Keith Lofstrom wrote:
I intended to bring all my machines up to SL5, but that only supports
kernels for i686 and x86_64 AFAIK. My firewall machine for my small
network is an old P5 laptop. Other alternatives required. I want to
stay rpm/yum based, and would like to keep the familiar Red Hat
architecture and file layout. I would also like to have automated
updates forever, or the best approximation possible.
Three alternatives look OK so far:
1) Rebuild the SL5 kernel and glibc and a few other packages for i586,
and exclude them from yum updates.
2) Go to a security-based small distro such as Openwall.
3) Go to a firewall distro such as Endian. GUI config and excessive
package count disturbing, though.
Any superior alternatives? I would like something as close to
fire-and-forget as possible that will support the old laptop.
Keith
P.S. - I use an old laptop for a firewall because it is x86, but draws
a trickle of power compared to a desktop PC. That is eco-friendly, but
frankly the more important reasons are that it is quiet and cool, and
it will live for a LONG time on a UPS during a power failure.
Look at Shorewall, very well maintained & documented...
http://www.shorewall.net/
http://www.shorewall.net/shorewall_quickstart_guide.htm
http://www.invoca.ch/pub/packages/shorewall/3.4/shorewall-3.4.3/
IPCop Firewall is another that is simple to maintain & designed for
home/dsl users...
http://www.ipcop.org/
LinuxGuruz Netfilter IPTABLES Firewall Page
http://www.linuxguruz.com/iptables/
LiveCD based & Halted Firewalls
http://www.livecdlist.com/?pick=All&showonly=Firewall&sort=&sm=1
http://www.linuxjournal.com/article/7383
http://www.samag.com/documents/s=1824/sam0201d/0201d.htm
Some hackers use OpenWRT for lightweight (lowpower) FW/VPN...
http://www.remoteroot.net/2006/06/cheap-linux-firewall-iptables-on.php
[EMAIL PROTECTED]
