Re: Linux firewall options

["Mark Holloway" <mholloway () flashmail com>]

FreeBSD and IPFW works the best for me... Check out:

http://www.freebsd.org
http://freebsd.peon.net
http://www.freebsdrocks.com
http://daemonnews.org

Also check out Drawbridge for FreeBSD.  It's free also..

http://drawbridge.tamu.edu/




----- Original Message -----
From: Joseph S D Yao <jsdy () cospo osis gov>
To: Mayne, Peter <Peter.Mayne () compaq com>
Cc: <firewall-wizards () nfr net>
Sent: Monday, January 24, 2000 5:48 AM
Subject: Re: Linux firewall options


> On Wed, Jan 12, 2000 at 09:05:00AM +0800, Mayne, Peter wrote:
> > Given Linux (say RedHat 6.0 or greater) as a base, what options are
> > available to build firewalls? Is there a "Linux firewalls" site
somewhere?
> > ipchains is an obvious place to start for basic packet filtering
> > functionality, but I'd prefer something more substantial. I could use
Apache
> > or Squid (depending on circumstances) as a Web proxy, for instance.
> >
> > I don't think FWTK can be used in a commercial environment because of
the
> > license restrictions. Is there something similar out there that is
otherwise
> > usable?
>
> I know that there are such sites out there.  I don't have them at my
> fingertips, though, and I'm sure that there are others that do.
>
> Many commercial sites do use FWTK.  It is a firewall toolkit, though,
> and not a firewall.  IIRC, the license prohibits commercial
> re-distribution, not commercial use.
>
> Many other sites use ipchains.  Packet filtering only makes me uneasy,
> tough.
>
> Apache, Squid, BIND, and Sendmail can all be used as proxies, although
> again the sheer complexity of code in, specifically, sendmail may make
> it less desirable as a proxy.
>
> --
> Joe Yao jsdy () cospo osis gov - Joseph S. D. Yao
> COSPO/OSIS Computer Support EMT-B
> -----------------------------------------------------------------------
> This message is not an official statement of COSPO policies.