SCIENTIFIC-LINUX-USERS Archives

June 2007

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
From:
Art Wildman <[log in to unmask]>
Reply To:
Date:
Tue, 12 Jun 2007 01:30:54 -0400
Content-Type:
text/plain
Parts/Attachments:
text/plain (53 lines)
Keith Lofstrom wrote:
> I intended to bring all my machines up to SL5, but that only supports
> kernels for i686 and x86_64 AFAIK.  My firewall machine for my small
> network is an old P5 laptop.  Other alternatives required.  I want to
> stay rpm/yum based, and would like to keep the familiar Red Hat 
> architecture and file layout.  I would also like to have automated
> updates forever, or the best approximation possible.
>
> Three alternatives look OK so far:
>
> 1) Rebuild the SL5 kernel and glibc and a few other packages for i586,
> and exclude them from yum updates.
>
> 2) Go to a security-based small distro such as Openwall.
>
> 3) Go to a firewall distro such as Endian.  GUI config and excessive
> package count disturbing, though.
>
> Any superior alternatives?  I would like something as close to
> fire-and-forget as possible that will support the old laptop.
>
> Keith
>
>
> P.S. - I use an old laptop for a firewall because it is x86, but draws
> a trickle of power compared to a desktop PC.  That is eco-friendly, but
> frankly the more important reasons are that it is quiet and cool, and
> it will live for a LONG time on a UPS during a power failure.  
>
>   

Look at  Shorewall, very well maintained & documented...
http://www.shorewall.net/
http://www.shorewall.net/shorewall_quickstart_guide.htm
http://www.invoca.ch/pub/packages/shorewall/3.4/shorewall-3.4.3/

IPCop Firewall is another that is simple to maintain & designed for 
home/dsl users...
http://www.ipcop.org/

LinuxGuruz Netfilter IPTABLES Firewall Page
http://www.linuxguruz.com/iptables/

LiveCD based & Halted Firewalls
http://www.livecdlist.com/?pick=All&showonly=Firewall&sort=&sm=1
http://www.linuxjournal.com/article/7383
http://www.samag.com/documents/s=1824/sam0201d/0201d.htm

Some hackers use OpenWRT for lightweight (lowpower) FW/VPN...
http://www.remoteroot.net/2006/06/cheap-linux-firewall-iptables-on.php

-Art@JAX

ATOM RSS1 RSS2