[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
  Web www.spinics.net

SUMMARY: Firewall Distros

Thanks to everyone for the feedback. My original post is below.

I got a few suggestions to try ClarkConnect. Unfortunately, the Home Edition ("free" version) does not include mail filtering. I was told that the latest beta Home version has add-ons available that will do this but I didn't try it.

I also received one response recommending Astaro. I have tried Astaro at home and was very happy with it. Unfortunately, I cannot give it to clients because it isn't "free" for business use.

So, I decided to add POP3 filtering to my IPCop firewall using a couple of Open Source products: pop3filter and renattach. If anyone is interested, the instructions (and binaries I compiled) are here:


-------- Original Message --------
Subject: Firewall Distros
Date: Thu, 25 Mar 2004 09:08:17 -0700
From: sr <linux-rules@earthlink.net>
Reply-To: linux-rules@earthlink.net
To: Linux Managers <LinuxManagers@linuxmanagers.org>

I have been using IPCop for a long time and think it is a fantastic
product. However, it lacks the ability to do any kind of email virus
scanning/attachment blocking. So, I'm now looking for a Linux distro
that has the following features:
1) iptables firewall support (Shorewall would be nice but isn't essential)
2) POP3 mail proxy to allow centralized attachment blocking (by specific
extensions, e.g., pif, scr, exe, etc...) and virus scanning with
something like ClamAV
3) Spam filtering with something like POPfile (available as an add-on
for IPCop) or SpamAssassin.
4) Transparent proxy/caching server using Squid. This comes in very
handy at locations with slow Internet connections when you need to run
things like WindowsUpdate.
5) VPN (IPSec) - straightforward configuration would be ideal
6) Port Forwarding (easy to configure)
7) Intrusion detection
8) DMZ support if a third NIC is added
9) DNS proxy/caching
10) SSH server (for remote administration)
11) HTTP/SSL if there's a web GUI (for administration)
12) P2P blocking using something like ftwall:
13) Ability to backup configuration over a network
14) DHCP server
15) DansGuardian support (would be nice but isn't essential)
16) Detailed logging ability

IPCop provides all of the above except POP3 mail proxy. The VPN
configuration with IPCop is a bit of a pain, so a distro that offers an
easier means of configuring VPN would be nice.

Here are the distros I have downloaded to test:
Astaro Linux
ClarkConnect Home Edition
e-smith Linux
Securepoint Linux
Smoothwall (yes, I know IPCop spawned from this)
Devil Linux (runs off CD)
Sentry Firewall CD (runs off CD)

Due to the fact that I don't have a great deal of time to test all of
them, I was wondering if anyone has experience with any of them and can
give me their comments, recommendations, cautions, etc...

I have already started testing Astaro and it's very nice. The POP3 proxy
was a piece of cake to configure and the web interface is very nice. I
haven't tested VPN yet but it looks easier to use than IPCop's VPN
(hopefully this will change when IPCop 1.4 is released).

Any feedback would be greatly appreciated! I will also post my comments
once I've had a chance to test several of the distros above.


LinuxManagers mailing list - http://www.linuxmanagers.org
submissions: LinuxManagers@linuxmanagers.org
subscribe/unsubscribe: http://www.linuxmanagers.org/mailman/listinfo/linuxmanagers
LinuxManagers mailing list - http://www.linuxmanagers.org
submissions: LinuxManagers@linuxmanagers.org
subscribe/unsubscribe: http://www.linuxmanagers.org/mailman/listinfo/linuxmanagers

[Home]     [Kernel List]     [Linux SCSI]     [Video 4 Linux]     [Linux Admin]     [Yosemite News]     [Motherboards]

Powered by Linux