[Gllug] Opinions on Smoothwall and other firewalls

John Edwards john_ed at cornerstonelinux.co.uk
Fri Oct 5 13:21:47 UTC 2001 

On Fri, Oct 05, 2001 at 12:21:06PM +0100, Simon Stewart wrote:
> On Fri, Oct 05, 2001 at 12:02:24PM +0100, Walid wrote:
> 
> > > Contact Tushar at Turtle Networks. He I'm sure can configure a good firewall
> > > for you, based on BSD.
> > 
> > That is the way to go OpenBSD, I like that :)
> 
> There's one advantage that I can see with the *BSD ipfilter tools over
> iptables: it's older, and therefore has had more testing. 

Wasn't the license on ipfilter changed to prevent ditribution of modified 
source code a few months ago ? I seem to recall that it put a spanner in 
the works for OpenBSD (who modified the code without the permission of the 
author). OpenBSD 2.9 was distibuted before the change and contains the 
modified ipfilter code.

> Now that Linux has (finally) got stateful filtering, I can't see any
> reason why it shouldn't be a sensible choice for a PC based
> firewall. Now all you want to consider is content filtering.... :)
> Cheers,
> 
> Simon

Well the advantage of a specialist distribution (Smoothwall, LRP, etc) is 
that if they are done right then you don't have to spend a lot of time 
removing or disabling potentially dangerous packages. RedHat, Mandrake and 
SuSE are designed as full server or workstation systems and install a whole 
load of stuff by default (Debian rather leaner), but it's still an extra 
few hours (assuming you know what you're doing).


ps. Wasn't Theo from OpenBSD accused on some of the bad language/attitude 
that is alledged against Richard of Smoothwall ?


-- 
#------------------------------------------------------------------------#
|    John Edwards    Email: John.Edwards at uk.com                          |
|                                                                        |
|  "Many solutions were suggested for this problem, but most of these    |
|   were largely concerned with the movements of small green pieces of   |
|   paper, which is odd because on the whole it wasn't the small green   |
|   pieces of paper that were unhappy." - Douglas Adam on unhappiness    |
#------------------------------------------------------------------------#

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug

More information about the GLLUG mailing list