Open Source Firewall/Routers That Don’t Suck – Blancer.com Tutorials and projects

Following our list of Linux Distros That Don’t Suck, More Linux Distros That Don’t Suck and Even More Distros That Don’t Suck, we are going to start to narrow our lists to a specific role.

In this installment of our “Distros That Don’t Suck” we are featuring routers/firewalls. Sure you can use your default DLink or Linksys hardware router to preform these tasks but why not bring it to the next level with much more control and features like VPN and bridging?

NOTE: The contained list includes projects that are 100% free and open and don’t charge for additional components or functionality. There are plenty of projects that offer a lite or free version of their solution but charge you for more advanced features.

pfSense – pfSense is a FreeBSD based stateful packet filtering firewall with a whole slew of features. Besides your basic NAT/Firewall capabilites, pfSense offers packages that can enhance it’s feature set like a transparent virus proxy for web surfing and Snort for sniffing packets. pfSense also comes with PPTP, IpSec and Open VPN support baked in and support for OpenBSD’s CARP hardware failover which allows you to have two boxes configured as a failover group. I’m been using pfSense for a few years now and love it. It’s an enterprise grade product with an easy consumer interface. Definitely my favorite.

m0n0wall – Another FreeBSD based stateful packet filtering firewall which is what pfSense is based on. It’s pretty much has the same feature set as pfSense with a few minor exceptions. It’s really stable and is one of the older distros in the firewall/router game. m0n0wall will run on pretty low end hardware and offers an embedded option so you can run it on embedded hardware like an ALIX board. A great option if you want something you can set and forget.

IPCop – Originally a fork of the SmoothWall project, IPCop is a Linux based stateful firewall built on the netfilter framework. IPCop offers a simple update mechanism to install updates and offers many addons that add additional functionality like QoS and virus checking. Geared toward the home or SOHO user, IPCop offers a highly configurable firewall/router that can run on almost and hardware you have laying around.

DD-Wrt – If you don’t have a spare computer laying around to power your router/firewall and would like to take advantage of a hardware WLAN you already own then DD-Wrt is right up your alley. A fork of OpenWRT, DD-WRT is a Linux based alternative firmware suitable for a long list of WLAN routers. If your hardware router is supported a simple firmware upgrade to DD-WRT will add a lot of the same functionality to your hardware that most of the distros in this list offer. A great way to mod existing hardware to squeeze every last bit of performance out of the unit. May I suggest the Linksys WRT-54G-L.

Zeroshell – Zeroshell aims to provide an easy to install and maintain Linux based firewall distribution. Zeroshell is powerful enough for an enterprise load but surprisingly easy to configure with complete set of options like VPN, QoS and VLAN support. Based on Linux and available as a LiveCD or Compact Flash image, Zeroshell falls into the “easy and powerful” category. Great for someone who doesn’t want to screw around too much and just wants something that works.

I’m sure I have missed other great projects that offer a firewall or routing. If you know of a distro that should be in our list let us know in the comments.

Open Source Firewall/Routers That Don’t Suck originally appeared on tech.nocr.at on 2010/12/30.

Leave a Reply