I'm interested in setting up a 100% free open source software / Linux Firewal (GNU/GPL license), based on PC hardware, with a simple easy to use, install & setup interface, instead of buying an expensive dedicated hardware Firewall/router like Cisco.
At the moment I have a ADSL 2Mbit connection with a dynamic IP. My goal is to have content filtering to block all porn, sex, drugs, gambling, hate material, sites, etc...) and block all p2p software and ports (emule, utorrent, kazza, etc..) to all the business / corporate PCs (20 pcs) of my internal Lan network that have access to the internet through the ADSL modem / router.
I also tried opendns http://www.opendns.com/ as an alternative DNS server in my ADSL modem / router settings and even though it has an excellent content filter and blocks everything, it can not however block any p2p software (emule, utorrent, kazza, etc..) and the ports used by them.
So, which would be the best of the above or are there any other even better and simpler 100% free solutions to cover all the above needs?
Any help will be highly appreciated.
Thanks in advance
a linux box running iptables.. that's the stock answer.. there is NO simple 100% secure hardware firewall solution, but there are lots of security based linux distros/firewall setups around.. but I guess the use of google is beyond you *sigh* .. big learning curve coming.
I don't expect to find a simple 100% secure hardware firewall solution. But I am interested in a 100% free open source software / Linux Firewal (GNU/GPL license), to install and setup on PC based hardware.
All the ones I mentioned previously, I found using Google, I just wanted to hear some more detailed opinions from actual people that tried them, before I go with the actual install.
I was also told about the following ones as being quite common...
retroborg, no bumping til 24hrs later not 17 minutes so have some patience. if you want fast service then you have to pay for it on some other site as we all do it for free on this site except for spammers & we mods deal with those idiots.
linux uses iptables.. free.. open source.. and 100% set up the way YOU want it.. it's been default for years because it can be set exactly how you need with no starting configuration..
That's why you aren't going to get any input on the others.. because basically nobody uses them when a core system comes with something not pretty but hard out of the box..
The only problem is.. as with ALL security hardening of web connected systems.. users needs vary and you NEED to know those needs and how to set it up for the specific job it is to do.. That can only be done with reading the manual for the firewall you decide to use and setting it up accordingly.
that is very very basic.. the "short" guide runs to 170 pages and the man page is something like 1200 pages.. it's a dusty unix book with cup rings on the dog eared covers from the days of groaning shelves and asthmatic server/network/mainframe engineers in white coats.
It was the ONLY unix manual I ever actually read cover to cover.. and I nearly died from boredom more than once.
Originally posted by ddp: retroborg, no bumping til 24hrs later not 17 minutes so have some patience. if you want fast service then you have to pay for it on some other site as we all do it for free on this site except for spammers & we mods deal with those idiots.
I?m sorry for any inconvenience, but actually I didn't bump the thread in order to get more attention or extort replies, but rather to tick on the following, which I had forgotten to do on the 1st post.
I wanted to get the replies sent to my e-mail.
Quote:"Check this box, if you want to get email notifications when new messages are added to this thread."
The problem with afterdawn forums is that you can not edit the content of your post but only the thread title... :(
hehehehehe.. another example of failure to search/look
hey creakster.. these people wouldn't have lasted 2 minutes back when we started eh?
back to firewalls.. I think it's pretty well answered.. iptables and read... I happen to run bastille on my router/firewall after any major update.. mainly because I have a live torrenttracker and webserver and mailserver living on the network inside it. Doesn't take away the need to keep an eye on it and check it every day.. and that's where cron comes in.. and no.. I'm not going to post any examples from my setup configs.. because that's stupid.
