Need a good Linux Firewall

[Ulfwald]

I am looking to turn an old HP Vectra 133 with 128 mb RAM into a firewall.

It has a 4 gig Hard drive, Bootable CD ROM, Pentium 133 Processor, 128 MB RAM, 1 ON Board NIC, 1 PCI NIC.

I like the looks of Smoothwall, but it does not have a GUI like I would like to see. Freesco looks good, but I think it is too simple for me.

Astaro takes more than I have on this PC.

Coyote Linux is downloading right now.

At some point I would like to also add a Wireless card and turn this into an access point and be able to utilize it that way. Any and all help would be greatly appreciated. I may be able to scrounge up a stronger PC here shortly, something with a celeron 300 and 256 mb ram and 20 gig hdd.

 

[Ulfwald]

ok, 12 views and no replies? Some one please offer a noob some advice.

 

[skyking]

Smoothwall has a web-based management system. I would suggest giving it a try.
The text-based part need only be used for the initial installation. After that, remove the monitor and keyboard from it and do the rest via the browser, like all the other routers out there.

 

[n0cmonkey]

Debian.

 

[JohnG86]

IPCop

 

[RedCOMET]

monowall is also worth a look at, or pfsense. I have heard good things about freesco from a friend that uses it, so keep it mind.

 

[tomt4535]

Ive got m0n0wall running on an old P3 550 with 256mb ram. I have a 32mb CF Card with an IDE adapter for the HD and a old 165w small psu I got from a pc at work. All fits nice and neat into a little cardboard box, runs cool and is awesome as a router. The web based interface is awesome and there are so many options I dont know what to do with myself. The preformance is really good too.

 

[n0cmonkey]

Neither m0n0wall nor pfsense are linux based.

 

[smashp]

Originally posted by: n0cmonkey
Neither m0n0wall nor pfsense are linux based.

True they are freeBSD, Based. But Monowall is solid as they come, and pf offers alot of extra's that can turn a firewall into a traffic monitor, sniffer, proxy , and more.

I ve used these for years. we actually install monowalls on wrap devices for our Small business market.

 

[Sunner]

I can't help but throw in a vote for OpenBSD, even though it deviates from two of your criteria
The obvious one being that it isn't Linux, but I'm guessing Linux isn't a goal in itself?

The second one, and the potential biggie, being that it doesn't come with a fancy GUI for it's firewall(PF).
However, presuming you have some knowledge about PC's in general, as well some basic networking skills, it's extremely easy to learn, thanks to it's very nice configuration files, as well as the excellent documentation provided.
A real world example would be me, I had heard good things about this OpenBSD thingy, and I needed a firewall, so I got an OpenBSD CD set and got ready, having never used it before.
Took me all of 1 hour to install it, learn enough about IPF(which was replaced by PF later on, but they're quite similar) to get it up and routing my traffic, so that I could browse the web from behind the firewall for my further exploits

It's worth a look, trust me

Oh and it's extremely light weight.
You could probably squeeze a base install(which will include everything you need for a firewall) on under 150 MB of disk space and using under 16 MB of memory.

 

[imported_Dekard]

clark Connect is a favorite of mine, I've been using it for a couple of years. Great linux based, good support and a great web based interface.

 

[amdskip]

I have smoothwall setup for the school I work at and I have content and antivirus mods installed. It works great and I love the web administration part.

It's at an uptime of 19 days right now with no issues. I was restarting it once a week but I wonder how long it can stay up.

 

[n0cmonkey]

Originally posted by: amdskip
I have smoothwall setup for the school I work at and I have content and antivirus mods installed. It works great and I love the web administration part.

It's at an uptime of 19 days right now with no issues. I was restarting it once a week but I wonder how long it can stay up.

Why would you restart it?

 

[Nothinman]

A real world example would be me, I had heard good things about this OpenBSD thingy, and I needed a firewall, so I got an OpenBSD CD set and got ready, having never used it before.
Took me all of 1 hour to install it, learn enough about IPF(which was replaced by PF later on, but they're quite similar) to get it up and routing my traffic, so that I could browse the web from behind the firewall for my further exploits

You also had previous unix experience though, since he's specifically looking for a distro with a web management interface chances are he's still pretty new at this.

 

[amdskip]

The swap file was rather high. It seems to be doing just fine now.

 

[Nothinman]

The swap file was rather high. It seems to be doing just fine now.

Since when is swap usage a reason to reboot something?

 

[Sunner]

Originally posted by: Nothinman

A real world example would be me, I had heard good things about this OpenBSD thingy, and I needed a firewall, so I got an OpenBSD CD set and got ready, having never used it before.
Took me all of 1 hour to install it, learn enough about IPF(which was replaced by PF later on, but they're quite similar) to get it up and routing my traffic, so that I could browse the web from behind the firewall for my further exploits

You also had previous unix experience though, since he's specifically looking for a distro with a web management interface chances are he's still pretty new at this.

Granted, but well, running any kind of serious firewall I'd expect that person to learn a bit anyway, and I'd say OpenBSD is a good way to learn, mostly thanks to the exceptional documentation

Maybe I'm biased though, web interfaces tend to confuse me...

 

[RiverDog]

Guarddog is quick and easy, I used it at work with no problems.