[MLUG] [ot] Looking for high performance open source firewall
Andre Courchesne - Consultant
courchea at net-forces.com
Wed Dec 17 10:09:33 EST 2008
I recently tried ClarkConnect, has very nice feature set.
Nick Sklav wrote:
> On Wed, 2008-12-17 at 09:14 -0500, David Filion wrote:
>> Hi,
>>
>> Hi everyone, I'm currently in search of a high performance open source
>> firewall. It must be a bridging firewall (nat is not an option) and be
>> able to handle a 50+Mb syn attack. Any suggestions? I know iptables
>> can handle the 50Mb, but I need something to deal with the invalid syns,
>> aka a syn proxy. *BSD seems to have implemented it into a released
>> kernel but I could not find anything for Linux (no mention of syn
>> cookies please :-).
>>
>> I've been playing with a Checkpoint firewall that does it, but I'd love
>> to replace it with an open source solution.
>>
>> Any pointers/links/suggestions?
>>
>> Thanks,
>>
>> David
>
>
> Try Shorewall -> www.shorewall.net
>
> I swear by it and in all honesty it is very versatile and i believe it
> handles all the option you have listed and it runs on all flavors of
> linux.
>
> _______________________________________________
> mlug mailing list
> mlug at listserv.mlug.ca
> https://listes.koumbit.net/cgi-bin/mailman/listinfo/mlug-listserv.mlug.ca
More information about the mlug
mailing list