Re: Best IP configuration for OpenBSD firewall/router

[Patrick Benson <benson () chello se>]

chort wrote:

> By the way, I agree with the direction you're taking to use OpenBSD for
> your gateway.  I know many people recommend Linux to build a gateway,
> but many Linux distributions are getting bloated now and the kernel
> itself has had a few problems.  Since OpenBSD is a distribution that
> does exhaustive code review and is very minimal by default, and it has
> strong cryptography built in, I would recommend OBSD rather than Linux.

Actually, there's no need to use a Linux distribution if you would like
to use Linux on a dedicated box, there are quite a few alternatives
which use the minimalistic approach like: http://www.leaf-project.org/
The Bering image, 1680 floppy image or CD iso, is the most current. What
you get on a floppy?

1 - Linux kernel 2.4.20, 2.4.21  http://www.kernel.org/
2 - Iptables 1.2.8               http://www.netfilter.org/
3 - Shorewall firewall script    http://www.shorewall.net/
4 - dnscache                     http://cr.yp.to/djbdns.html
5 - tinydns                      http://cr.yp.to/djbdns.html
6 - OpenSSH                      http://www.openssh.org/

to name a few. Runs entirely in a ramdisk, no writable media enabled.
It's up for discussion what's actually *safer* if no writable hard disk
needs to be used, I'm using that floppy image on a 486 DX4 as of this
moment. :) 

Regards,
-- 
Patrick Benson
Stockholm, Sweden

---------------------------------------------------------------------------
----------------------------------------------------------------------------