Linux firewall

Murdoch · Post by **Murdoch** » Mon May 24, 2004 12:01 am

Okay you linux gurus, I have a question for you. I would like to use this 400bx based puter I have on standby for firewall duties. I like how IPCop works(small size, ability to configure it via a webpage, and simple to get running), and I would like that on a bootable CD. can this be done?

CharlieChan · Post by **CharlieChan** » Mon May 24, 2004 2:35 am

You probably can but a easier way is run it of flash - I assumed you want to remove the noisy hard disk. I run smoothwall on a flash disk in a compaq SFF P2 350Mhz. The only moving component in the system is a 8cm used to cool the PSU and CPU so it is very quiet - not silent thou.

Murdoch · Post by **Murdoch** » Mon May 24, 2004 10:16 am

You're quite correct in the sense that I do want to remove the noisy hard drive.

bobo5195 · Post by **bobo5195** » Mon May 24, 2004 10:32 am

im currently running a ipcop router (old compaq p3 600, very noisy fan but its downstairs so dont care)

As far as i know ipcop needs a hard drive, as it wirtes files to disk. You could get a flash to hard disk converter and run the flash drive as a hard disk. Im worried that the flash card would break after awhile due to ipcop writing to it.

Have u tried monowall, http://m0n0.ch/wall (much smaller than ipcop by the way

) . Its unix as opposed to linux like ipcop but is as secure if not more so than ipcop. It can boot of a cd and use the floppy for tempory files, so it has no hard disk. It doesnt use the cd drive after it has loaded up as it uses a ramdisk.

As far as i know there are a few cd rom based linux router distros but they are relatively early in development compared to ipcop, try www.distrowatch.com off the top of my head sentry firewall comes to mind. Another option would be knoppix with a firewall component running on top. This is less elegant but can be made to do more complex stuff

MoJo-chan · Post by **MoJo-chan** » Mon May 24, 2004 11:05 am

m0n0wall is quite good, I like IPCop's interface more but as you say it needs a HD. It uses virtual memory so a compact flash card wouldn't last forever. You can install m0n0wall on a hard drive as well, and set the HD in the BIOS to spin down after one minute of inactivity.

Murdoch · Post by **Murdoch** » Mon May 24, 2004 3:44 pm

okay, everything looks good so far.. now how do i end up configuring it from my main box?

I'm running IPcop right now until i switch over completely.

Murdoch · Post by **Murdoch** » Mon May 24, 2004 7:37 pm

i'm now under m0n0.. and it's really nice to work with. thanks guys.