Posted by: Anonymous Coward
on May 25, 2005 10:38 PM
I use SentryCD and fwbuilder to make my firewall scripts. Perhaps the situation has changed since the last time I looked but SentryCD saved my butt because I needed bridging firewall rather than a NAT firewall. fwbuilder takes care of the "easy" part and a simple script takes care of creating the bridge; Sentry can be cojoled into running that with very little effort. All of the "easy firewall" products I've seen create NAT firewalls which isn't always what you need by a long shot. In my situation, the networks are already NATed but visible to untrusted networks on the same private IP space (those you who have worked with education "A" sites should know what I mean). Adding another layer of NAT is just...gross. Plus I didn't want to have to give every new IPs in a different address space.
The really nifty thing about SentryCD is that you can chuck your configs onto a little 16 or 32MB USB drive and make yourself a nice firewall that needs no harddrive.
Learn about Linux
Download Linux
Get Linux help
Works great with fwbuilder.
Posted by: Anonymous Coward on May 25, 2005 10:38 PMThe really nifty thing about SentryCD is that you can chuck your configs onto a little 16 or 32MB USB drive and make yourself a nice firewall that needs no harddrive.
#