Firewall

[curtis]

I've been looking at some software firewalls to install on my linux machine.

2 of the most popular ones I've read about are Firestarter and Guarddog. Is anyone using one of these? If so your opinions would be helpful.

I'm also open to suggestions for other programs if you know of some good ones.

[TweezerMan]

Someone I know and respect recommended SmoothWall - http://www.smoothwall.org/.

 

Added note: It appears that SmoothWall requires a dedicated PC to run on to function as the firewall. If you're not looking use a dedicated machine as your firewall, this product may not be right for you.

[borfast]

Firestarter is probably the easiest firewall tool there is for Linux (I don't know Guarddog and it also looks pretty simple, so I may be wrong). It has a configuration wizard, which is pretty good and lets you setup firewall rules in less than a minute (if you already know what the various screens say, it takes less than 15 seconds ).

 

There's also Firewall Builder, which is more advanced than Firestarter (and far more complex) but I haven't used it for quite some time and I don't even remember it well enough to be able to compare it to others.

 

My advice is: give them all a try and decide which one is best for your needs

[curtis]

I downloaded Guarddog and will give it try first.

 

This linux box is not going to be connected to my network which has a hardware firewall and I really don't want to set up a dedicated machine but Smoothwall does look very good.

[borfast]

I tried Guarddog last night and I didn't like it much. Firestarter is much more intuitive.

[curtis]

I agree Raul, I didn't like Guarddog much either. Going to try Firestarter now.

[Ayman]

FYI, firestarter is a frontend for iptables, it's possible to configure iptables using the commandline, but firestarter makes it a lot easier and faster for basic configurations.

[schussat]

I've used Shorewall (shorewall.net) for a couple of years and had a pretty good experience. It's another iptables frontend, is really well-documented, and the web site for it provides several sets of pre-build config files for a number of different firewall configurations. It sounds like a middle road between Firestarter and more complicated setups -- so it may be worth a try, too.

[TweezerMan]

Maybe I'm stating the obvious here, but I thought that all Linux firewall apps were front-ends to iptables.

[curtis]

Well I finally got Firestarter installed. Apparently Debian doesn't like .deb so I downloaded it from Debians site and used apt-get install firestarter to get it installed. It took me about 20 min. to get setup(being somewhat new to linux I try not to rush anything).

All said and done Firestarter works well,should be all I need. But knowing me as well as I do I will still try others

 

Thanks for the suggestions everyone. If you have anymore keep um coming.

[curtis]

Well I finally got Firestarter installed. Apparently Debian doesn't like .deb so I downloaded it from Debians site and used apt-get install firestarter to get it installed. It took me about 20 min. to get setup(being somewhat new to linux I try not to rush anything).

All said and done Firestarter works well,should be all I need. But knowing me as well as I do I will still try others

 

Thanks for the suggestions everyone. If you have anymore keep um coming.

<{POST_SNAPBACK}>

 

 

After a little investigation I find you can install using .deb. I had expexted to find the files in /etc/firestarter directory which would come up empty. The files were being placed in /usr/share/doc/firestarter directory. Live and learn. I'll know next time.

[borfast]

Ayman and David, yes, Firestarter is just a frontend to iptables and yes, all linux firewalls (at least that I know of) are based on iptables.

There may be some other products that implement a different firewall but iptables is the only "official" firewall in the Linux Kernel.

 

Curtis, glad to know you got it working and you like it