best opensource firewall

Question

We implemented Untangle opensource firewall on our network and interested to know various other firewalls with GUI interface. Can someone suggest which are the best opensource firewall implemented.

I found few others too. Like Astaro, Vyatta etc. Please provide your valuable suggestions.

score 5 · Accepted Answer · answered Dec 30 '10 at 08:52

The "best" depends a lot on what you need ...

I use pfSense for my home network, and I am very happy about it. It runs fine on low power, small form factor hardware (in my cas an Alix2d13). The user interface is easy to understand and well designed. It supports advanced features if you need them (CARP, Multi WAN, ...). The only more or less advanced feature that I use is bridging between my wireless and my wired network.

I did use Shorewall, installed on a Debian system in multiple small enterprises setups. I didnt have any web interface on them, but I find that editing text files to add rules is actually a better solution in this setup. It becomes easy to backup your rules, version them, run diffs over them ...

I did try quite a few other solutions (IPCop, Smoothwall, ...) but I never sticked with them (not that they were bad, I just prefer Shorewall and pfSense).

+1 for pfSense. I can only recommend pfSense as well. In my opinion it has the best interface as well. — Raffael Luthiger, Dec 30 '10 at 09:05

score 1 · Answer 2 · answered Dec 30 '10 at 08:48

1

7 of the best Linux firewalls. Check out this link http://www.techradar.com/news/software/applications/7-of-the-best-linux-firewalls-697177

answered Dec 30 '10 at 08:48

nitins

2,579
15
44
68

2

No offense, but eBox is just silly as a firewall - it's an all-purpose distribution. – weeheavy Dec 30 '10 at 08:53
@weeheavy I saw that article the other week and had the same thought. – 3dinfluence Dec 30 '10 at 14:25

score 1 · Answer 3 · answered Dec 30 '10 at 20:17

We use Astaro Security Gateway (a pair of them in a failover configuration) for one of our locations and have had great success with them. We use their commercial product with a support plan so it doesn't really count as open source even though it is built on top of open source tools. It does a lot more than just firewall and the web interface is pretty slick. They release updates fairly often which requires a reboot. Recently they added the ability to schedule updates so they can run in off-peak times without having to be awake for it or take the network down in the middle of the day which is nice.

We use pfSense at other locations where we just need basic NAT routing, port forwarding, DHCP, etc. Of everything on those networks, the pfSense boxes are generally the most stable. Put a UPS on the box and it will run for months without having to touch it at all (in many cases the only time they're ever down is to move them or upgrade the software). pfSense is built on FreeBSD which itself is very solid, so you can expect stability with them.

score 0 · Answer 4 · answered Dec 30 '10 at 14:18

why don´t you use iptables as the core and the firewallbuilder GUI as frontend?

http://sourceforge.net/projects/fwbuilder/files/ http://www.fwbuilder.org/4.0/features.html

I´ve used it in severals arquitectures and It´s make sense to give it a try ;)

best opensource firewall

4 Answers4