Linux Firewalls Distro's

Posted on 2005-04-12
Last Modified: 2008-01-16
I am looking for some open-source firewalls that will allow me to configure through a WebGui. I love m0n0wall but it won't let me block any URL's. Like Smoothwall but won't let me have public IP's in the DMZ. Like RedWall but just too much of a bear. You guys know of anything else?? This will be the firewall for my companie's network.
Question by:Trihimbulus
    LVL 6

    Assisted Solution

    Have you looked at IPCOP:

    Here's what they say about their product:
    Below, you will find a copy of our Mission Statement. All members of the IPCop Firewall Team strive to meet these goals. By achieving these goals, the IPCop Firewall will be one of the major Linux Firewall distributions in the world.

    Provide a stable Linux Firewall Distribution.
    Provide a secure Linux Firewall Distribution.
    Provide an opensourced Linux Firewall Distribution.
    Provide a highly configurable Linux Firewall Distribution.
    Provide an easily maintained Linux Firewall Distribution.
    Provide an easily configured Linux Firewall Distribution.
    Provide reliable Support to the IPCop Linux user base.
    Provide an enjoyable environment for the Public to discuss and request assistance.
    Provide stable, secure, and easy to implement upgrades/patches for IPCop Linux.
    Develop an appreciation for both the Linux and Opensource movements in our user base.
    Develop a long lasting relationship with our userbase.
    Strive to adapt IPCop to meet the needs of the Internet of Tomorrow.
    Further develop the Linux Knowledge base of all Project Members and Users.
    After seeing the direction certain Linux Distributions were heading in, a group of dissatisfied users/developers decided that there was little reason for the idea of a GPL Linux Firewall Distribution of such potential to be, simply, extinguished.

    IPCop Linux is a complete Linux Distribution whose sole purpose is to protect the networks it is installed on. By implementing existing technology, outstanding new technology and secure programming practices IPCop is the Linux Distribution for those wanting to keep their computers/networks safe.

    The IPCop Linux Team is dedicated to doing the very best job possible to keep your systems safe, as you can see on our site.

    "The Bad Packets Stop Here!"

    LVL 51

    Assisted Solution

    > .. won't let me block any URL's
    this is not a (network) firewall issue, but a proxy or application level firewall (aka adaptive proxy)

    > ..won't let me have public IP's in the DMZ
    this is unusal
    But first think of your network topology and assigned IP.
    Assuming that you firewall's WAN IP is in the same IP subnet as the DMZ-IP, then this could not work. That's not a firewall problem, but one of your network design.

    Best is you assign the public IPs of your DMZ to the WAN interface of your firewall (as virtual interface for example), assign a private IP to your DMZ hosts and then forward all packets according your firewall rules to these DMZ hosts.

    I'd recommend that you get used to iptables, which is simple in first glance. That's much easyer than configuering some so-called sophisticated GUIs (which mainly hide iptables functionality).
    LVL 12

    Accepted Solution

    I agree with ahoffmann, most of the iptables GUIs mask and often do not provide control over the full functionality of iptables.

    Learn iptables at the command-level or how to manipulate the iptables config file and you'll be much better off then relying on these poor UI crutches.  In this instance, we're not being the typical UNIX bigots, iptables is an app best run through the Shell, so to speak, and not with any of the available, but limited GUIs.

    It sounds like you're a small office, so you may want to invest in a very inexpensive appliance firewall device such as a Check Point Safe@Office, NetScreen-5GT, or Watchguard Firebox which costs less than $400 (cheaper than a PC running Linux and a firewall software you're not comfortable with).

    My $0.02

    If you still want to go down this path, check this site out for more info in Linux firewalls and GUIs to control iptables:
    Firestarter is good to get you off the ground, but you will need a better log tool and more advanced options after it gets you started to configure DMZ device control.
    LVL 1

    Assisted Solution

    by:Kien Kennedy
    Linux Firewalls Distro's ???
    Here is Linux Firewall Distro numbered 1 in

    Some information:
    Devil-Linux is a CD-based Linux distribution for firewalls and routers. The goal of Devil-Linux is to have a small, customizable and secure (what is secure on the Internet?) Linux. The future of Devil-Linux will go far beyond an ordinary router, we will provide a lot of other services, but the distribution will still be easy and fast to maintain.


    Note: It's great!

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Highfive + Dolby Voice = No More Audio Complaints!

    Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

    Hello EE, Today we will learn how to send all your network traffic through Tor which is useful to get around censorship and being tracked all together to a certain degree. This article assumes you will be using Linux, have a minimal knowledge of …
    BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (, affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
    Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now