Setting up a linux firewall

VirtualForce

VirtualForce

Well-Known Member
Joined
Jan 20, 2009
Messages
109
Reaction score
13
I was wondering if I could pick some brains around here...

I would like to setup a linux type firewall between the company network and modem. I've googled but honestly I feel a bit lost, like a kid in a candy story.

For instance, I've found three, what I believe, are viable pieces of software. Each goes on about how epic they are. I've heard about all three of them, most about Smoothwall. They are:

  • Smoothwall
  • PFSence
  • IPCop

I would like to obviously protect the network from the outside. I would also like to be able to block certain websites from being accessed and also be able to pull usage logs via PC hostname.

Would I need to use some kind of proxy for the last two points? (blocking of sites and usage logs.) Or could that be done with firewall alone?

Also, I have about 15 users who are working on a daily basis on remote desktop via MS Remote Desktop. Would the software firewall cause noticeable latency for the users?

My linux skills are somewhat limited, I know how to install and configure hardware devices like my NIC, GPU and what not. But I want to both enhance the company's security and learn more about linux as I go along, and to be honest, I'm looking forward to learn more.

I've already got a spare machine, a dual core E7500 with 2GB Ram. The internet connection is a MWeb bonded solution, 2 x 4mbps ADSL lines bonded into one via Cisco hardware. So I've got one cable running to the switch.

Thank you.
 
Last edited:
if you really want to get your hands dirty...

iptables ( firewall + NAT )
squid ( proxy + LOGS )

its the cleanest. firewalls need to be clean and squid is the most configurable proxy there is.
 
Untangle? Linux-based but user-friendly, it doesn't allow access to the core OS though as you run the Untangle GUI through it
 
I can highly recommend both Smoothwall and pfSense. IpCOP didn't do much for me.

Depending on what you want exactly you want will depend on which of the two you go for.

In my experience Smoothwall has better real time monitoring and bandwidth usage reporting than pfSense. The community version of Smoothwall however doesn't allow multi wan connections (no load sharing between connections), if this is something you would want to do in future then I would definitely recommend pfSense. pfSense doesn't have the nice realtime monitoring that Smoothwall has but is really feature packed in ever other department and there are multitudes of extra packages you can install afterwards.

Both have pretty good implementations of squid. I think pfSense is slightly more complicated when it comes to this regard but there is a huge pfsense community and their forums are an excellent source of info.

I ran Smoothwall for a little while but now can't remember a lot. Once I tried pfSense there was no going back though, I'm running a pfSense at home and at our office. Works a treat.

My vote goes to pfSense.

Ook will be able to help you with more details on Smoothwall, that's his thing.
 
VirtualForce said:
I was wondering if I could pick some brains around here...

I would like to setup a linux type firewall between the company network and modem. I've googled but honestly I feel a bit lost, like a kid in a candy story.

For instance, I've found three, what I believe, are viable pieces of software. Each goes on about how epic they are. I've heard about all three of them, most about Smoothwall. They are:

  • Smoothwall
  • PFSence
  • IPCop

I would like to obviously protect the network from the outside. I would also like to be able to block certain websites from being accessed and also be able to pull usage logs via PC hostname.

Would I need to use some kind of proxy for the last two points? (blocking of sites and usage logs.) Or could that be done with firewall alone?

Also, I have about 15 users who are working on a daily basis on remote desktop via MS Remote Desktop. Would the software firewall cause noticeable latency for the users?

My linux skills are somewhat limited, I know how to install and configure hardware devices like my NIC, GPU and what not. But I want to both enhance the company's security and learn more about linux as I go along, and to be honest, I'm looking forward to learn more.

I've already got a spare machine, a dual core E7500 with 2GB Ram. The internet connection is a MWeb bonded solution, 2 x 4mbps ADSL lines bonded into one via Cisco hardware. So I've got one cable running to the switch.

Thank you.
Click to expand...

Try also clearos firewall. I find this very good especially for someone fairly new to Linux.
 
Ah, forgot to mention that pfSense has excellent QoS options. Something that a lot of distributions sorely lack. Smoothwalls QoS works very well but is very basic.
 
Try Endian http://www.endian.com/en/community/overview/

VirtualForce said:
I was wondering if I could pick some brains around here...

I would like to setup a linux type firewall between the company network and modem. I've googled but honestly I feel a bit lost, like a kid in a candy story.

For instance, I've found three, what I believe, are viable pieces of software. Each goes on about how epic they are. I've heard about all three of them, most about Smoothwall. They are:

  • Smoothwall
  • PFSence
  • IPCop

I would like to obviously protect the network from the outside. I would also like to be able to block certain websites from being accessed and also be able to pull usage logs via PC hostname.

Would I need to use some kind of proxy for the last two points? (blocking of sites and usage logs.) Or could that be done with firewall alone?

Also, I have about 15 users who are working on a daily basis on remote desktop via MS Remote Desktop. Would the software firewall cause noticeable latency for the users?

My linux skills are somewhat limited, I know how to install and configure hardware devices like my NIC, GPU and what not. But I want to both enhance the company's security and learn more about linux as I go along, and to be honest, I'm looking forward to learn more.

I've already got a spare machine, a dual core E7500 with 2GB Ram. The internet connection is a MWeb bonded solution, 2 x 4mbps ADSL lines bonded into one via Cisco hardware. So I've got one cable running to the switch.

Thank you.
Click to expand...
 
http://www.fwbuilder.org/

Firewall Builder makes firewall management easy by providing a drag-and-drop GUI application that can be used to configure Linux iptables, Cisco ASA and PIX, Cisco FWSM, Cisco router access lists, pf, ipfw and ipfilter for BSD, and HP ProCurve ACL firewalls.
Click to expand...

I think BSD packet filter is the best option.
 
VirtualForce said:
Would the software firewall cause noticeable latency for the users?

So I've got one cable running to the switch.
Click to expand...

No.

Add another NIC to your box so you have separate ingress & egress.

Also look at squid proxy while you are fumbling around.
 
AH thank you guys, very much! Wasn't expecting so many replies, but all is very, VERY much appreciated! I will work though these and let you guys know how it goes, very excited to be finally doing this.
 
Last edited:
when it comes to firewalls. i enjoy using fwbuilder and iptables.

but only because i'm used to cisco asdm for ASA's
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X