Linux Firewall

Discussion in 'Computers' started by Darren Lewis, Apr 18, 2006.

  1. Darren Lewis

    Darren Lewis Supporting Actor

    Jul 17, 2000
    Likes Received:
    Are there any advantages to setting up something like a linux box compared with an all-in-one modem/router/firewall setup?
  2. SethH

    SethH Cinematographer

    Dec 17, 2003
    Likes Received:
    Most likely two different types of firewalls. Most consumer-grade all-in-one routers have a NAT firewall. The linux firewall you're talking about is an SPI (stateful packet inspection) firewall. Both types are good. The SPI allows more flexibility. A company would have both, but you probably just need one or the other.

    EDIT: There are some consumer-grade all-in-one units offer SPI firewalls, but they are the more expensive units.
  3. Kimmo Jaskari

    Kimmo Jaskari Screenwriter

    Feb 27, 2000
    Likes Received:
    If you have the hardware to build a firewall on (ie, a very cheap old PC with two network ports or cards + a small consumer grade network switch) and the expertise to do it, then you should definitely go with a homebuilt firewall instead. You get great stability and upgradability along with far better features than routers usually offer. Another thing you get that is either good or bad depending on your viewpoint is a split of your network hardware, ie instead of one router with everything (switch, router, wireless lan) you have separate parts for each. I prefer that since I can either upgrade one part if I want or replace any one part should it fail.

    I've used Smoothwall and it is an excellent product, but I eventually switched over to m0n0wall because it offered the features I needed and can be run entirely harddriveless. You insert the boot CD and a clean formatted floppydisk; it boots from CD and writes settings to the floppy. The entire firewall is held in internal memory so disk access is extremely infrequent and management is simple via a nice web interface.

    One thing it offers off the bat is traffic shaping. This is great if you have to share your Internet link, as it prioritizes some stuff; this will keep the Internet connection from getting "clogged" even if it is being used 100%. Also, unlike on most routers, this is a real firewall and can block traffic both ways so you can set up rules so that the machines inside the m0n0wall can only, say, websurf and check mail via the POP3 port... stuff like that. Optionally, that is.

    Obviously there is more, like VPN:s, NAT, etc etc; all in all a fantastic product and it's free.
  4. mattCR

    mattCR Executive Producer

    Oct 5, 2005
    Likes Received:
    Lee Summit, Missouri
    Real Name:
    Big recommend for ClarkConnect. Incredibly functional with more features then you may ever need. And a very slick user interface and incredible support. Add to that wireless routing, etc. and it's a winner.

Share This Page