[Cialug] IPFire

David Champion dchamp1337 at gmail.com
Mon Feb 10 22:03:42 UTC 2020 

A lot of the consumer SOHO routers let you attach a disk or printer to
their USB ports, and do file sharing or run a print-server too. For people
that don't want to have an additional appliance it is convenience. But
you're potentially giving up a lot of security.

Personally I'd recommend to them to get a NAS appliance like a Synology for
the extras, and just let the firewall be the firewall.

-dc


On Mon, Feb 10, 2020 at 3:55 PM Jared Brees <fromj2sitsme at msn.com> wrote:

> To be fair, most Linux/BSD firewall distros (including pfSense and
> OPNsense), have the ability to add features like file sharing, etc.
>
> It's just a matter of whether or not you really should. Further, the
> argument could be made you should *only* have the firewall be a firewall.
> No DHCP, no DNS, etc. Just firewalling. The only add-on* I have with my
> main pfSense setup is OpenVPN Client Export utility - which having the
> firewall handle VPN is relatively standard practice for even enterprise
> firewalls.
>
>
> *I use DNS, DHCP, etc., but those aren't add-ons.
> ------------------------------
> *From:* Cialug <cialug-bounces at cialug.org> on behalf of David Champion <
> dchamp1337 at gmail.com>
> *Sent:* Monday, February 10, 2020 14:41
> *To:* Central Iowa Linux Users Group <cialug at cialug.org>
> *Subject:* Re: [Cialug] IPFire
>
> I've done this in a lab setup, not sure I'd rely on it for a "production"
> configuration.
>
> I had done some testing with Untangle about a year ago but not using it
> currently. I didn't have any problems with installing it. It isn't Free
> (has a free-to-use community version), but does have a nice GUI and a lot
> of advanced features if you need those.
>
> -dc
>
>
> On Mon, Feb 10, 2020 at 2:29 PM Justin Richeson <neomatrixjr at gmail.com>
> wrote:
>
> > Agreed, though...that's coming from a guy running OPNSense as a VM on my
> > primary unRAID NAS/DOCKER/VM host.  Though, to aid in isolation it has a
> > hardware 4xGB Nic passthrough to it and no virtual NICs....someone would
> > have to break the VM wall or break through the firewall to get in.
> > Admittedly, I'm finding this isn't a great setup in practice though.
> >
> > On Mon, Feb 10, 2020 at 12:34 PM Jeffrey Ollie <jeff at ocjtech.us> wrote:
> >
> > > I was just looking through the features and I saw that it offered
> > "add-ons"
> > > that would let you turn your firewall into a Samba file/print server,
> > > backup server, yadda yadda yadda.  This is precisely the kind of thing
> > that
> > > I DON'T want in a firewall. OK, I get that they are targeting the
> > > home/small office user but your firewall shouldn't be your everything
> > else
> > > server as well.
> > >
> > > On Tue, Jan 21, 2020 at 10:13 PM L. V. Lammert <lvl at omnitec.net>
> wrote:
> > >
> > > > Caughr a blurb today about a new release - anyone using it?
> > > >
> > > >         Lee
> > > > _______________________________________________
> > > > Cialug mailing list
> > > > Cialug at cialug.org
> > > > https://www.cialug.org/cgi-bin/mailman/listinfo/cialug
> > > >
> > >
> > >
> > > --
> > > Jeff Ollie
> > > The majestik møøse is one of the mäni interesting furry animals in
> > Sweden.
> > > _______________________________________________
> > > Cialug mailing list
> > > Cialug at cialug.org
> > > https://www.cialug.org/cgi-bin/mailman/listinfo/cialug
> > >
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > https://www.cialug.org/cgi-bin/mailman/listinfo/cialug
> >
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> https://www.cialug.org/cgi-bin/mailman/listinfo/cialug
>

More information about the Cialug mailing list