You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2010-09-10 22:30:22
- ripp3r
- Member
- Registered: 2010-05-16
- Posts: 22
Firewall, which one?
I guys,
Here's the scenario:
I have to make my final exam on network & security, my task is to compare IPTABLES and a firewall program, yeah not a distribution.
I use Archlinux so I'd like to continue use it for my project! Anyway my question is: which NETWORK FIREWALL could be the best one? I need this features:
- packet filtering
- HA (High Availability)
- Live (active) connection migration (if one fails...)
- Load balancing (not really important but...)
I know "many" firewalls but they all are distro. I need something to install on a linux machine (as said... better if I can run it directly on Archlinux!)
Thank you all!
Offline
#2 2010-09-10 23:10:46
- pseudonomous
- Member
- Registered: 2008-04-23
- Posts: 349
Re: Firewall, which one?
If you want to stick to linux this doesn't help, but I'm a big fan of pf, which does everything you want OTB on OpenBSD. If you use FreeBSD you have to recompile the kernel to get support for ALTQ (load balancing) and maybe also CARP ( failover / redundancy ). I don't use CARP so I'm not sure.
AFAIK all the firewall software on the linux side are just frontends to iptables or, if old enough, ipchains.
FreeBSD also has two other firewalls:, IPFW and IPFilter, I've never used them, though.
Offline
#3 2010-09-11 03:34:59
- T-Dawg
- Forum Fellow
- From: Charlotte, NC
- Registered: 2005-01-29
- Posts: 2,736
Re: Firewall, which one?
shorewall.
Offline
#4 2010-09-11 14:16:16
- oli
- Member
- From: 127.0.0.1
- Registered: 2006-02-07
- Posts: 164
- Website
Re: Firewall, which one?
OpenBSD and PF, you just don't get anything better.
Use UNIX or die.
Offline
#5 2010-09-11 15:12:40
- kazuo
- Member
- From: São Paulo/Brazil
- Registered: 2008-03-18
- Posts: 413
- Website
Re: Firewall, which one?
shorewall.
The OP stated that it dont want a "distro" so I'm assuming he dont want a fronted too, and shorewall is just a frontend for iptables (a good one, I use it and really like it)
But, I think that the OP need to define better what is needed.
As he is doing a work in networks security comparing different frontends of iptables don't look a good option, because they work the same at the network level.
I think you need to compare iptables to pf and ipfw. At low level not at the frontend level.
Offline
#6 2010-09-11 19:22:20
- ripp3r
- Member
- Registered: 2010-05-16
- Posts: 22
Re: Firewall, which one?
Thanks to everyone for your replies.
As said shorewall is something like a GUI to iptables.
OpenBSD with PF seems to be the choice for me. So if nobody else can tell me another firewall I have to try it 
Thanks again.
Offline
Pages: 1