Linux Today: Linux News On Internet Time.

Lowth.com: TCP/IP Connection Cutting on Linux IPTABLES Based Firewalls

Jun 11, 2003, 04:00 (0 Talkback[s])
(Other stories by Chris Lowth)

[ Thanks to Chris Lowth for this link. ]

"The use of linux systems as IP network firewalls and routers is becoming increasingly popular. The cheapness of the software and hardware combine with the flexibility and reliability of Linux's networking support to make such a solution highly attractive. It is often possible to deliver routing and fire walling facilities at a fraction of the cost associated with systems provided by industrial heavy-weights such as Cisco, Nortel and others.

"For the knowledgeable, an out-of-the-box linux distribution such as 'RedHat' has many of the features required to build highly personalized firewalls. For the less adventurous; there are cut-down distributions available that are designed specifically for this task. The UK based 'SmoothWall' and it's clone 'IPCop' are good examples of such an approach; they are highly optimized distributions that include a tiny subset of the software commonly installed by the likes of RedHat, but add a powerful web-based front end for the tasks of configuring and managing the system. These solutions are ideal for small office or home networks.

"One advantage of using a Linux system in this way is the ease with which it can be extended or modified. Software can be downloaded from the Internet for free, compiled and installed onto the system to add features such as web proxying (Smoothwall and IPCop already have this), content filtering, anti-virus measures or any other feature you desire.

"I have recently been working on a solution to the problems of peer-to-peer traffic filtering on a Linux firewall, and have had to develop a 'connection cutter' as part of the system, and it is this tool that is described in this page..."

Complete Story

Related Stories: