Quwery about firewall software
bret.busby at gmail.com
Sat Nov 14 11:27:38 UTC 2015
On 14/11/2015, Bret Busby <bret.busby at gmail.com> wrote:
> On 14/11/2015, Petter Adsen <petter at synth.no> wrote:
>> On Sat, 14 Nov 2015 18:10:20 +0800
>> Bret Busby <bret.busby at gmail.com> wrote:
>>> I have been using a computer as a firewall/gateway computer, with an
>>> old version of Debian Linux, and Firestarter, both of which are no
>>> longer supported, and I have forgotten the relevant passwords for the
>>> I am thinking of installing Ubuntu Linux on the computer, with
>>> possibly either Firewall Builder, or gufw, to set up a new firewall.
>>> This is a computer via which, a number of computers within the LAN,
>>> access the Internet, the LAN computers using various operating systems
>>> (which should not make any difference to the firewall/gateway
>>> computer), and using static IP (v4) addresses.
>>> The firewall/gateway computer has two network cards; one for the LAN,
>>> and, one for the router/modem.
>>> Whilst the gufw seems simple enough, to enable, for a single computer,
>>> I do not know whether it would be suitable for using on a LAN
>>> firewall/gateway computer.
>>> Please advise which of these two firewall applications, would be most
>>> appropriate in this context, for a relatively simple person.
>> (This might be the "wrong" answer to give on a Ubuntu mailing list, but
>> since it is a solution I'm very happy with I'm going to give it anyway.)
>> If the machine is going to function solely as a firewall and home
>> router, I would take a look at something like pfSense - this is what I
>> use at home. It's based on FreeBSD, and has a web interface for
>> administration. IMO it's a much better and more integrated solution
>> than putting together the pieces you need on a standard Linux
>> distribution. It provides a number of packages that extend the base
>> functionality, no licenses required. The documentation is quite good.
>> There are also specialized Linux-based distributions similar to
>> pfSense if you would prefer that, but I'm not familiar with them. One of
>> them is called Smoothwall, and there are others.
>> AFAIK, gufw seems to be intended as a firewall for a single machine
>> more than as a gateway for a network.
>> I'm not saying you can't do what you suggest, but that a specialized
>> firewall distribution might be better suited. You can run pfSense off a
>> USB stick or CD/DVD as a test to see how you like it.
>> Just my 0.02NOK :)
>> "I'm ionized"
>> "Are you sure?"
>> "I'm positive."
> I had wondered about using a BSD as the underlying operating system,
> for the firewall/gateway computer, due to the perceived greater
> stability of BSD, relative to Linux.
> The only problem that I see with that, is that I have no experience as
> an administrator, on a BSD system, and, it is now about 30-35 years (I
> think), since I have used a BSD (it was BSD 4.2, running on a VAX
> 11-785, from memory). However, I should be able to learn enough, to
> install and operate, BSD, sufficiently, to install and operate a
> firewall/gateway, I expect.
I am going to try to rewrite what I had just written, using a text
editor, to then copy the text into the email software, the previous
attempt, having all got deleted by the software - it appears that, in
using gmail, with the web browser that partly works, and rabid mouse
software in the operating system, everything that gets entered at the
keyboard, can go absolutely anywhere, and, can all be deleted, by
whichever software is responsible, destroying anything up to hours of
work, at a time.
Two things have occurred to me, regarding the suggestion to use
pfSense, after I sent my previous reply, as I may have misconstrued
the post content, in the first reading.
The first is thus; is the pfSense thing, an encapsulated suite, that
includes the operating system, so that it would take only one sequence
of installation and configuration, rather than first installing the
BSD and gonfiguring it, and then installing pfSense and then
installing it? If it is indeed, encapsulated, then it should not be as
difficult as I had assumed, and, the operating system presence, and
thence, which operating system, should be transparent.
The second thing, is thus; with you having mentioned that "You can run
pfSense off a USB stick or CD/DVD as a test to see how you like it.",
it it available, as a "live" system, like the Debian and Ubuntu and
formerly, Gnoppix, LiveCD's?
"So once you do know what the question actually is,
you'll know what the answer means."
- Deep Thought,
Chapter 28 of Book 1 of
"The Hitchhiker's Guide to the Galaxy:
A Trilogy In Four Parts",
written by Douglas Adams,
published by Pan Books, 1992
More information about the ubuntu-users