Building a hardware+software firewall

[James_A]

There's a number of free firewall distributions out there, such as IPCop and SmoothWall Express.

They usually are based on Linux and run happily on hardware that is too old to run Windows XP (or later).

I'm thinking of trying one out on some old hardware I have. No fans (except the PSU) and -- very -- quiet!

Has anyone had any experience of building/installing/running any of these?

If so, how did it go?

Which distro would you recommend?

.

[Eldmannen]

You don't even need a machine good enough for Windows XP. Actually, you could get away with even using a 486.

You can run it minimalistically, booting just the kernel to the command line and not loading any unnecessary services. You would get away with a computer of 50 MHz and 20 mb RAM.

Either get an old cheap computer, or you could build a low-powered one using Via Nano or Intel Atom. With Linux you're not even limited to x86, you could go with a system-on-a-chip (SoC) / single-board computer (SBC) using an ARM processor.

Linux is great for firewalls, it comes with iptables which is very powerful. Besides Linux, there are some other operating systems that are good for firewalls too such as FreeBSD which comes with ipfirewall which is also a great firewall. m0n0wall is a firewall distribution of FreeBSD.

A firewall distribution of Linux is Devil-Linux, but else you could run a general purpose distribution such as Debian or Ubuntu Server. They all come with iptables.

[James_A]

Thanks for the link to m0n0wall. I had forgotton about that.

Hardware will not be a problem.

In my junk box I have 386, 486, Pentium I, II, and III (it's a very large junk box!).

It's the software that I would like to know more about. I have been to the sites listed and looked at the documentation, but there's tons to read. The screenshots of IPCop, for example, make it look at lot easier to use than the usual Belkin/D-Link/Linksys/Netgear home modem/firewall/router all-in-one boxes. Is it as good as it looks?

If anyone else has ever tried one or more of IPCop, SmoothWall (free) or m0n0wall and has actual experience, I would like to hear from you. See the above two posts for links to all 3 of those.

.

[Eldmannen]

Well, I haven't tried it.

But I am sure its much more powerful than any home firewall/router device.

But if you want alot of customizability, then that is probably going to require more knowledge, so it will be trickier, but it might allow you to configure it tighter and more to your liking than a simpler on/off solution.