On Thu, 2003-07-31 at 11:29, Mark Ferlatte wrote: > Andre Volmensky said on Thu, Jul 31, 2003 at 04:11:14PM +1000: > > What are the advantages of a linux firewall over something like Windows > > with WinRoute on it, or even a hardware based firewall. What are the > > disadvantages etc. I know I am asking on a linux users mailing list, but > > I would also like reply's not to be too bias. > > I would say that the largest advantage of the hardware firewalls is stability: > you don't have to worry about disk failure. Now, you can build a Linux > firewall that loads off of a flash, but why bother when companies have done it > for you (ImageStream's Rebel routers are an example of this, which I've > personally used and am reasonably happy with). > > The largest disadvantage is lack of flexibility: if you want to do something > that your hardware doesn't support, you're hosed. But, for firewalls, you > generally don't want to do too much, so this isn't as much of a problem. > > For any small (read: DS3 or less), a PC based firewall will perform just as > well as a hardware firewall. On the other hand, do you _want_ to be paged at > 4am because your PC based firewall ate a disk?
So burn the system onto a CD. Then, no HDD, and once the system boots and all is loaded into RAM, the CD-ROM drive won't spin much either. Flexibility is slightly harder: you must burn a new CD-R every time you change the rules, but that can be made easy, if the ISO is on your HD, and mountable by loopback, or you can put /etc on a write- protected floppy. -- +-----------------------------------------------------------------+ | Ron Johnson, Jr. Home: [EMAIL PROTECTED] | | Jefferson, LA USA | | | | "I'm not a vegetarian because I love animals, I'm a vegetarian | | because I hate vegetables!" | | unknown | +-----------------------------------------------------------------+ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
