Slashdot Mirror

← Back to Stories (view on slashdot.org)

SmoothWall 2.0 Linux-Based Firewall Released

Posted by simoniker on from the so-smooth-it's-criminal dept.

thegraham writes "Despite some earlier server problems, SmoothWall 2.0 has been released this evening - there are also release notes available. SmoothWall is 'a firewall operating system distribution based on Linux, enabling a low-end, possibly otherwise redundant, Intel and compatible PC to become a hardened Internet firewall', and changes from version 1 include: 2.4 kernel, new web interface, improved networking and many bugs corrected through the Beta program."

8 of 351 comments (clear)

  1. Re:OS? by pe1chl · · Score: 4, Insightful

    Hardware firewall?
    You probably mean a box with a microcontroller running a dedicated firewall operating system.

  2. linksys box? by Anonymous Coward · · Score: 3, Insightful

    A rather newbie sounding question but can anyone explain solid reasons to use this instead of the standard linksys firewall that comes with the router? Note that I'm talking about a home user with less critical requirements than a business.

    1. Re:linksys box? by Hayzeus · · Score: 3, Insightful
      A rather newbie sounding question but can anyone explain solid reasons to use this instead of the standard linksys firewall that comes with the router? Note that I'm talking about a home user with less critical requirements than a business.

      I used to use a Linux box for firewalling/masquerading and had to switch to a LinkSys because of DHCP issues with my broadband provider. One big advantage of the Linux setup was the additional functionality offered by the IP masquerading helper modules; stuff that couldn't normally be masqueraded (CuSeeMe comes to mind) could have "helper" kernel modules that allowed traffic to be masqueraded properly. You could also do web caching to disk on the same machine -- obviously not possible with the linksys.

      --

      Roving Web-Teleoperated Robot
  3. Re:OS? by tacocat · · Score: 4, Insightful

    Because software solutions are too late. The culprit is already at your machine

    And hardware solutions have two problems that I've personally seen happen.

    1. If they are found to have a security flaw in them, the company will not make the effort to reveal to the community the need for a security upgrade in every case.
    2. I can install smoothwall/ip-cop for free on a machine I can pick up for free. It comes with the capability of supporting a DMZ/LAN configuration (3 NICs). This costs big $$$ in hardware

    There are very distinct advantages to this approach. BTW they also have squid, which hardware devices can't provide.

  4. Re:Developer issues/fork by jazman_777 · · Score: 5, Insightful
    So really, if you want to use Smoothwall, better read hard or get a thicker skin somewhere. Perhaps that's good advice for the rest of us anyway.

    But Morell was in a league of his own. Most rude types are simply rude. Morell was the strutting peacock of rudeness amongst a rabble of sparrows and starlings.

    --
    Slashdot: Failed Car Analogies. Amateur Lawyering. Anecdote Battles.
  5. Re:I had a job interview with these people by Daemonik · · Score: 4, Insightful
    IMO an experienced admin should take a minimal install of his favorite generic Linux/BSD distro, and build from there. Smoothwall is good for the less experienced though, who need an out of the box solution right now, not after 6 months googleing :-)
    No, a junior admin should take the time to build a firewall from scratch.

    An experienced admin is much too busy playing Nethack and downloading pr0n from his bosses logins while running a couple of Quake servers off the company T1 to devote that kind of time to a project.

  6. Such forgiveness... by The+Tyro · · Score: 3, Insightful

    One of the Smoothwall guys just apologized to you (even though he has no way of verifying your "I was mistreated" story) in a public forum, admitted they were wrong, and did it in front of several hundred thousand slashdotters (something he didn't have to do, BTW)... and you won't even consider the software? Ever?

    Projects evolve, abrasive people are often forced out over time. Seems to me you are missing out on a potentially useful tool, based on a past beef with some guys who are no longer there...

    I'm not saying you don't have the right to feel they way you do... it just doesn't seem very pragmatic.

    --
    Even if a man chops off your hand with a sword, you still have two nice, sharp bones to stick in his eyes.
  7. Do you want to learn? by The+Tyro · · Score: 3, Insightful

    Buying a "hardware firewall" (cheaper ones are just an NAT box) is easy, but teaches you nothing.

    Honestly... there is no substitute for building your own stuff, particularly if you want to increase your understanding of networking and security. If you don't have time for that kind of thing, or just don't want the hassle (you say hassle, I say "learning experience") of rolling your own, then buy the Linksys/Dlink/Netgear box and be done with it.

    You will get far more options and much better control with the one you build yourself... but it doesn't come for free; it takes effort on your part. Seriously... build your own, then set up an ethernet tap with Snort to see what's coming and going on your network. The latter step with Snort personally taught me more about networking, protocols, and packets than any Man-page or article.

    Build it... you'll be amazed at what it does for your networking/security skills.

    --
    Even if a man chops off your hand with a sword, you still have two nice, sharp bones to stick in his eyes.