For the past year i have been running IPFire as my dedicated network firewall. It's been running great, hasn't broken on me yet, but the interface is clunky and non-intuitive, and the lack of being able to access it from outside my home network is frustrating. That and it's VPN configuration leaves alot to be desired.
I'm curious as to what you guys think is the best/sleekest purpose-built firewall distro? Which one are you using on your home network? What are it's benefits and drawbacks?
*Rings the doorbell *
Hello, do you have a moment to talk about PfSense?
Scalable, intuitive and powerful. The only gripe I can come up with (apart from it not being linux lol) is poor wifi support, altho with a dedicated AP it's a 10/10
It's not linux but I agree, pfsense is great. It supports openvpn as well as IPSec and L2TP, I only really have experience with openvpn and the GUI is pretty decent for configruing it. The built in certificate manager helps a lot with configuring openvpn. The firewall itself is great once you get the hang of it, a simple configuration is easy but more complex configurations are easy enough to set up and organise so long as you know what you're doing.
also recommending pfsense, running great for 20+ site to site use case provided proper planing and non-failing hardware is used.
would recommend to everyone / 10
Could always just dive in with IP Tables. Not quite intuitive, but you'll certainly learn a lot.
UFW and fail2ban are a good choice in my opinion. UFW has been suggested to me by @Th3Z0ne and has been working great.
IPTables really is the motor behind most of all these suggestions. Id advice you to use iptables on a server release of linux of sorts, and just forget all about Desktop gui for setting up things.
It is going to be an ardious journey getting used to IPtables syntax, but performance wise, and stability, it really is great.
Most the functionality of routers today are available through software free on repos for ubuntu e.g.
hostapd, for access point, dhcp server, dns, network bridging, list goes on.
Most routers, and access points with firewall built in basically just runs a small linux distro, use IPTables and masquerade this from the user since you can't access it except through the web interface.
The only way in my case. after I dove into iptables windows firewall looks like kindergarten club. Very good tool and you will learn a lot.