Dennis McLeod wrote:
-----Original Message-----
From: centos-bounces@xxxxxxxxxx
[mailto:centos-bounces@xxxxxxxxxx] On Behalf Of Robert Moskowitz
Sent: Sunday, December 30, 2007 9:13 PM
To: CentOS mailing list
Subject: Firewall frustration
Well FWbuilder is NOT easy. The documentation does not match
the current GUI. Now the box is locked up. I will have to
pull it again, hook it up to a kybd/VGA and reset iptables....
Maybe Shoreline with webmin....
Problem is I want a REAL router/firewall with little work.
Both public and private nets have routable addresses. No
NATing for me! I just help write the RFC ;) And all the
templates for fwbuilder want you to be using NATing.
Perhaps I should just set up another Astaro firewall. I have
been using Astaro since v3, so I am comfortable with it....
I just turned off my Astaro Gateway, as it pissed me off by continually
throttling my 10M/10M FIOS connection.....:^>
For all that it does, you would need it on a pretty hefty box of 10M.
But then I have seen LAN-LAN > 10M working here....
I liked the integration of services in the box, and I likely would have kept
it for that one item.
I'll be looking at an IPCOP/Smoothwall/Monowall replacement.
I have an IPCOP box at work for our public access DSL connection. (Customers
kept surfing p*rn in the waiting area. Squidguard on IPcop fixed that..)
Uptime on that box (Compaq P2-733) is around 250 days right now. I had to
move the box, so it would be more like 400....
I run Astaro on a Compaq SFF 1Ghz with 512Mb memory. It has a 4-port
10/100 card as well as the internal ethernet. I use VLANing extensively,
as I have ~12 LANs connected to the box. I have the public net on one
port, then all the others are plugged into a HP 2650 48-port switch. I
can move systems to the subnet I need for whatever testing or production
I use. I ONLY use the firewall for packet filtering. No SPAM control,
web proxying, etc....
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
