I am configuring a system tto route and to protect the whole network as a packet filtering firewall. Would anyone like to propose the best daemon or firewall application that would be used to configure the firewall. I have heard about IP chains, but that was it.

BTW: I don't care about simplicity, I care about security, so which is the most secure, and I will learn it. :p

I have been very pleased with a program called PortSentry. There are also numerous docs online on how to set it up if you look around a bit.

BTW - I do have a smaller firewall running in the background, but, PortSentry is my head dude.

Also, you may want to get TripWire setup. High recommended you do that.


Dark Ninja

Get PortSentry at www.psionic.com (http://www.psionic.com)

a firewall configuration using iptables and ipchains is probably most secure.

Portsentry isn't exactly a firewall, although it does use ipchains. In fact, if you have ipchains or iptables running, portsentry won't even be triggered because ipchains/iptables will drop the packets before it even reaches portsentry.

Tripwire, also not a firewall, but highly recommended.

If you're using the 2.2 kernel, you can use ipchains. If you're using 2.4 kernel, you can use either ipchains, or iptables. An easy way to configure them is to use gShield: http://muse.linuxmafia.org

Have a look at SmoothWall (http://www.smoothwall.org) :)