Quwery about firewall software

Petter Adsen petter at synth.no
Sat Nov 14 10:50:12 UTC 2015 

On Sat, 14 Nov 2015 18:10:20 +0800
Bret Busby <bret.busby at gmail.com> wrote:

> Hello.
> 
> I have been using a computer as a firewall/gateway computer, with an
> old version of Debian Linux, and Firestarter, both of which are no
> longer supported, and I have forgotten the relevant passwords for the
> computer.
> 
> I am thinking of installing Ubuntu Linux on the computer, with
> possibly either Firewall Builder, or gufw, to set up a new firewall.
> 
> This is a computer via which, a number of computers within the LAN,
> access the Internet, the LAN computers using various operating systems
> (which should not make any difference to the firewall/gateway
> computer), and using static IP (v4) addresses.
> 
> The firewall/gateway computer has two network cards; one for the LAN,
> and, one for the router/modem.
> 
> Whilst the gufw seems simple enough, to enable, for a single computer,
> I do not know whether it would be suitable for using on a LAN
> firewall/gateway computer.
> 
> Please advise which of these two firewall applications, would be most
> appropriate in this context, for a relatively simple person.

(This might be the "wrong" answer to give on a Ubuntu mailing list, but
since it is a solution I'm very happy with I'm going to give it anyway.)

If the machine is going to function solely as a firewall and home
router, I would take a look at something like pfSense - this is what I
use at home. It's based on FreeBSD, and has a web interface for
administration. IMO it's a much better and more integrated solution
than putting together the pieces you need on a standard Linux
distribution. It provides a number of packages that extend the base
functionality, no licenses required. The documentation is quite good.

There are also specialized Linux-based distributions similar to
pfSense if you would prefer that, but I'm not familiar with them. One of
them is called Smoothwall, and there are others.

AFAIK, gufw seems to be intended as a firewall for a single machine
more than as a gateway for a network.

I'm not saying you can't do what you suggest, but that a specialized
firewall distribution might be better suited. You can run pfSense off a
USB stick or CD/DVD as a test to see how you like it.

Just my 0.02NOK :)

Petter

-- 
"I'm ionized"
"Are you sure?"
"I'm positive."

More information about the ubuntu-users mailing list