I've been using IPCop (http://www.ipcop.org) with success. It was initially based on Shorewall, and therefore iptables, but has progressively moved away from Shorewall code. The next major version will completely free it from Shorewall code. I'm also looking into pfSense & Untangle. I'm looking at pfSense purely for the Dual-WAN feature which is why I'm also looking at Redwall ( http://www.redwall-firewall.com).
On 1/30/08, mike.ashton <[EMAIL PROTECTED]> wrote: > > Alex, > > Untangle looks intersting and it has commercial support available, will > give > it a try. Another one on my to test list is Endian ( > http://www.endian.com/en/community/about/ ) it has a sip proxy module. > > I've installed a bunch of different routers, with varing levels of > success. > I tried pfSense and liked it, but for me the one lacking feature was > running > load balancing, traffic shaping and QOS at the same time. The developers > are > aware of this and have it on thier radar to get implemented but no ETA. > Besides that it's a pretty solid product. > > I've also used the dual WAN Xincom, but they are too limited, support > sucks. > Some features not implemented well, like if one WAN goes down it switches > over fine, but it doesn't recover when the link comes up, you have to > manually bring it back up. > > Lately I've been using Shorewall, which is a great iptables tool, but is > not > the most intuitive tool. It is text config file based and not a complete > set > of documentation for it. But if you pick throught the docs and with a bit > of > trial and error you can implement almost anything you want that iptables > is > capable of supporting. Someone just needs to build a good GUI to manage > it, > so it is not something you would suggest to a client unless your going to > support it. > > Mike > -- > Mike Ashton > > Quality Track Intl > > Ph: 647-722-2092 x 301 > Cell: 416-527-4995 > Fax: 416-352-6043 > > QTI CONFIDENTIAL AND PROPRIETARY INFORMATION > > The contents of this material are confidential and proprietary to Quality > Track International, Inc. > and may not be reproduced, disclosed, distributed or used without the > express permission of an authorized representative of QTI. > Use for any purpose or in any manner other than that expressly authorized > is > prohibited. > If you have received this communication in error, please immediately > delete > it and all copies, and promptly notify the sender. > > > > --------- Original Message -------- > From: Alex Wang <[EMAIL PROTECTED]> > To: Leif Madsen <[EMAIL PROTECTED]> > Cc: [email protected] > Subject: Re: [on-asterisk] Survey: what are people's experience with > various > routers? > Date: 29/01/08 11:14 > > > > > Anybody having problem with sonicwall.... Please check this out... > > > > > > http://www.untangle.com/index.php?option=com_content&task=view&id=344&Itemid=747<http://www.untangle.com/index.php?option=com_content&task=view&id=344&Itemid=747> > > > > > > Untangle is the free & open source alternative to Sonicwall. In > addition to the basics (Firewall, VPN, IPS & routing), Untangle makes > it > easier to block spam, spyware, viruses, phishing, porn, gambling, MySpace, > Facebook, IM, peer-2-peer & much, much more. > > > > "Best Security Solution" - LinuxWorld 2007 > > Runs at the gateway... No clients to install! > > > > Easy to use: Intuitive GUI, logging, reporting & automatic signature > updates > > > > Installs on standard Intel/AMD hardware > > Lively forums & a great Wiki > > > > I used m0n0 and that's coming from the banner....I havn't try it but > > looks so good. > > > > Alex > > > > On Tue, 29 Jan 2008 11:04:01 -0500 > > "Leif Madsen" <[EMAIL PROTECTED]> wrote: > > > > > On Jan 29, 2008 8:31 AM, Jim Van Meggelen > <[EMAIL PROTECTED]> wrote: > > > > Lately it seems that the GNU/Linux firewall, iptables, is > emerging as one of > > > > the best. Even many hardware products are based on it. > > > > > > > > If cost were no object, and you needed to buy a firewall (that > of course had > > > > to do a good job with VoIP), what would be on your wish list? > What would you > > > > avoid like a plague? (ask Leif about SonicWall) > > > > > > > > Any thoughts and opinions are most welcome. > > > > > > Oh don't get me started on Sonicwalls! > > > > > > (Seriously though... has anyone else had the nightmarish problems > of > > > Sonicwall w/ VoIP, or is it just my inability to configure the > bloody > > > thing correctly?) > > > > > > > > > A couple people mentioned pfSense, and I was running at home for > quite > > > some time with good success. I've since switched out to DD-WRT on a > > > Linksys WRT54GL because I needed to setup a VPN connection that I > > > could route all my phones through (not just a single device) and it > > > has worked marvelously for that. > > > > > > Some people might be concerned about running an appliance with > pfSense > > > and not having "someone to blame" though. We're all > professionals here > > > and don't seem to really have that problem, but I'm curious what > kinds > > > of commercial solutions you might use if you needed to recommend a > > > firewall to a customer who then had to manage it themselves? Having > > > pfSense interface to manage yourself is fine, but if something goes > > > really wrong... well... there isn't anyone to blame but the > consultant > > > who recommended it :) > > > > > > For commercial, a lot of people seem to use Cisco's PIX for > firewalls, > > > but that is probably on the opposite end of being customer > manageable > > > (unless they've developed some web interface for it since I last > used > > > one). > > > > > > At least those are my thoughts on the matter. > > > > > > -- > > > Leif Madsen. > > > http://www.leifmadsen.com > > > http://www.oreilly.com/catalog/asterisk > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
