Find the answer to your Linux question:
Results 1 to 10 of 10
Hi ! I want to setup a linux-server with a great firewall. does anybody know which is the best? i heard that smoothwall is very good. and what about IPTables? ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Newbie robak's Avatar
    Join Date
    Jan 2004
    Posts
    136

    setting up a Server with firewall


    Hi !

    I want to setup a linux-server with a great firewall. does anybody know which is the best? i heard that smoothwall is very good.

    and what about IPTables? can i use this instead of an standalone firewall?
    make install not love

    Registered Linux user number 369245

  2. #2
    Just Joined!
    Join Date
    Feb 2004
    Location
    Calgary Alberta
    Posts
    19
    Smoothwall rocks ... it takes all of 15 mins for a complete install and is rock solid. Has all kinds of added features (besides the standards, port forwarding etc.)

    Easy to work with and configure. I would recommend Smoothwall to anyone looking for a good Linux based FW.

    I don't run any servers on it, I have a server behind my Smoothie that has the needed ports forwarded thru. Its not meant as a "server" but works VERY well as a router/firewall

  3. #3
    Linux Engineer
    Join Date
    Nov 2002
    Location
    Queens, NY
    Posts
    1,319
    iptables = no complaints

    I think that says enough.
    The best things in life are free.

  4. $spacer_open
    $spacer_close
  5. #4
    Linux Engineer Giro's Avatar
    Join Date
    Jul 2003
    Location
    England
    Posts
    1,219
    I never used smoothwall but have been using IPcop for nearly two years with no problems. I would not run a webserver on your firewall/gateway its suppopse to run as little services as possible to make it more secure. Remeber that its the layer between your network and the net so you dont want some one r00ting Apache and then your firewall.

  6. #5
    Linux Engineer
    Join Date
    Nov 2002
    Location
    Queens, NY
    Posts
    1,319
    That's a good point. I'd usually just run one machine dedicated to a firewall. The hardware wouldn't be anything drastic since iptables really doesn't need all that attention but I was thinking, one way to have Apache run secure is to chroot and even possibley use the immutable flags (within ext2/3 fs) to add a level of security.
    The best things in life are free.

  7. #6
    Linux Newbie robak's Avatar
    Join Date
    Jan 2004
    Posts
    136
    thx 4 posts

    i downloaded smoothwall at www.smoothwall.org but there is only a EXPRESS verion. is this the full version?
    make install not love

    Registered Linux user number 369245

  8. #7
    Linux Guru
    Join Date
    Oct 2001
    Location
    Täby, Sweden
    Posts
    7,578
    Apache normally runs as a seperate user, so unless you're using a vulnerable kernel, they can't do anything really bad if they crack it.

    Still, it's no fun to have your box cracked at all. I myself always run apache on a seperate machine.

  9. #8
    Just Joined!
    Join Date
    Feb 2004
    Location
    Calgary Alberta
    Posts
    19
    Yes that is all you will need to get up and running. The express version is just their "free" version. The have a payed version that they support as well. I have only seen the "express" version and from what i can tell it works perfectly.

  10. #9
    Just Joined!
    Join Date
    Feb 2004
    Posts
    14
    agree with bpark. iptables works best for me. Plus you can have as many configurations as you like and just need to do an iptables-restore to load a new configuration in a matter of seconds. Good for applications where you need to enable a certain port then disable it when you have finished. Its also very easy to understand the ruleset and easy to re-use rulesets in other areas of the firewall configuration without having any repetition. Gets the thumbs up from me!

  11. #10
    Linux Engineer Giro's Avatar
    Join Date
    Jul 2003
    Location
    England
    Posts
    1,219
    Smoothwall uses iptables and so does ipcop.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •