Wednesday, March 26, 2008

Smoothwall Firewall

For those of you with an extra PC lying around (particularly an old junker), you might want to consider tossing out that Netgear or Linksys router in favor of installing Smoothwall (smoothwall.org).

Smoothwall is a very nice specialized Linux distribution built to install in just a few minutes and have a very configurable firewall/Point-to-point VPN solution with all the bells and whistles. All you need:

-An old PC (486 or better)
-256MB RAM
-2 NIC cards (or 1 + USB if your DSL/Cable modem is on the supported list for that)
-A couple of GB of hard disk space, if you like to log things

The distribution boots up and fires up a nice web-based configuration manager that allows for complete control of the system. I don't believe I've ever needed to use the command line for anything on my smoothwall, other than when it took a power hit and beat up the filesystem.

It also includes goodies (which are enabled with a checkbox)
-Caching Proxy Server
-Intrusion Detection
-DHCP
-Support for Dynamic DNS services
-Traffic graphing and trending
-Support for a DMZ on a 3rd network interface

For those needing a little better support, and a full L2TP/IPSEC VPN support, they do have a smoothwall corporate edition as well (smoothwall.net).

Beyond the filesystem issues after a power outage, the only problem I've had with my smoothwall box is that the power supply actually lit on fire (fortunately while I was standing there). I yanked the power supply and threw it outside (boy, did that smell bad), popped a new one in, and we were back up and running.

No comments: