Quwery about firewall software

Daniel Anderson kd4jdl1 at verizon.net
Sat Nov 14 11:51:54 UTC 2015

On 11/14/2015 06:27 AM, Bret Busby wrote:
> On 14/11/2015, Bret Busby <bret.busby at gmail.com> wrote:
>> On 14/11/2015, Petter Adsen <petter at synth.no> wrote:
>>> On Sat, 14 Nov 2015 18:10:20 +0800
>>> Bret Busby <bret.busby at gmail.com> wrote:
>>>> Hello.
>>>> I have been using a computer as a firewall/gateway computer, with an
>>>> old version of Debian Linux, and Firestarter, both of which are no
>>>> longer supported, and I have forgotten the relevant passwords for the
>>>> computer.
>>>> I am thinking of installing Ubuntu Linux on the computer, with
>>>> possibly either Firewall Builder, or gufw, to set up a new firewall.
>>>> This is a computer via which, a number of computers within the LAN,
>>>> access the Internet, the LAN computers using various operating systems
>>>> (which should not make any difference to the firewall/gateway
>>>> computer), and using static IP (v4) addresses.
>>>> The firewall/gateway computer has two network cards; one for the LAN,
>>>> and, one for the router/modem.
>>>> Whilst the gufw seems simple enough, to enable, for a single computer,
>>>> I do not know whether it would be suitable for using on a LAN
>>>> firewall/gateway computer.
>>>> Please advise which of these two firewall applications, would be most
>>>> appropriate in this context, for a relatively simple person.
>>> (This might be the "wrong" answer to give on a Ubuntu mailing list, but
>>> since it is a solution I'm very happy with I'm going to give it anyway.)
>>> If the machine is going to function solely as a firewall and home
>>> router, I would take a look at something like pfSense - this is what I
>>> use at home. It's based on FreeBSD, and has a web interface for
>>> administration. IMO it's a much better and more integrated solution
>>> than putting together the pieces you need on a standard Linux
>>> distribution. It provides a number of packages that extend the base
>>> functionality, no licenses required. The documentation is quite good.
>>> There are also specialized Linux-based distributions similar to
>>> pfSense if you would prefer that, but I'm not familiar with them. One of
>>> them is called Smoothwall, and there are others.
>>> AFAIK, gufw seems to be intended as a firewall for a single machine
>>> more than as a gateway for a network.
>>> I'm not saying you can't do what you suggest, but that a specialized
>>> firewall distribution might be better suited. You can run pfSense off a
>>> USB stick or CD/DVD as a test to see how you like it.
>>> Just my 0.02NOK :)
>>> Petter
>>> --
>>> "I'm ionized"
>>> "Are you sure?"
>>> "I'm positive."
>> I had wondered about using a BSD as the underlying operating system,
>> for the firewall/gateway computer, due to the perceived greater
>> stability of BSD, relative to Linux.
>> The only problem that I see with that, is that I have no experience as
>> an administrator, on a BSD system, and, it is now about 30-35 years (I
>> think), since I have used a BSD (it was BSD 4.2, running on a VAX
>> 11-785, from memory). However, I should be able to learn enough, to
>> install and operate, BSD, sufficiently, to install and operate a
>> firewall/gateway, I expect.
> I am going to try to rewrite what I had just written, using a text
> editor, to then copy the text into the email software, the previous
> attempt, having all got deleted by the software - it appears that, in
> using gmail, with the web browser that partly works, and rabid mouse
> software in the operating system, everything that gets entered at the
> keyboard, can go absolutely anywhere, and, can all be deleted, by
> whichever software is responsible, destroying anything up to hours of
> work, at a time.
> Two things have occurred to me, regarding the suggestion to use
> pfSense, after I sent my previous reply, as I may have misconstrued
> the post content, in the first reading.
> The first is thus; is the pfSense thing, an encapsulated suite, that
> includes the operating system, so that it would take only one sequence
> of installation and configuration, rather than first installing the
> BSD and gonfiguring it, and then installing pfSense and then
> installing it? If it is indeed, encapsulated, then it should not be as
> difficult as I had assumed, and, the operating system presence, and
> thence, which operating system, should be transparent.
> The second thing, is thus; with you having mentioned that "You can run
> pfSense off a USB stick or CD/DVD as a test to see how you like it.",
> it it available, as a "live" system, like the Debian and Ubuntu and
> formerly, Gnoppix, LiveCD's?
Another one is IpCop. Been using it for many years with great results.

When Government fears the people there is Liberty.
When People fear the Government there is Tyranny.


More information about the ubuntu-users mailing list