Bootable CDROM-based Firewalls?

DNapalm asks: "I work at a small local ISP that is in desperate need of a firewall. We don't have much of a budget, so a hardware-based solution (which I'd prefer) really isn't an option. I've been searching around the web for firewall distributions, and I know what I am looking for. I'd like a boot CD (no install required, no filesystem hacking, just reboot) that stores the configuration on a floppy (that we can easily write protect). It should have a web interface and be able to log to a hard drive or some other machine. Some distributions I've found that seem close are Sentry Firewall, Devil-Linux, NetBoz, ClosedBSD, and Keeper Linux. Has anyone used these? Can you give recommendations? Any help would be appreciated."

LEAF

[SIGBUS]

LEAF, with several versions, would be a good starting point. One variant in particular would be Dachstein-CD, which boots off a CD and uses a floppy to back up configuration changes. Note that the Dachstein releases are 2.2/ipchains-based, while Bering, which is floppy-based, is a 2.4/iptables system.

I'm using a floppy-based Bering system where I work as a multi-ISP router/firewall, and it works quite well.

Gibraltar

[acaird]

Gibraltar is pretty much what you just described. It worked very well for me in the past, although it looks like development has slowed down (no updates, at least to the free version, in over a year).