Quwery about firewall software

Bret Busby bret.busby at gmail.com
Sat Nov 14 11:04:01 UTC 2015


On 14/11/2015, Petter Adsen <petter at synth.no> wrote:
> On Sat, 14 Nov 2015 18:10:20 +0800
> Bret Busby <bret.busby at gmail.com> wrote:
>
>> Hello.
>>
>> I have been using a computer as a firewall/gateway computer, with an
>> old version of Debian Linux, and Firestarter, both of which are no
>> longer supported, and I have forgotten the relevant passwords for the
>> computer.
>>
>> I am thinking of installing Ubuntu Linux on the computer, with
>> possibly either Firewall Builder, or gufw, to set up a new firewall.
>>
>> This is a computer via which, a number of computers within the LAN,
>> access the Internet, the LAN computers using various operating systems
>> (which should not make any difference to the firewall/gateway
>> computer), and using static IP (v4) addresses.
>>
>> The firewall/gateway computer has two network cards; one for the LAN,
>> and, one for the router/modem.
>>
>> Whilst the gufw seems simple enough, to enable, for a single computer,
>> I do not know whether it would be suitable for using on a LAN
>> firewall/gateway computer.
>>
>> Please advise which of these two firewall applications, would be most
>> appropriate in this context, for a relatively simple person.
>
> (This might be the "wrong" answer to give on a Ubuntu mailing list, but
> since it is a solution I'm very happy with I'm going to give it anyway.)
>
> If the machine is going to function solely as a firewall and home
> router, I would take a look at something like pfSense - this is what I
> use at home. It's based on FreeBSD, and has a web interface for
> administration. IMO it's a much better and more integrated solution
> than putting together the pieces you need on a standard Linux
> distribution. It provides a number of packages that extend the base
> functionality, no licenses required. The documentation is quite good.
>
> There are also specialized Linux-based distributions similar to
> pfSense if you would prefer that, but I'm not familiar with them. One of
> them is called Smoothwall, and there are others.
>
> AFAIK, gufw seems to be intended as a firewall for a single machine
> more than as a gateway for a network.
>
> I'm not saying you can't do what you suggest, but that a specialized
> firewall distribution might be better suited. You can run pfSense off a
> USB stick or CD/DVD as a test to see how you like it.
>
> Just my 0.02NOK :)
>
> Petter
>
> --
> "I'm ionized"
> "Are you sure?"
> "I'm positive."
>

I had wondered about using a BSD as the underlying operating system,
for the firewall/gateway computer, due to the perceived greater
stability of BSD, relative to Linux.

The only problem that I see with that, is that I have no experience as
an administrator, on a BSD system, and, it is now about 30-35 years (I
think), since I have used a BSD (it was BSD 4.2, running on a VAX
11-785, from memory). However, I should be able to learn enough, to
install and operate, BSD, sufficiently, to install and operate a
firewall/gateway, I expect.

-- 

Bret Busby
Armadale
West Australia

..............

"So once you do know what the question actually is,
 you'll know what the answer means."
- Deep Thought,
 Chapter 28 of Book 1 of
 "The Hitchhiker's Guide to the Galaxy:
 A Trilogy In Four Parts",
 written by Douglas Adams,
 published by Pan Books, 1992

....................................................



More information about the ubuntu-users mailing list