Jack, If I were to install a linux firewall appliance today, I'd probably go with LEAF/LRP, or firewalls such as smoothwall, coyote, etc. However, 2+ years ago, when I embarked on this, I believe 2.4 kernels started penetrating the major distros, and one of the draws was stateful packet inspection (SPI), which didn't make it to LEAF/LRP for the longest time. I've pared down my MDK 8.0 firewall box to less than 250MB total, which I think is less than that of firewalls. It's only within recently memory that LEAF projects have even moved on to 2.4 kernel.
And since my MDK fw was completely set up two years ago and running, there is really no compelling reason for me to switch to LEAF. LEAF also has other (perceived) drawbacks, such as too many variants, unclear if they are well tested for security flaws, etc. Thanks, Mark
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
