Firewall/Router distro

[zaney]

Hi,
This would be my first post here on Linuxforums, I thought this would be the best place to get my question answered. After much googling on the topic, all I have found are a multitude of "Which is the best distro for this" posts. I'm aware "best" is matter of opinion. So, I'll outline my current situation, and then ask my question, and see what you all think.

I currently live in rather a large house with my parents, with an extension on the side for my grandparents, there are two wireless routers to cover this because, for some inexplicable reason, some of the walls are lined with aluminium mesh. Which is a nightmare. Anyway, the network supports two PCs, running windows, 2 iMacs, 4 laptops (2 Macs, 1 windows, 1 linux), two PDA/Phones, and 2 games consoles. 1 iMac and 1 PC are wired, the rest is wireless.

It's relatively large for a home network, and I have an old Dell OptiPlex (1GHz P3, 256Mb RAM), running DNS, DHCP and caching proxy services for the network. This is all run using pfSense.

I use Mac OS X as my main platform, but I'm more than comfortable with linux. What I want is a distro to use on the server which I can configure myself (I want the pfSense features, but I'd also like to be able to run any arbitrary service I like on it). Now, I know any linux distro can do all of that, but what I'd like is the same sort of web-based interface, and statistics/graphs etc, that I get from pfSense.

So I guess what I'm asking for is more a package that adds this to a distro, rather than which distro to use. I'm most comfortable with Gentoo and Ubuntu, but I'm willing to try any of them if they'd do what I want, so any suggestions are welcome.

...I hope all that made sense.

[coopstah13]

I think Webmin is going to do what you need, it lets you edit settings for dhcp server, iptables, etc through a web browser

[zaney]

I've tried Webmin, and although it's a great interface, it's a bit too comprehensive. It basically controls everything.
I'm looking for an interface that makes it simple and easy for me to edit router and firewall related settings, whilst giving me feedback on network traffic, processor and memory usage, cache size, firewall logs, etc.

Essentially the sort of interface on pfSense, IPCop, smoothwall etc. But I want a fully fledged distro behind it, that I can do what I like with over SSH or VNC.

[Roxoff]

Why would you want to do this? Use smoothwall or IPCop and dont dick about with your firewall as a toy; reserve that privilege for your desktop machine .

I use smoothwall at home, we have several computers, as you do, and mine runs on a Intel Pentium P150 with 96Mb memory. Absolutely the last thing thing I need is for the internet connection to go down for everyone because I was being a tit. Some services are considered vital, and if they aren't working, you get to be prodded (by old people by the sounds of it in your case) until you get them working.

[DrEntropy]

Yes Roxoff, THAT'S th' truth!!! I've a Smoothie here as well, love th' thing. Have put 'em in front of a number of small biz LANs. ONE dedicated firewall ~appliance~ in place, leave it do the job. GUI configurable, VPN capability and SSH if ya just HAVE to fettle with it.

[zaney]

Why would you want to do this? Use smoothwall or IPCop and dont dick about with your firewall as a toy; reserve that privilege for your desktop machine .

I use smoothwall at home, we have several computers, as you do, and mine runs on a Intel Pentium P150 with 96Mb memory. Absolutely the last thing thing I need is for the internet connection to go down for everyone because I was being a tit. Some services are considered vital, and if they aren't working, you get to be prodded (by old people by the sounds of it in your case) until you get them working.

Yea, that's a fair point.
But at the same time, it is set up so if something goes wrong (or if it's turned off - the parents love the speed the cache gives, but don't like having it on overnight), then a D-Link router takes over DHCP and DNS functionality. So the internet connection never goes down (unless the line goes down, which happens more often than I'd like, living in the middle of nowhere and all)

See, it's also a learning platform for me. I'm quite comfortable with networking and linux, etc. But I'd still like to learn more about some of the lower level functions, such as setting up iptables and routing manually. We may have a lot of computers, but none of them are sitting spare for me to fiddle with. The router could be considered spare as caching is not essential, and the fail-over to the D-Link router is always there to take over.