[plug] Smoothwall as a firewall [was:] Smoothwall IDS/snort question

Michael Hunt michael.j.hunt at usa.net
Fri Dec 28 07:45:22 WST 2001 

Wayne Vovil [mailto:wayne.vovil at ausi.com] wrote:

> Hi
>
> Sorry can't help you with this; but I am about to set up a
> firewall box with Smoothwall over Xmas - New Year break; any
> warnings, suggestions etc?
>
> Merry Xmas to all!
>
> Wayne

I think there are two things I'd like to say about smoothwall as a firewall
solution with one being solely technical and the other being solely a
personal opinion.

1. Technically the product is excellent. It does exactly what I want
(providing an easily manageable secure firewall). It works well with my
Internet set-up (DOV ISDN dialup) and allows me to give dial access to the
people I want yet keep admin access separate and away from peering eyes.
Transparent proxy works beautifully and though I am a little under spec (P75
with 32M of RAM, 1.2G HDD) the processor doesn't seem to make much
difference to its performance. I have seen it go up to 100% CPU nut usually
it is around idle. My only problem technically speaking related to trying to
get my NetSpider to work with it. In the end it turned out to be a hardware
problem (I have some old funny serial ports) and if I manually did a
setserial on the port I could get it to connect. I added these to my startup
script before I did an update and the update blew the changes away !!!
(Should have expected that !!!!) But I wouldn't call this a show stopper and
cant really think of a technical reason for why you might not want to use
it. Maybe if you had some real weird set-up and required some extra
functionality you might build your own, but smoothwall is the only product
that I have seen in its class that can do all it does on my hardware spec
(Mandrake firewall requires a much higher spec machine that I have at my
disposal).

2. My personal opinion is that technically the product is excellent but I
have some issues with the maintainer and founder of smoothwall. I don't wish
to express them here as I am in the process of writing to him re these
issues but if you want an opinion on what people think about smoothwall and
what the founder thinks of them, check out the mail archives.

If I could just say one thing about these issues it would be that they have
led me almost to the point of removing smoothwall from my box and replacing
it with something else. Technically I can't see anything better than
smoothwall (apart from a build your own debian) but the browser interface is
quite important to my environment.

Michael Hunt

More information about the plug mailing list