Re: recommend hardware firewall

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Apr 05, 2010 at 09:16:20 -0700,
  Michael Miles <mmamiga6@xxxxxxxxx> wrote:
> I'm just using the firewall that comes with Fedora 12, is there better 
> firewall software out there.

That depends on what you are looking for.

iptables has limited deep packet inspection features. It is also only
maintaining a small amount of state. For some more extensive requirements
that might not be good enough.

Also as mentioned in another reply, having front ends that build the low
level rules can be useful. They also typically prevent you from making
rookie mistakes (such as blocking all icmp packets) that might cause odd
problems that are hard to figure out.

Another feature that is related, is doing traffic control. If you have a
router running openwrt (or something similar) you can do traffic control
for you home network. It doesn't work well to try this on each machine,
since each machine doesn't have the big picture. This is useful for providing
lower latency for some traffic despite large transfers going on. Also if
some machines should get better service than others on your network, you
can use traffic control to implement that.

The Linux Advanced Routing and Traffic Control document is a good starting
place. It is dated, but still useful. tc has gotten some additional features
and ifb is supposed to be replacing imq (though openwrt just provides imq
currently unless you build your own image) since that document was written.
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux