what ive noticed so far is smoothwall is pretty closed off and full of features which aint bad updates can be run from inside the gui
without having to download packages to my computer and upload them in. It also offers three options on install closed – open or half open, half open being the default which sounds ok but need to read more into! it has some strange plugins i never seen in ipcop such as sip filter and im filter – which if enabled you can live watch peoples conversations in a console LIVE! talk about snooping! also has a browser based console which could be handy i suppose?.. all the clam engine updates with the update manager and it looks like daily updates are under the hood ill have to poke into this a tad more! snort has been changed you now have to get a code from snort.org which you get after a free sign up and then you enter it when you enable it then it pulls down the latest snort rules. the web proxy has a transparent mode which will build itself into port 80 8080 so you dont have to put proxy settings into all the web browsers! saves hassle and you get a pop3 proxy. all this is passed through clam antivirus and spamassasin. The graphs for useage are live and very nice to look at and very detailed graphs on cpu / memory usage. Ssh is enabled by a tick box and then you have to ssh in using -p 222 switch to access the server, i see you can hack a config file and change this the standard 22 port i dont see much point. I have looked at some of the addons and some look pretty good – ill just leave this as it comes out of the box and install on site and see how it performs then ill expand on top of that to requirements. Ill update this later… Also you can sign up for free to get email updates on packages and the free version is restricted to one processor and I think a gig of ram.
The ipcop basically has the same install as smoothwall as it was a branch from it. I noticed it never asked if i wanted open / closed or half closed so i expect its open?? Its seems very cut down and the packages out of date – infact it was pretty useless till i added the copfilter package were a gained a extra tab with clam & various proxies and monit which emails you problems. The update system could see what needed updating but i had to update the packages manually. Now with ipcop each section has plenty of configurable options which was a bit over the top and if you change something you can quiet easily kill the box. I set this up in a virtualbox with two nics and ran though it for a few days – i then tested it on the box and it was fine – when i came to install on site and use it – it died three times and just ran like a pile of crap? I noticed there are a lot more addons and its very configurable a lot more than smoothwall – but i also noticed as you start adding the functions its starts getting real hungry – i think ill pass on this for a while and come back and try when its a tad better…… ill update soon with some more linux firewalls im testing and the results of the smoothwall in corporate use…
id go for smoothwall so far…..