[Sussex] Linux Firewall on a 50mg CD

[John Crowhurst]

> You might want to look at some of the non-install/CD boot disk distros -
> they are pretty easy to customise.

I think there would be a problem here, if you want to customise the
settings of the firewall - you would have to rebuild the CD every time.
(assuming you don't have a hard drive in the firewall for extra security)

Floppy based firewalls have the distinct advantage that the boot floppy
can be removed, customised and the machine rebooted into those changes.

Perhaps to get around this, you could devise some way to get the rules
from another machine when the firewall initiates, like with an FTP client.

It should be very easy to build a small firewall solution, you have the
choice of Gentoo, LFS, and perhaps Slackware.

> I guess there is also a chance that you may not want to put a hard drive
> in a firewall machine anyway (for added security) in which case these
> things are almost ideal.  GNATBox (NetBSD based methinks) works a bit
> like this but boots off a floppy disk (at least it did 4 years ago when
> I saw it)..

There are hordes of floppy firewall distros out on the net, the trouble is
finding an IPtables one.

--
John Crowhurst