Need Freeware Firewall applicance.

I know this is probably a tall order, however, I have a spare PC with a
couple of network cards. I would like to change it into a firewall &
proxy. Just to learn more about firewalls / security and web caching.

In the past I've installed linux / iptables / squid / fwbuilder etc.
However, it took a lot to get it compiled running and configured. It
was a little more work and a little less elegant then I originally
intended. Although I learned a lot, this time I am looking for a
cleaner (simpler) solution. One where I could manage the entire thing
from an fwbuilder type interface and one that would work 'out of box' so
to speak.

Do I need to go a Linux route with iptables / squid manually built by
hand. Configure OS / IP-Tables / FW-builder / SQUID or some equivalent
solutions or are there already free canned distro/appliances that will
let me remotely push a firewall policy onto this machine and manage its
proxy settings from a remote location. (Save my trip to the basement).
Hopefully this solution has some sort of free IDS type detection built
in as well. Thank you in advance and please point me in the right
direction if at all possible.

Re: Need Freeware Firewall applicance.

I guess I could also ask it like this :

"Are there any freeware even remotely comparable to Checkpoint, PIX, or
Netscreen?"

Thanks again. ..

Anthony B wrote:
> I know this is probably a tall order, however, I have a spare PC with a
> couple of network cards. I would like to change it into a firewall &
> proxy. Just to learn more about firewalls / security and web caching.
>
> In the past I've installed linux / iptables / squid / fwbuilder etc.
> However, it took a lot to get it compiled running and configured. It
> was a little more work and a little less elegant then I originally
> intended. Although I learned a lot, this time I am looking for a
> cleaner (simpler) solution. One where I could manage the entire thing
> from an fwbuilder type interface and one that would work 'out of box' so
> to speak.
>
> Do I need to go a Linux route with iptables / squid manually built by
> hand. Configure OS / IP-Tables / FW-builder / SQUID or some equivalent
> solutions or are there already free canned distro/appliances that will
> let me remotely push a firewall policy onto this machine and manage its
> proxy settings from a remote location. (Save my trip to the basement).
> Hopefully this solution has some sort of free IDS type detection built
> in as well. Thank you in advance and please point me in the right
> direction if at all possible.
>
>
>

Re: Need Freeware Firewall applicance.

On Sep 3, 10:54 pm, Anthony B wrote:
> I guess I could also ask it like this :
>
> "Are there any freeware even remotely comparable to Checkpoint, PIX, or
> Netscreen?"
>
> Thanks again. ..
>
> Anthony B wrote:
> > I know this is probably a tall order, however, I have a spare PC with a
> > couple of network cards. I would like to change it into a firewall &
> >proxy. Just to learn more about firewalls / security and web caching.
>
> > In the past I've installed linux / iptables /squid/ fwbuilder etc.
> > However, it took a lot to get it compiled running and configured. It
> > was a little more work and a little less elegant then I originally
> > intended. Although I learned a lot, this time I am looking for a
> > cleaner (simpler) solution. One where I could manage the entire thing
> > from an fwbuilder type interface and one that would work 'out of box' so
> > to speak.
>
> > Do I need to go a Linux route with iptables /squidmanually built by
> > hand. Configure OS / IP-Tables / FW-builder /SQUIDor some equivalent
> > solutions or are there already free canned distro/appliances that will
> > let me remotely push a firewall policy onto this machine and manage its
> >proxysettings from a remote location. (Save my trip to the basement).
> > Hopefully this solution has some sort of free IDS type detection built
> > in as well. Thank you in advance and please point me in the right
> > direction if at all possible.

Anthony,

You can have a look at http://www.safesquid.com/html/portal.php?page=105
They do provide a free edition.

Re: Need Freeware Firewall applicance.

On Sep 3, 12:28 pm, Anthony B wrote:
> I know this is probably a tall order, however, I have a spare PC with a
> couple of network cards. I would like to change it into a firewall &
> proxy. Just to learn more about firewalls / security and web caching.
>
> In the past I've installed linux / iptables / squid / fwbuilder etc.
> However, it took a lot to get it compiled running and configured. It
> was a little more work and a little less elegant then I originally
> intended. Although I learned a lot, this time I am looking for a
> cleaner (simpler) solution. One where I could manage the entire thing
> from an fwbuilder type interface and one that would work 'out of box' so
> to speak.
>
> Do I need to go a Linux route with iptables / squid manually built by
> hand. Configure OS / IP-Tables / FW-builder / SQUID or some equivalent
> solutions or are there already free canned distro/appliances that will
> let me remotely push a firewall policy onto this machine and manage its
> proxy settings from a remote location. (Save my trip to the basement).
> Hopefully this solution has some sort of free IDS type detection built
> in as well. Thank you in advance and please point me in the right
> direction if at all possible.

Run squid and IPF - free and free'er. Run Webmin to make it more
'appliance' like.

Re: Need Freeware Firewall applicance.

> I know this is probably a tall order, however, I have a spare PC
> with a couple of network cards. I would like to change it into a
> firewall & proxy. Just to learn more about firewalls / security
> and web caching.

Try these and decide which one will match your needs

http://www.zeroshell.net
http://m0n0.ch/wall
http://www.pfsense.com/
http://www.vyatta.com/

personally I like the first one, although it hasn't a built-in
proxy, you could always add one on a separate box if
you really do need it; or you may just use it "as is" and
then wait for the next version which will have a built-in
proxy with AV scanning capabilities