PureBasic Forums - English

Hi!

I need a firewall. It needs to be using very few system recourses when dealing with a lot of connections.
So it needs to be able to not phuck it all up when i have many connections.

I have tried ZoneAlarm free, and that didnt go really good with a lot of connection. And i have tried Kerio Too, it works better, but uses a lot of recourses when there is a lot of connections.
Also i noticed with kerio, that my Half Life 2 made some lacks etc when it was open. [768mb ram, 2000+, radeon 9600xt 256mb]

but i need a small nice firewall, that handles a lot of connections.

any ideas

Hardware Firewall, i.e. a nice Router or Switch - this is the best option anyway. Software Firewalls don't are as secure as they want to be (or want you to believe they are).

Ok. well i have a linux box, so if i get the time, i could set that up. Actually i didnt think about that..

hmm i know there once was [probaly still are] a nice free operating system designed for being a server only. I dunno if it was linux based, but i know it had a nice webinterface. Any ideas on what it was called?

thefool wrote:Ok. well i have a linux box, so if i get the time, i could set that up. Actually i didnt think about that..

hmm i know there once was [probaly still are] a nice free operating system designed for being a server only. I dunno if it was linux based, but i know it had a nice webinterface. Any ideas on what it was called?

Go here. A single floppy router solution in Linux. http://www.zelow.no/floppyfw/

to Quote the site "floppyfw is a router with the advanced firewall-capabilities in Linux that fits on one single floppy disc."

Hope this is of some help.

Or you can have a look at http://www.smoothwall.org
.. If you have a spare box that is...
It's a linux - dedicated firewall/router with a web-user interface..

Or talking about floppies: http://www.freesco.org

thanks to all answers!

Here you go
The best thing since sliced bread
http://m0n0.ch/wall/

You can use it on an old PC, or put it on a small embedded board, like this:



I love it

-Karl

I have been using IPcop (open source) for about 8 months now with no problems at all. My Linksys router stoped working so I put this setup in place. It was a breeze to setup. IPcop even found my USB based cable modem, which allowed me to use one of those cheap old ThinkNIC PCs that were popular about 3 years ago. The whole thing sits on my bookself above my PCs.



Here is the IPcop project site if you want to take a look: http://www.ipcop.org

Holy crap.. is that a scanner you've got on the left side in the picture?
It looks like one of those HUGE Agfa scanners from a few years back.. LOL

Yep! It keeps on working so I keep it around. It was the stuff in its day, but that day has come and gone.

Around here you can pick up hardware router appliances from Linksys and the like for $30-$50 at Office Max, Radio Shack, Wal-Mart or any other fine retailer

If you've got an old PC ...

Coyote Linux works great and only requires a single floppy disk. Smoothwall is great in my experience if you've got a small hard drive or perhaps a compact flash to ide adapter (silent operation). I've heard good things about IPCOP ... I believe it's a smoothwall fork?

It's true that a low end consumer firewall device is a good option, but not if you put a lot of traffic through it. They simply weren't designed for it.

Beach wrote:I have been using IPcop (open source) for about 8 months now with no problems at all. My Linksys router stoped working so I put this setup in place. It was a breeze to setup. IPcop even found my USB based cable modem, which allowed me to use one of those cheap old ThinkNIC PCs that were popular about 3 years ago. The whole thing sits on my bookself above my PCs.



Here is the IPcop project site if you want to take a look: http://www.ipcop.org

So are you running from the wall to the IPcop pc..? Are you running two nics in that box?

- np

Anyone who runs IPCop (or SmoothWall) and want's to see it bomb quickly
Start E-Mule and Kazaa simultaneously (or some other heavy traffic file sharing app that will open 300 to 500+ simultaneous socket connections.
Come back in less than 24 hours and see how your TCP stack is crashed and dead
m0n0Wall (or *BSD based firewalls ) just keep on working like a breeze
BTW, m0noWall has "Traffic Shaping", which let's the OS prioritize different kinds of traffic, for example, giving lower priority to file sharing and higher priority to regular web browsing.
It looks like this:

http://m0n0.ch/wall/screens/shaper.png
http://m0n0.ch/wall/screens/shaper_pipes.png
http://m0n0.ch/wall/screens/shaper_queues.png

-Karl

problem is that i use so many different ports and servers, that i need something where i can change it QUICK.
however i have a linux server
[2*266 mhz, 100mb ram, 15gb hdd]
wich i guess could run monowall. Or at least i hope, if im going to try it.

But actually the server os i looked for was BOTH web, ftp, firewall and more.
But it was a dedicated server OS and seemed to run ok on low end machines too. but im not sure about if it could handle 2 cpu's..