You are not logged in.
Pages: 1
I guys,
Here's the scenario:
I have to make my final exam on network & security, my task is to compare IPTABLES and a firewall program, yeah not a distribution.
I use Archlinux so I'd like to continue use it for my project! Anyway my question is: which NETWORK FIREWALL could be the best one? I need this features:
- packet filtering
- HA (High Availability)
- Live (active) connection migration (if one fails...)
- Load balancing (not really important but...)
I know "many" firewalls but they all are distro. I need something to install on a linux machine (as said... better if I can run it directly on Archlinux!)
Thank you all!
Offline
If you want to stick to linux this doesn't help, but I'm a big fan of pf, which does everything you want OTB on OpenBSD. If you use FreeBSD you have to recompile the kernel to get support for ALTQ (load balancing) and maybe also CARP ( failover / redundancy ). I don't use CARP so I'm not sure.
AFAIK all the firewall software on the linux side are just frontends to iptables or, if old enough, ipchains.
FreeBSD also has two other firewalls:, IPFW and IPFilter, I've never used them, though.
Offline
shorewall.
Offline
OpenBSD and PF, you just don't get anything better.
Use UNIX or die.
Offline
shorewall.
The OP stated that it dont want a "distro" so I'm assuming he dont want a fronted too, and shorewall is just a frontend for iptables (a good one, I use it and really like it)
But, I think that the OP need to define better what is needed.
As he is doing a work in networks security comparing different frontends of iptables don't look a good option, because they work the same at the network level.
I think you need to compare iptables to pf and ipfw. At low level not at the frontend level.
Offline
Thanks to everyone for your replies.
As said shorewall is something like a GUI to iptables.
OpenBSD with PF seems to be the choice for me. So if nobody else can tell me another firewall I have to try it
Thanks again.
Offline
Pages: 1