
media the firewall will actually use, as the docs are geared toward
floppies. The rest is pretty simple once you grok the LEAF package
setup & lifecycle.
-Jason
More information about the PLUG
mailing list