Best NAT/Firewall program?

[PowerMacG5]

Okay, here it goes. I plan on setting up a home network soon, and do not want to use a router/switch. I would much rather put a spare computer to use. I would like to set it up as a router/gateway/firewall, and was wonering what software is the best to do this. I will have 2 ethernet's in this computer, 1 to the cable modem, and the other to the switch for the network. What software would be the best for my needs? I need it to provide a firewall, and router functions (at least port forwarding). I read somewhere that Freesco is a good program, is this true? The computer will probably be running Windows, but if I need to, I will use Linux (But prefer to use Windows). I know that freesco will run off of a bootable floppy, so the OS is not an issue. SO my question still stands, what is the best software with firewall/NAT/routing abilities that would best suit my needs? Thanks for all of the help.

<Edit> Also, preferrably the software should be free. </Edit>

 

[FoBoT]

i prefer ClarkConnect Linux
it is easy to install and has a web interface to make setting changes, work great!!

freesco is fine too, but doesn't have the cool web statistics and graphs like clarkconnect
also, freesco doesn't have snort (instrusion detection)

 

[PowerMacG5]

FoBoT, I have one question. I looked at the ClarkConnect webpage, and I must say I'm impressed. I noticed that their are 2 version, pay and free. Do you know what the differences are? Also, I plan on doing online gaming so do you know if Port Forwarding is available in the free version? Thanks for the help.

 

[Kartajan]

from the site:

ClarkConnect 1.1 is the free version of the ClarkConnect Office 1.1 product. This version of the product does not include Tech Support, VPN configuration, antivirus trial software, content filtering, optimizations for Pentium servers, and wireless support.

 

[cct]

I use http://www.astaro.com/
Its got every conceivable Firewall toy you could dream of.
Also licencse is free to home users

 

[Woodie]

SmoothwallSmoothwall

A linux based, web-based management FW, still in current development. Free version available.

Also packetfilter, a BSD-based firewall.

Note that non-dedicated firewalls like these will degrade performance to some degree, especially if the CPU is less than a P2-350. YMMV.

 

[n0cmonkey]

Originally posted by: Woodie
SmoothwallSmoothwall

A linux based, web-based management FW, still in current development. Free version available.

Also packetfilter, a BSD-based firewall.

Note that non-dedicated firewalls like these will degrade performance to some degree, especially if the CPU is less than a P2-350. YMMV.

Performance degredatioon is not a factor on most consumer lines, depending on what you are doing. Smaller machines can easily handle larger bandwidths. Of course, if you have a large number of clients behind the firewall or a huge amount of connections you will need a larger machine to handle the state better. But my p133 was handling my 768/128 DSL pretty well until the hard drive died. Atleast thats my experience and the experience of plenty of other people that have written books and whatnot on the subject, and every situation is different.

Another vote for packetfilter. Nothing is better in my opinion, especially in the free software arena.

 

[Woodie]

Hmm, well in our area w/ 1500/128, d/ls are somewhat slower w/ the older hardware in the loop. Based on d/l testing at dslreports.com...
In normal use, it's not too noticeable. The exception was playing certain games would bury the FW, ending up by booting the player off the game, at which point the FW utilization would drop, and connectivity would return. My guess is that the game generated many connections, and that's what buried the FW.

Not exactly comparable, but just FYI: My quad PPro 200 running W2K AS takes about 200K off my connection speed test when it's used as a router. (Not ICS). That is, the server gets a particular speed (~1000K), and the client (behind the server) gets ~800K, to the same site, immediately following.