Jump to content
The mkiv Supra Owners Club

IT nerds. Interesting firewall software.

carl0s

By carl0s
in Off Topic

 Share

Recommended Posts

carl0s Newbie

carl0s

Posted
  • Author
Posted
ClarkConnect was one I looked at a while back but was heavily missing in certain features I required...

 

hmm.

 

This Endian thing is no good. Not intuitive at all and I just can't get simple outbound NAT working.. No Internet access now except from this server here with its own public IP.

 

d'oh!

Link to comment
Share on other sites
JustGav Newbie

JustGav

Posted
Posted

I've not found a product that ticks all the boxes to be honest... Smoothwall was about the closest... I'm still tempted by untangle to try it...but I just feel reading your comments it will leave me disappointed.

 

I'm getting to the point I'm going to 'roll my own'...

Link to comment
Share on other sites
JustGav Newbie

JustGav

Posted
Posted
IPCop with Cop+ IMO.

 

Got a feature set snapshot?... Might be an idea to get the various options here, and we can create a new thread with products and pro/cons. Seems a few people here have good experience with a wide range of 'home' hardware firewalls.

Link to comment
Share on other sites
carl0s Newbie

carl0s

Posted
  • Author
Posted
I've not found a product that ticks all the boxes to be honest... Smoothwall was about the closest... I'm still tempted by untangle to try it...but I just feel reading your comments it will leave me disappointed.

 

I'm getting to the point I'm going to 'roll my own'...

 

I'm thinking the same. Although I have a non-working box here now so I'm tempted to try smoothwall now :rolleyes: The developer that I seem to remember having a cock attitude isn't involved in that anymore from what I just read anyway.

 

re: untangle. I dunno. After just trying out Endian I'm tempted to give Untangle another whirl now as well. I have patched some cables through so I can leave the box here while I play instead of keep going back and to to the shed everytime I install a new system on it.

 

Another thing with Untangle that I couldn't see/find was any kind of Aliases, i.e. Kids = 192.168.253.14,192.168.253.18 .. pfSense lets me use aliases like that and then use them in firewall rules.

Link to comment
Share on other sites
carl0s Newbie

carl0s

Posted
  • Author
Posted
Try smoothwall..

 

Add dansgaurdian and imspector...

 

Gives a good result for me so far and has been the bench mark.

 

Well, I can't knock it 'til I've tried it, and we seem to have pretty much the same feature requirement/aspirations don't we :)

Link to comment
Share on other sites
carl0s Newbie

carl0s

Posted
  • Author
Posted
I've loaded untangle as well (on a spare machine and running it), just trying to work out some features. It seems a bit of a bugger that you can't do the multiple racks.

 

'tis indeed :( Of course you can if you pay the $25/month, or $225/yr...

 

I am going to pop a post on their forum asking how to change the 'no rack' behaviour to block-all, & hope they don't pick up on why I want that.

 

Also, I can't ssh from my WinXP laptop. I can from the Linux machine. Have tried telnet98 and putty now. Someone on the forum had the same problem. Weird.

Link to comment
Share on other sites
JustGav Newbie

JustGav

Posted
Posted

Me no likely untangle.. Okay for joe blogg's but seriously lacking on customizing ability..

 

Here is my review of untangle

 

Very easy to install, doesn't seem to require a huge amount of hardware. My test rig is an AMD2500 Socket A thingie, 512MB Ram, 40GB Drive. Functionality seems very good provided a high level of customizing isn't required. This would be pretty good for those people who have a few pc's at home and don't really want to fiddle too much but want it working out the box.

 

I personally found it very limited for more advanced things,however I'd be honest and say most people don't really want the sort of configuration setup I'd want.

 

Speed through put seems to be good enough and it handles my 20mb connection without any performance issues.

 

Not for me though...

 

 

 

Going to quickly try IPcop with this copplus thingy..

Link to comment
Share on other sites
JustGav Newbie

JustGav

Posted
Posted

http://www.clarkconnect.com/info/features.php Another one (think it was previously mentioned)... I'm sure I've tried it before, forget the reason I didn't like it but when I do remember, I'll edit this.

 

http://www.clarkconnect.com

* Firewall, Networking and Security

* VPN / Virtual Private Networks

* Web Proxy and Filtering

* E-mail

* Groupware

* Database and Web Server

* File and Print Services

Link to comment
Share on other sites
carl0s Newbie

carl0s

Posted
  • Author
Posted
Me no likely untangle.. Okay for joe blogg's but seriously lacking on customizing ability..

 

Here is my review of untangle

 

Very easy to install, doesn't seem to require a huge amount of hardware. My test rig is an AMD2500 Socket A thingie, 512MB Ram, 40GB Drive. Functionality seems very good provided a high level of customizing isn't required. This would be pretty good for those people who have a few pc's at home and don't really want to fiddle too much but want it working out the box.

 

I personally found it very limited for more advanced things,however I'd be honest and say most people don't really want the sort of configuration setup I'd want.

 

Speed through put seems to be good enough and it handles my 20mb connection without any performance issues.

 

Not for me though...

 

 

 

Going to quickly try IPcop with this copplus thingy..

 

I'm in the same boat. My eyes hurt now though.

Link to comment
Share on other sites
JustGav Newbie

JustGav

Posted
Posted

I'm liking clarkconnect. Does have peer2peer, also runs as a home server for storing files, ftp server that sort of thing. I did notice it did use dansgaurdian as well, so content control is okay. Haven't seen anything with regards imspector yet though.

 

It does have time controlled internet access, which I've just spotted.

Link to comment
Share on other sites
carl0s Newbie

carl0s

Posted
  • Author
Posted
I'm liking clarkconnect. Does have peer2peer, also runs as a home server for storing files, ftp server that sort of thing. I did notice it did use dansgaurdian as well, so content control is okay. Haven't seen anything with regards imspector yet though.

 

It does have time controlled internet access, which I've just spotted.

 

Crikey. I just came back to say exactly those words :D It has time based proxy ACLs. No time based firewall rules. So I can block web access, but not MSN. I just posted on their forums asking if there are future plans for time based fw rules.

 

I do like it though... very polished interface.

 

I found a working imspector at:http://www.internetcafe.in.th/showthread.php?t=3106 (click the funny hyperlink).

 

Not sure what version it is, probably not the latest 0.5, and there's no web interface to the logs, but at least it's running. I know I shouldn't be installing unknown binaries like this but I was desperate. I tried compiling on my linux machine here but it's an x86_64 system so it resulted in a 64-bit binary and I don't know how to cross-compile.

Link to comment
Share on other sites
JustGav Newbie

JustGav

Posted
Posted
Crikey. I just came back to say exactly those words :D It has time based proxy ACLs. No time based firewall rules. So I can block web access, but not MSN. I just posted on their forums asking if there are future plans for time based fw rules.

 

I do like it though... very polished interface.

 

I found a working imspector at:http://www.internetcafe.in.th/showthread.php?t=3106 (click the funny hyperlink).

 

Not sure what version it is, probably not the latest 0.5, and there's no web interface to the logs, but at least it's running. I know I shouldn't be installing unknown binaries like this but I was desperate. I tried compiling on my linux machine here but it's an x86_64 system so it resulted in a 64-bit binary and I don't know how to cross-compile.

 

I know it is a bit of fiddling, but you could probably cron an iptable chain in at certain times..

 

Some useful bits I've found so far

 

VOIP - http://www.clarkconnect.com/forums/showflat.php?Cat=0&Number=105818&an=0&page=0#Post105818

Groupware - http://www.clarkconnect.com/developer/betas/horde.php

Link to comment
Share on other sites
carl0s Newbie

carl0s

Posted
  • Author
Posted
I know it is a bit of fiddling, but you could probably cron an iptable chain in at certain times..

 

Some useful bits I've found so far

 

VOIP - http://www.clarkconnect.com/forums/showflat.php?Cat=0&Number=105818&an=0&page=0#Post105818

Groupware - http://www.clarkconnect.com/developer/betas/horde.php

 

I think in summary then, it's safe to say we both think ClarkConnect is pretty good. Flexible and well finished :thumbs:

The only thing is that it's a little dated in some respects (based on Centos 4.x), and so the upcoming (but not soon) ClarkConnect 5 should be well worth a look.

The Free version (Community Edition) is limited to 10 users. You might use those users for PPTP VPN for example (road warriors), or if you're using it as a groupware server, those would be email users. It's not (as far as I know) a limit on protected IPs or anything, so as a firewall and content filtering system, it would be suitable for many users.

 

Can't find anywhere in the GUI to amend the list of services that you use in firewall rules, so custom services need their ports manually entering everytime you create a rule, unless you want to leave the GUI and ssh in to amend the services list.

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue. You might also be interested in our Guidelines, Privacy Policy and Terms of Use.