[rescue] RFA: firewall
pat at computer-refuge.org
Sun Jan 9 12:09:16 CST 2005
Phil Stracchino declared on Thursday 06 January 2005 02:27 pm:
> I humbly request advice, opinions, whatever, from the Collective. :)
> The hardware: Ultra5, USIIi/333, 256M, 9.1G, three 10/100 interfaces
> (the built-in hme plus a dual EEPro100), didn't really pay attention
> to what framebuffer and can't say I particularly care.
> The application: firewall between wired internal net, wireless DMZ,
> and DSL to the 'net. Right now there'll only be one machine on the
> wired net and one on wireless, both running Win2K Pro, but real boxen
> running real OSen will be shipped out here later.
Since no one else has said anything, I'll go be the strange one and
suggest using a Linux distro (preferably Debian). For a three years, I
ran Slackware/SPARC on my firewall, using it purely as a NAT box,
forwarding a few ports (ssh, http) to machines inside the firewall.
I've never actually used OpenBSD, but from what I hear, pf is "nice" to
configure, but I've had no problems doing what I've wanted to with
iptables on Linux. Of course, I haven't tried doing anything terribly
complex with the firewalling either, so YMMV.
BTW, I don't recommend using Slackware/SPARC mostly because it's not been
updated in a few years now, and Debian is now my distro of choice over
Slack for all my machines that are able to boot a Linux kernel (except
for my VAXen and an Alpha that runs OpenVMS).
Purdue University Research Computing -- http://www.itap.purdue.edu/rcac
Purdue University ITAP/RCS --- http://www.itap.purdue.edu/rcs/
The Computer Refuge --- http://computer-refuge.org
More information about the rescue