- Joined
- Apr 22, 2006
- Location
- Sioux Falls, SD
This is a list of the free (like beer) firewall distros I have used, and some details about them.
Hopefully someone will find this information useful.
Smoothwall Express
Homepage
http://www.smoothwall.net/products/comparison.gpl.php
Installation details
This distro overwrites all data on the HDD and is designed to be the
only thing on that computer.
User Interface
Any web browser.
SSH
Menu
Screenshots
http://www.smoothwall.org/about/screenshots.php
Downloads available
-32 bit 69MB | ISO CD Image
-64 bit 71MB | ISO CD Image
-VMware image 59MB | BZip2 - VMWare Image
Pros:
Smoothwall has been around since July of 2000 and has a rich, helpful community forum.
This leads me to believe that they will not be going away any time soon.
Also, this company offers corporate editions (Non-Free).
This tells me that they are making money and can better fund the free edition
and those who are working on it. Lots of community-produced Add-ons. (Home Brew)
Audible tones on shutdown, and when ready after reboot. Very good update feature in Web Interface.
Port-Forwarding is very easy to implement. It 'JUST WORKS'.
Cons:
This Distro has no USB Keyboard support in the installation portion. Snort is not working well. No powerful native Web Content Filtering.
IPCop
Homepage
http://ipcop.org/index.php?module=pnWikka&tag=IPCop14xFeatures
Installation details
boot from floppy / usb floppy ( usb floppy allow only install from cdrom).
boot / installation from IDE / SCSI cdrom.
boot / installation from usb key.
boot from PXE enabled network card (need avdhcp and tftp server).
installation from http/ftp server.
User Interface
Any Web Browser
SSH
Menu
Screenshots
http://ipcop.org/index.php?module=pnWikka&tag=IPCopScreenshots
Downloads available
ipcop-1.4.18-install-cd.alpha.iso Alpha 48.7MB
ipcop-1.4.18-install-cd.i386.iso i386 47.2MB
ipcop-1.4.18-install-pxe.i386.tgz i386 3.85MB
ipcop-1.4.18-install-usb-fdd.i386.img.gz i386 45.1MB
ipcop-1.4.18-install-usb-hdd.i386.img.gz i386 45.1MB
ipcop-1.4.18-install-usb-zip.i386.img.gz i386 45.1MB
ipcop-1.4.18-othersrc.tar.bz2 Platform-Independent 277MB
ipcop-1.4.18-sources.tgz Platform-Independent 1.82MB
Pros:
Fully opensource, Well documented, Ease to Setup and use. Plenty of add-on modules. See the list here.
Audible tones when shutting down and when ready after booting up.
Cons:
Does not include powerful web content filtering natively.
m0n0wall
Homepage
http://m0n0.ch/wall/features.php
Installation Details
Runs on a live CD-ROM or from CompactFlash with a floppy disk or USB Drive for saving settings.
Also targeted towards the net45xx/net48xx range from Soekris Engineering (www.soekris.com)
and the WRAP platform from PC Engines (www.pcengines.ch)
User Interface
Any Web browser
SSH
Menu
Screenshots
http://m0n0.ch/wall/screenshots.php
Downloads available
net45xx-1.232.img
net48xx-1.232.img
generic-pc-1.232.img
cdrom-1.232.iso
wrap-1.232.img
rootfs-1.232.tar.gz
Pros:
LiveCD, 'nuff said.
Very, very small at around 6MB.
Cons:
Not as feature rich as the others.
Endian Firewall Community
Homepage
http://www.endian.com/en/community/about/features/
Installation Details
Installs from CD-ROM ISO onto HDD
User Interface
Any Web browser
SSH
Screenshots
http://www.endian.com/en/community/about/screenshots/
Downloads Available
Endian Firewall 2.2 Beta 1 ISO i386104MB
Endian Firewall 2.1.2 Stable ISO i386 112MB
Endian Firewall 2.1.2 Stable VMWare Image 32bit 84.2 MB
Pros:
Each section in the Web interface has a help page link and are VERY helpful!
The most feature-rich distro in this list. Audible tones when shutting down, ready after booting up,
when Red side interface goes down and when it comes up. Again, they have non-free
editions also.
Cons:
There is so much you can do with this distro, it can be overwhelming.
Spotty USB Keyboard support in installation.
PFSense
Homepage
http://www.pfsense.com/index.php?id=26
Installation Details
LiveCD/Installation CD ISO i386
Embedded
List of tested, known good, hardware
User Interface
Any Web browser* (See Cons section)
SSH
Menu
Screenshots
http://www.pfsense.com/index.php?id=27
Downloads available
pfSense-1.0.1-Embedded Image 21MB
pfSense-1.0.1-LiveCD Installer ISO.gz 26MB
pfSense-1.2-RC3-Embedded Image 24MB
pfSense-1.2-RC3-LiveCD Installer ISO.gz 50MB
Pros:
Very vice, well organized, web interface with 3 'skins'. Easy to add/remove
packages from within web interface. When using Intrusion Detection/Prevention,
you have full control over each of the rules used, in the web interface.
Overall, 2nd best looking Distro, IMO. Built-in wifi support with
fully featured web config page. Can set as AP.
Cons:
The beta version 'Nerve Center' skin web interface drop-down menus don't work well using Internet
Explorer version 7.0.5730.11. Firefox version 2.0.0.11 had no issues.
ClarkConnect Community
Homepage
http://www.clarkconnect.com/info/features.php
Installation Details
CD-ROM installation ISO designed to install ClarkConnect as the only thing on the HDD.
User Interface
Any Web browser
SSH
Menu
Screenshots
http://www.clarkconnect.com/info/screenshots.php (These are the paid editions screenies,
not the free edition. No free edition screenshots available at this time.)
Downloads Available
Community Edition 4.2 CD-ROM ISO 475MB
Pros:
Overall nice web interface. LAN backup and recovery server. Groupware.
Active forums. Another company which offers non-free solutions.
Cons:
No native Dynamic DNS functionality (howto correct this). No alert tones. Relatively steep H/W requirements.
(Your old 486 wont cut it with ClarkConnect).
Astaro Security Gateway
Homepage
http://www.astaro.com/our_products/astaro_security_gateway/asg_overview
Installation Details
CD-Rom ISO overwrites the HDD contents. During installation, it recommends at least 256mb ram. Heed that. First install attempt failed.
Didn't meet hardware requirements. Astaro has tested hardware, and their results can be found here:
http://www.astaro.com/lists/HCL-ASG-V7.txt
Failed installation was on a Celeron 700 W/128mb pc100
Successful install was on a Celeron 1Ghz W/256mb pc133 (This is still too slow.)
User Interface
Web Browser
SSH
Screenshot
Screenshot
Downloads Available
Astaro strays from the others in how they deliver their software. First you register with their site,
then request a copy and free home license by email. Then you follow the link they send you to
get your ISO and license. After installing, you access the Web Interface and upload the license.
You only get one license.
Pros:
This is a very professional looking piece of software. We are talking Enterprise quality.
Automatic updates. Email reporting with charts and graphs. Feature rich. Would make good use of
powerful machines. Advanced features for advanced users.
Cons:
A pain to acquire. Steep hardware requirements. Not as user-friendly as some others in this list.
If you know of anything which needs to be added/edited please do not hesitate to let me know!
I hope with this information you can make one of these to actively secure your home network!
Hopefully someone will find this information useful.
Smoothwall Express
Homepage
Features
http://www.smoothwall.net/products/comparison.gpl.php
Installation details
This distro overwrites all data on the HDD and is designed to be the
only thing on that computer.
User Interface
Any web browser.
SSH
Menu
Screenshots
http://www.smoothwall.org/about/screenshots.php
Downloads available
-32 bit 69MB | ISO CD Image
-64 bit 71MB | ISO CD Image
-VMware image 59MB | BZip2 - VMWare Image
Pros:
Smoothwall has been around since July of 2000 and has a rich, helpful community forum.
This leads me to believe that they will not be going away any time soon.
Also, this company offers corporate editions (Non-Free).
This tells me that they are making money and can better fund the free edition
and those who are working on it. Lots of community-produced Add-ons. (Home Brew)
Audible tones on shutdown, and when ready after reboot. Very good update feature in Web Interface.
Port-Forwarding is very easy to implement. It 'JUST WORKS'.
Cons:
This Distro has no USB Keyboard support in the installation portion. Snort is not working well. No powerful native Web Content Filtering.
IPCop
Homepage
Features
http://ipcop.org/index.php?module=pnWikka&tag=IPCop14xFeatures
Installation details
boot from floppy / usb floppy ( usb floppy allow only install from cdrom).
boot / installation from IDE / SCSI cdrom.
boot / installation from usb key.
boot from PXE enabled network card (need avdhcp and tftp server).
installation from http/ftp server.
User Interface
Any Web Browser
SSH
Menu
Screenshots
http://ipcop.org/index.php?module=pnWikka&tag=IPCopScreenshots
Downloads available
ipcop-1.4.18-install-cd.alpha.iso Alpha 48.7MB
ipcop-1.4.18-install-cd.i386.iso i386 47.2MB
ipcop-1.4.18-install-pxe.i386.tgz i386 3.85MB
ipcop-1.4.18-install-usb-fdd.i386.img.gz i386 45.1MB
ipcop-1.4.18-install-usb-hdd.i386.img.gz i386 45.1MB
ipcop-1.4.18-install-usb-zip.i386.img.gz i386 45.1MB
ipcop-1.4.18-othersrc.tar.bz2 Platform-Independent 277MB
ipcop-1.4.18-sources.tgz Platform-Independent 1.82MB
Pros:
Fully opensource, Well documented, Ease to Setup and use. Plenty of add-on modules. See the list here.
Audible tones when shutting down and when ready after booting up.
Cons:
Does not include powerful web content filtering natively.
m0n0wall
Homepage
Features
http://m0n0.ch/wall/features.php
Installation Details
Runs on a live CD-ROM or from CompactFlash with a floppy disk or USB Drive for saving settings.
Also targeted towards the net45xx/net48xx range from Soekris Engineering (www.soekris.com)
and the WRAP platform from PC Engines (www.pcengines.ch)
User Interface
Any Web browser
SSH
Menu
Screenshots
http://m0n0.ch/wall/screenshots.php
Downloads available
net45xx-1.232.img
net48xx-1.232.img
generic-pc-1.232.img
cdrom-1.232.iso
wrap-1.232.img
rootfs-1.232.tar.gz
Pros:
LiveCD, 'nuff said.
Very, very small at around 6MB.
Cons:
Not as feature rich as the others.
Endian Firewall Community
Homepage
Features
http://www.endian.com/en/community/about/features/
Installation Details
Installs from CD-ROM ISO onto HDD
User Interface
Any Web browser
SSH
Screenshots
http://www.endian.com/en/community/about/screenshots/
Downloads Available
Endian Firewall 2.2 Beta 1 ISO i386104MB
Endian Firewall 2.1.2 Stable ISO i386 112MB
Endian Firewall 2.1.2 Stable VMWare Image 32bit 84.2 MB
Pros:
Each section in the Web interface has a help page link and are VERY helpful!
The most feature-rich distro in this list. Audible tones when shutting down, ready after booting up,
when Red side interface goes down and when it comes up. Again, they have non-free
editions also.
Cons:
There is so much you can do with this distro, it can be overwhelming.
Spotty USB Keyboard support in installation.
PFSense
Homepage
Features
http://www.pfsense.com/index.php?id=26
Installation Details
LiveCD/Installation CD ISO i386
Embedded
List of tested, known good, hardware
User Interface
Any Web browser* (See Cons section)
SSH
Menu
Screenshots
http://www.pfsense.com/index.php?id=27
Downloads available
pfSense-1.0.1-Embedded Image 21MB
pfSense-1.0.1-LiveCD Installer ISO.gz 26MB
pfSense-1.2-RC3-Embedded Image 24MB
pfSense-1.2-RC3-LiveCD Installer ISO.gz 50MB
Pros:
Very vice, well organized, web interface with 3 'skins'. Easy to add/remove
packages from within web interface. When using Intrusion Detection/Prevention,
you have full control over each of the rules used, in the web interface.
Overall, 2nd best looking Distro, IMO. Built-in wifi support with
fully featured web config page. Can set as AP.
Cons:
The beta version 'Nerve Center' skin web interface drop-down menus don't work well using Internet
Explorer version 7.0.5730.11. Firefox version 2.0.0.11 had no issues.
ClarkConnect Community
Homepage
Features
http://www.clarkconnect.com/info/features.php
Installation Details
CD-ROM installation ISO designed to install ClarkConnect as the only thing on the HDD.
User Interface
Any Web browser
SSH
Menu
Screenshots
http://www.clarkconnect.com/info/screenshots.php (These are the paid editions screenies,
not the free edition. No free edition screenshots available at this time.)
Downloads Available
Community Edition 4.2 CD-ROM ISO 475MB
Pros:
Overall nice web interface. LAN backup and recovery server. Groupware.
Active forums. Another company which offers non-free solutions.
Cons:
No native Dynamic DNS functionality (howto correct this). No alert tones. Relatively steep H/W requirements.
(Your old 486 wont cut it with ClarkConnect).
Astaro Security Gateway
Homepage
Features
http://www.astaro.com/our_products/astaro_security_gateway/asg_overview
Installation Details
CD-Rom ISO overwrites the HDD contents. During installation, it recommends at least 256mb ram. Heed that. First install attempt failed.
Didn't meet hardware requirements. Astaro has tested hardware, and their results can be found here:
http://www.astaro.com/lists/HCL-ASG-V7.txt
Failed installation was on a Celeron 700 W/128mb pc100
Successful install was on a Celeron 1Ghz W/256mb pc133 (This is still too slow.)
User Interface
Web Browser
SSH
Screenshot
Screenshot
Downloads Available
Astaro strays from the others in how they deliver their software. First you register with their site,
then request a copy and free home license by email. Then you follow the link they send you to
get your ISO and license. After installing, you access the Web Interface and upload the license.
You only get one license.
Pros:
This is a very professional looking piece of software. We are talking Enterprise quality.
Automatic updates. Email reporting with charts and graphs. Feature rich. Would make good use of
powerful machines. Advanced features for advanced users.
Cons:
A pain to acquire. Steep hardware requirements. Not as user-friendly as some others in this list.
If you know of anything which needs to be added/edited please do not hesitate to let me know!
I hope with this information you can make one of these to actively secure your home network!
Last edited:
I'd vote sticky 
