Ask the same question on linuxquestions.org



Many years ago I would have used ipchains or iptables, but these guys will know the best current option. Furthermore, they'll help you support what you choose - it's all a free forum, btw.

There are several answers to your question.

All of which are dependent on variables within your network.



PFSense is an entire distro dedicated to Enterprise Level firewalling and much more.

As such it is meant to be used on a device that sits between your network and the internet.

I.E a "Perimeter Firewall", or as a router ( Lan or Wan), or perhaps a Wireless Access Point.



If you are using only one gateway to the internet then a device running this OS may suit your needs

If you are already using a Router as the internet gateway and are not looking to purchase another device, then perhaps DD-WRT may have a compatible rom for your router. DD-WRT will of course offer similar visual functionality and control.

If all computers are plugged into their own gateway you can write an IPTables script and push it to all nodes (Assuming all linux nodes of course ;-) )





All in all each network can be as unique as a fingerprint and require a tailored approach from you the network admin.



Here are the questions that you should ask next to help tailor your approach.



1.) What type of network topology and/or segmentation are you implementing?

2.) What sorts of devices are you running inside of your network?

3.) How many gateways to the internet does your network use?

4.) Which segments of your network will need to be placed behind the firewall?

5.) Are you willing or able to purchase / acquisition / re-task a device as a dedicated firewall?



Last and not least



6.) Are you willing to put in the time to understand, implement, modify, and "upkeep" a device of this nature? ( Linux is not for the faint of heart! )



These questions will of course lead you to more questions.

Hopefully there will be some answers in there as well eventually.



Boa Sorte

Does Linux get viruses? on a similar time as there are Linux viruses in life, it incredibly is totally no longer likely that a Linux field is going to get contaminated. first of all Linux working structures tend to be very guard out of the field. 2nd, Linux does not take in plenty marketshare so it incredibly is not precisely a worthwhile platform to aim. 0.33, the source code gets worked over plenty with the help of multiple people who make valuable there's no virus code in it. Fourth, maximum of your utility is won no longer by way of Google yet by way of guard "repositories", that are servers dedicated to importing notwithstanding utility equipment you may want on your particular working device. Does it shrink what i will acquire? No, for sure no longer. you may acquire something you prefer to acquire. besides the incontrovertible fact that, what you acquire won't artwork with the device if it incredibly is an exe document or something. What are the perfect open source working structures frequently for time-honored makes use of? There are a lot of them. right here's a rundown of the multiple least confusing to apply ones: The Ubuntu kinfolk (Ubuntu, Kubuntu, Xubuntu, Lubuntu, etc.) Mint Fusion Mandriva Mepis OpenSUSE