[CLUE-Tech] a more sophisticated firewall?

rrarabie at attbi.com rrarabie at attbi.com
Thu Dec 27 07:49:09 MST 2001 

Here is a link to the resources I referenced to setup and configure my OpenBSD firewall/router for my home LAN.

http://www.onlamp.com/pub/a/bsd/2000/07/05/OpenBSD.html

This was my first foray into the *BSD relm.  I found it to be a very good experience.  I will say that I have been playing with Linux and Unix for three years, so most of the tasks and concepts were familiar.

Documentation and "howtos" are not as abundant, however the documentation out there is very good...and concise.  The link above is to some piece of the O'Rielly Network...a very good source for all things Open Source.

My box is an old dell 486, 90 mHz intel, 24 MB RAM, 600 MB HD.  I have it doing firewall, NAT, port forwarding, DHCP server for my LAN, cached nameserver, and it is running an IDS which logs to a MySQL DB on another box.

I love it.

Randy
> adam wrote:
> 
> > I've found that OpenBSD, while not linux, is the best con sarn
> > router/firewall there is.   Nat takes a few minutes to set up, a few more if
> > you want specific rules for port forwarding.  Firewalling is a snap, too--
> > and you can deny ranges of IPs, specific ports, packet types, etc.
> 
> Don't know OpenBSD.  Didn't think Linux was very hard (unless you get into some
> of the wacky advanced stuff it can do).
> 
> > It has a tiny little footprint, too, so putting it on a 1 GB drive is well
> > more than
> > enough.
> 
> Debian potato, 486, 16MB, 200MB.  How much smaller do you want?
> 
> >  I've found that the simplicity and power of OpenBSD makes it a far
> > better choice than Linux.  I have friends who tout the superiority of
> > linux's iptables firewalls-- but their lists of rules are enormous.  My
> > OpenBSD firewall has what-- 17 lines in it?  It blocks the standard RFC 1918
> > (I think) IP addresses, blocks incoming netBIOS, logs S/SA packets, and
> > passes in to internal IPs sendmail, www, and ssh.  works like a total gem.
> > I love it.  You can download a pre-configureed firewall (hardly necessary,
> > there is very little "open" by default) and drop it in.  15 minutes of
> > staring at it and you will understand how it works.  I have friends who
> > swear by it, I swear by it, too.  Plus, you get your hands dirty with
> > another distro that you may come to love.
> 
> I'll have to take a look.  I doubt the functionality is that different, so I
> doubt the config is all that different.  Wouldn't surprise me if OpenBSD has
> better examples and defaults.
> 
> Can OpenBSD dual boot with Linux/Windows, or do the disklables get in the way?
> Since I don't really plan to install OpenBSD soon, do you have any links to
> howtos or other docs on doing the above (firewall config)?
> 
> Dave
> 
> 
> _______________________________________________
> CLUE-Tech mailing list
> CLUE-Tech at clue.denver.co.us
> http://clue.denver.co.us/mailman/listinfo/clue-tech

More information about the clue-tech mailing list