On Wed, 2003-02-12 at 22:59, Budi Febrianto wrote: > I'm playing around with RHL 8 to set up firewall with iptables. > With Pentium II 300, 64 MB, 4 GB SCSI HD, 2 NIC's 100 Mbps. I think it > enough.
Enough if you use text mode. I run a good firewall on a Pentium/166 with 64 MB, a 1GB EIDE disk, and two 10 Mbps NIC's. So far my 40 users aren't complaining at all. :-) > I configure firewall based on Rusty's IPTABLES How to. > Well, it works and I think it secure enough. If you are asking this type of question, you probably want to at least try out some of the packages which build you a firewall configuration. It's not that hard to make a mistake. Personally, I would recommend that you use Shorewall (www.shorewall.net) to build your firewall. Very simple to use and pretty secure. > What are the different if I using RHL 8 as firewall, rather than using > pre-built firewall. They say that the pre-built firewall come with hardened > operating system, I think Linux already did. Linux is more flexible and more capable. You will be able to get a better picture of what your users do, detect abuse, provide proxying, block spam, and do other stuff should you so desire. (You don't necessarily want to do all this, but you can.) Linux is also cheaper overall and, if the box breaks, you can have another one online in 30 minutes. The prebuilt firewalls are more expensive, more limited, and not as easily replaceable. However, they are easier to use if you have no experience and do provide a quick, functional, drop-in solution. Look at stuff like the Netgear FR318, which for $150 will give you an 8-port switch in addition to a firewall with stateful inspection, DHCP, and NAT. I would recommend Linux, but be aware that this will require more learning and more of a time investment on your part to ensure you understand what you're running. If you don't have that time or don't want to put in the effort, either get someone else to build it for you or buy one of the prebuilt things. -- Rodolfo J. Paiz [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
