Linux/Free Firewall for Network

robertwj

Well-Known Member
Joined
Jun 29, 2011
Messages
272
I am looking to implement a Firewall onto my network. I want something FREE and simple to use preferably something with a user interface instead of commands.

I want it to be able to monitor Network usage/sites visited ect as well as Block Websites and ports.

What software would you recommend that can be installed on a stand alone firewall PC?

Thanks
 

ghoti

Karmic Sangoma
Joined
Jan 17, 2005
Messages
46,352
I am looking to implement a Firewall onto my network. I want something FREE and simple to use preferably something with a user interface instead of commands.

I want it to be able to monitor Network usage/sites visited ect as well as Block Websites and ports.

What software would you recommend that can be installed on a stand alone firewall PC?

Thanks
From my other post:

1) ClearOS - One of the best, but it only monitors web browsing. It does not monitor all traffic, so if a user is torrenting, there is no method of tracking this.
2) Untangle - Requires expensive apps to be really functional, and our Untangle just started maxing out our upload line... for no apparent reason. It also sucks with new hardware and runs on outdated debian.
3) Endian - A polished system, but only has raw ntop to manage internet usage
4) IPCop - Have not tried it out as their website looks like it was done by a 5 year old about 10 years ago. Also, you cant download 2.0.4 (you have to download 2.0.3 and then upgrade to 2.0.4 - this indicates to me lazy developers... which puts me off)
5) Zentyal aka Ebox - Have not tried this since it was ebox, but last I checked into only metered web browsing, not all traffic.
6) PFSense - Have not tried it yet.
7) m0n0wall - Have not tried yet
8) Smoothwall - Have not tried yet

So what FOSS firewall/gateway solutions are out there to help me manage how much a user downloads? What do you recommend?
http://mybroadband.co.za/vb/showthr...OSS-firewall-gateway-to-manage-internet-usage

Ive tried a bunch of them. Right now experimenting with Endian. It really locks a network down nicely. Like torrents are dead on the network... but its hard to see reports for user usage :(
 

lumpyza

Well-Known Member
Joined
May 29, 2012
Messages
150
i would say look at the following:

ClearOS
SmoothWall
Monowall

they about the best iv worked with, but all depends if your gonna need VPN connectivity later on and so on...

Have fun, i love setting up new firewalls! :whistling:
 

krieg

Senior Member
Joined
Mar 31, 2010
Messages
663
Hi

Why not go the hardware route? Look at a Routerboard from Mikrotik, which runs RouterOS and has a window like front end called Winbox. The RB750 for instance runs on 5W of power, a lot less than a PC. You can also download the trial version and run it on a PC to test it.
 

gregmcc

Honorary Master
Joined
Jun 29, 2006
Messages
22,168
Been running smoothwall for years. You can run sarg and report on the downloads.
 

robertwj

Well-Known Member
Joined
Jun 29, 2011
Messages
272
Thanks for the options everyone. I've just downloaded Smoothwall and i'll be installing it tonight. Very excited to give it a bash
 

LTMeg

New Member
Joined
Jul 19, 2012
Messages
8
Just my opinion but a software firewall is not a good business decision. You are putting the firewall inside the very thing you are trying to protect? The incredibly sophisticated threats out there have made software firewalls redundant.
 

ghoti

Karmic Sangoma
Joined
Jan 17, 2005
Messages
46,352
Just my opinion but a software firewall is not a good business decision. You are putting the firewall inside the very thing you are trying to protect? The incredibly sophisticated threats out there have made software firewalls redundant.
Like?
 

gregmcc

Honorary Master
Joined
Jun 29, 2006
Messages
22,168
Just my opinion but a software firewall is not a good business decision. You are putting the firewall inside the very thing you are trying to protect? The incredibly sophisticated threats out there have made software firewalls redundant.
Umm all firewalls are software based! :confused:
 

ghoti

Karmic Sangoma
Joined
Jan 17, 2005
Messages
46,352
You know what I mean ;-)
Actually I dont. What "sophisticated" threats are you talking about?

IE. Im trying to find out what your custom software/hardware based firewall is able to deal with that a software based firewall (on hardware ;)) cant do.
 

ghoti

Karmic Sangoma
Joined
Jan 17, 2005
Messages
46,352
Thats what I meant ;-)
I still dont know what sophisticated threats you are talking about....

The most sophisticated threats I can think like... like highly intelligent spear phishing (social engineering)... well no firewall will help you there. So I really want to know what sophisticated you are referring to.
 

gregmcc

Honorary Master
Joined
Jun 29, 2006
Messages
22,168
I'm also confused - Checkpoint for instance, who are the world leaders in firewalls, have a software based firewall which will easily stand up to the "incredibly sophisticated threats"
 
Top