posted by Niall C. Brady on Tue 3rd Feb 2004 20:17 UTC

"Smoothwall, Page 2/2"
Click for a larger view Next thing I did was to fire up my web browser based management of Smoothwall, which by default is located at https://192.168.0.1:441/. After accepting the security certificate, I was presented with a newly designed (and very nice) web based management interface for Smoothwall, much cleaner and better laid out than Smoothwall 1.0.

On the first page of Smoothwall Express Final 2, you will see a whole bunch of tabs at the top of the screen (very like their web page actually), clicking on any one will prompt you for username/password to gain access. Enter your admin details and you are good to go. Once logged in, the front page will notify you if you need to get an update from Smoothwall, In my case, I needed one update, which is fairly simple to apply. You must click on the maintenance tab, and then updates, then click on the update listed, download it locally, and then use the management interface to browse to the update file, and upload it to the Smoothwall server. If it sounds difficult don't worry - trust me, it's easy. I do have a suggestion for Smoothwall about this however, on the home page, instead of merely informing you about the update, how about linking directly to the updates page (which currently it does not).

On the subject of updating, the update available for me, was SWP-2004:001 'updates for smoothwall express to correct linux kernel local security vulnerabilities', and seeing as the kernel version that ships by default with the downloadble ISO is 2.4.22 I started downloading and updated to 2.4.24-final cf (2.1MB download). After applying the update, I was informed that all was ok, however... the kernel listed in 'about your smoothie' under the 'advanced' section was still the old one, so I rebooted. Perhaps it should have told me to, I don't know, but from RedHat and previous linux experience a kernel update means a reboot. To reboot the machine, click on the 'shutdown' link, and the 'reboot' button. You will here it beep a few times while it's rebooting (doh, ray, me) and that signals that it's up again which is handy when you don't have a monitor connected. After the reboot, 'about your smoothie' reported the correct and updated kernel.

In order to see Intrusion Detection system at work, you need to enable it, so click on the 'services' tab and highlight 'intrusion detection system'. Enable it and click save, (note, if you have not configured your red/green interface properly, it will not start.) After some minutes, check the status of the IDS by clicking on the 'logs' tab. You should see some attempts by various foreign IPs' listed in there. Next thing to look at is your firewall, click on the firewall tab and you can see Source and destination ports/ips attempting to enter/leave your network. Very nice.

Click for a larger view Ok so you've got IDS setup and you've looked at your firewall and IDS logs, now what ? well, you can open ports and forward them to specific ips on your local network (port forwarding). To do this click on the networking tab and select port forwarding. You can enter the port you wish to forward (for example port 80) and the destination ip/port you want it to go to (for example 192.168.0.205:8080). Next choose TCP (or UDP if you wish) and click Add. The rule will now be added in a list which you can easily later remove or edit.

What other cool stuff is there ? well, you can block IP's, by clicking on the ip block tab in networking. Just enter your chosen ip (the one you don't like) and decide if you want Smoothwall to drop the packet or reject it, and of course, you can log this. Very cool. You can also configure Smoothwall to block ICMP ping requests, IGMP, ignore multicast traffic and lots more. There's just an awful lot of cool stuff in this OS and the best way to find out what it offers is to download it and test it.

I successfully connected via a VPN through Smoothwall, and using PcAnywhere, without any problems. If you feel that perhaps Smoothwall isn't secure enough then get another wan ip address and nmap your Smoothwall box, and watch the output on your firewall/IDS logs, it's impressive to say the least. I'm confident that anyone who see's this will be impressed and will want to set it up for themselves. It's not perfect of course, for example there is the USB ADSL modem issue (I don't have a USB ADSL modem, mine is a Zyxel Prestige 600 series), and the PPP settings tab in networking does list PPP, PPPoA and PPPoE connections, but from the drop down list I could not pick anything but standard modems on com ports 1 through 4. In other words, I could not make it autologin my ADSL modem and in the end, had to login via the web. Smoothwall is free and its a really useful thing to do with old antiquated hardware, I'm certaintly glad I have it running again on a box at home protecting one of the two ADSL modems at home, and sharing the internet to the pcs on that local lan. I am going to run this version of Smoothwall for a few weeks and see if it does the business, if it does (and I think it will) I will once again replace the dlink hardware firewall on the other ADSL connection with this setup that I have now.

I give Smoothwall Express Final 2 a huge thumbs up for improving on the old, almost tired looking Smoothwall 1.0. Please do yourself a favor, and give it a try, the 45.5MB download is well worth it.

Table of contents
  1. "Smoothwall, Page 1/2"
  2. "Smoothwall, Page 2/2"
e p (0)    46 Comment(s)

Technology White Papers

See More