[clug-talk] RE: Internet Filtering

Shawn sgrover at open2space.com
Fri Sep 9 11:23:09 PDT 2005

These types of firewalls are good for home use.  But the moment you start 
hosting servers, and/or adding in content filtering, they begin to become 
unsuitable.  Sure you can do some port forwarding, but what if you only want 
to forward port 22, for 3 specific IPs, and block everyone else?  The smaller 
boxes usually aren't set up to handle this.  They also do not do content 
based filtering of any sort.

So, they do have their uses, but are not sufficient for what the original 
poster was after (content based filtering).  :)

My IPCop box cost me $0.00.  I'm using an old P166 that was given to me, and 
the software was free.. <grins>.  That said, I would love to come across one 
of the higher end Cisco IOS routers (hardware router) for dirt cheap - 
hardware routing is SO sweet...  But IPCop does everything I need for now, 
and then some...

My thoughts...


On Friday 09 September 2005 11:39, Greg King wrote:
> There is no question that a software based firewall like IP Cop is
> powerful, but it will never be as cheap as a firewall appliance if you shop
> around.
> For example, my son just bought an SMC firewall / router at futureshop for
> $4.99 after rebates. The GST on the purchase price put it in around $8.50
> total cost. The box is the size of a small paperback novel, and is a 4 port
> 10/100 switch as well. It has a stateful firewall with some port and url
> filtering. He bought it solely to take to X-box gaming parties but I tried
> it out as a dhcp server, firewall, and router, and it wasn't bad at all. It
> operated in almost complete stealth mode according to "Shields up" (one
> identity port open). The power bill alone for a PC based firewall left
> running 24x7 for a reasonable amount of time is probably greater than the
> purchase price of this device, which operates with very low power
> requirements.
> It's not as interesting to setup/ tweak, but it is very cheap to own and
> operate.
> Regards, Greg

More information about the clug-talk mailing list