On Friday 15 November 2002 02:18, Jaime Nebrera Herrera wrote: > I'm the Project Manager of LINCE release. We are just awaiting to > solve a couple of problems with our CVS area to upload the iso image. > > LINCE is just a Bering distribution on steroids oriented to a > Compact Flash (or Hard Disk) system. Bering is just wonderful but it > lacks some features a professional firewall might need. BTW, is based > on glibc 2.2
Great! The WP'ed SST dom would also be a great option (or CD-ROM). I'll love to check it out! > For example we have done already: > > 1) Easy installation of Bering or LINCE from a CD installer (its > provided as an iso image). All Bering packages in a convenient place > (the iso). 2) Most popular ethernet adapters by default loaded > 3) HTB QoS trough htbinit > 4) SQUID 2.4Stable6 configured to run in memory > 5) SMTP Proxy for Antivirus (FPROT done), antirelay or antispam > (this one not done yet) > 6) POP3 transparent proxy for antivirus (FPROT) > 7) Web filter content (IP, URL, words, MIME, PICS) > 8) IPSec with FreeSWAN Out of curiousity, do you really feel the http/smtp/pop proxy should be on the "firewall"? I understand many people would love this option, but to many people (especially for enterprise installations) this would seem to be akin to sending invitations to hackers by filtering on the firewall. > We dont know if all this will be released at the first moment, or > just in future releases (first we need to try to sell them to other > people :))) but they will come, specially if this community helps us > getting some of that functionality done. I'm sure many of us would contribute when and if we have the time! > Things we are planning to add in the near feature: > > 1) Bridge functionality. Yes, this is done with Bering but we have > never done it, need to learn how to do it. > 2) Proxy ARP - the same There are many of us using both of these options. The proxy-arp is easy to test if you don't mind opening the server to the internet less securely IMHO. The bridge option simply uses the box as a hub. It can be used to tie together tp-10/100, bnc, fiber, etc..., however tp-to-tp testing would be adaquate. > 3) HTTP load balancer.- We are just awaiting somebody will pay us > to do this :) > 4) SNORT, inline SNORT, high availability (heartbeat), .... David D/Oxygen has a snort package available, though I have not used it personally. > We plan to live from "improving this platform" (somebody will pay > us to add some functionality), giving support, selling preassambled > systems (you can see great pictures of the box in > http://www.eneotecnologia.com/soho_fotos.html) and so on, well you > get the point. Many of us are doing this, in various degree's. Best of luck to succeeding in your project, I hope to someday do the same successfully! -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! ------------------------------------------------------- This sf.net email is sponsored by: To learn the basics of securing your web site with SSL, click here to get a FREE TRIAL of a Thawte Server Certificate: http://www.gothawte.com/rd524.html ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
