Lee H. Marzke on 26 Apr 2016 04:36:35 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Firewall Software Recommendation


I've used Endian in the past and now pFsense on separate physical 3-nic box  and
now a 3 nic VM.     Both of these are more on the complex side however.

Endian was actually pretty simple,  but flaky after each upgrade.  pFsense
has lots of features and is more complex,  and has issues with VOIP not quite working well.

pFSense for instance has lots of aliases for indirection that can each be multiple IP,  multiple ports
so this actually simplifies the rules with a lot of service to filter.    If your only
filter a few service for a camera this is likely overkill.   pFsense is also bsd based which
I've found doesn't bother me much as it just works, but some people may not like running a bsd appliance.

Lee


----- Original Message -----
> From: "Casey Bralla" <MailList@nerdworld.org>
> To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
> Sent: Tuesday, April 26, 2016 6:12:43 AM
> Subject: [PLUG] Firewall Software Recommendation

> As part of my security camera setup, I'm adding a Debian box with 2 NICs to
> use as a "reverse firewall" to keep the cheap Chinese camera from phoning home.
> 
> I've been using Shorewall as my main firewall on a 3-NIC Debian system, and find
> it very nice and easy to set up.   However, it's been a while since I
> researched firewalls.
> 
> Anybody have a recommendation for firewall software?  I'm looking for ease and
> simplicity rather than complex capability.
> 
> 
> TIA!
> --
> 
> Casey Bralla
> 
> Chief Nerd in Residence
> The NerdWord Organisation
> http://www.NerdWorld.org
> 
> ___________________________________________________________________________
> Philadelphia Linux Users Group         --        http://www.phillylinux.org
> Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
> General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

-- 
"Between subtle shading and the absence of light lies the nuance of iqlusion..." - Kryptos 

Lee Marzke, lee@marzke.net http://marzke.net/lee/ 
IT Consultant, VMware, VCenter, SAN storage, infrastructure, SW CM 
+1 800-393-5217 office +1 484-348-2230 fax 
+1 610-564-4932 cell sip://8003935217@4aero.com VOIP
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug