[Shorewall-newbies] What is the best Linux to create a firewall ?
teastep at shorewall.net
Thu Feb 26 09:57:07 PST 2004
On Thursday 26 February 2004 06:00 am, Richard Atcheson wrote:
> > My question is not to know which distribution is better, just to know how
> > I must do to create my own firewall using iptables and shorewall and
> > minimal services like SSH...
> > Red Hat ? Mandrake ? Suse ?
> > Which package do i need to install to be able to install everything i
> > need ?
> > Sorry, i'm really new to Linux...
> Hi Florent;
> I'm partial to SuSEPro and Shorewall.
Without trying to start a distribution flame war, here is my opinion of the
various distributions that I have tried:
a) RedHat -- I used RedHat for years but their commercial products are now
rather expensive and the Debian team have a lot more experience (and a good
track record) at community-based development and support than do the Fedora
b) Mandrake -- Emphasis on using latest packages and technologies results in
some stability problems, especially in new releases. Shorewall is the default
firewall but if you let the Mandrake installer configure "Internet Connection
Sharing", the resulting Shorewall configuration doesn't match any of my
c) SuSE -- Solid distribution if it likes your hardware. I'm only able to run
it on 2 of my four Linux systems (although I haven't tried installing 9.0 on
the all of the systems). On one system, the 8.1 installer claimed that the
mother board is crap and not supported by Linux (clearly untrue since RedHat
runs fine on the system; it hosts http://shorewall.net as well as the mailing
lists), and on another system SuSE 8.1 crashed repeatedly to the point where
I couldn't get through the second phase of installation (both Mandrake and
RedHat also run well on that system). SuSE 9.0 has been very solid on my file
server which also served as my firewall for a couple of days while I was
building a new Debian-based firewall.
d) Debian -- My choice if you are an experienced Linux user. While the new
Sarge installer is a great step forward, the installation process is still
confusing in places.
While experienced users are likely to install a minimal system for use as a
firewall, I think that a newbie should start with the basic desktop
installation offered by the distribution's installer and add the required
packages (iproute a.k.a iproute2 and shorewall).
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep at shorewall.net
More information about the Shorewall-newbies