DistributionWatch Review: SmoothWall Linux 0.9.4 - page 2
A Secure Distribution
The way SmoothWall is set up is pretty efficient. Settings are through a set of Web pages, which makes it a breeze to configure by remote. There are three users allowed to directly access the SmoothWall machine: root, admin, and dial.
Root is just like root on any other Linux box, so there's not a lot to say there. The admin user has full access to all of the Web pages, both status and active configuration, to make all of the firewall settings. The dial user can just do one thing: start and stop the dial-up connection to the Internet.
The status of network traffic, running services, and interfaces are all displayed on the home page for the SmoothWall box. With admin access, a user can get into the configuration pages and manage PPP connections, password administration, and firewall logs. The system can even be set up as a DHCP server, which is a real boon for those of us tired of wrangling IP masquerading for a network with a single door to the Internet.
If you use the DHCP server, you can enable remote user configuration, which essentially feeds the proper network connection data back to individual computers so they know which way to point to get to SmoothWall and from there out to the Internet.
SmoothWall does not come with active security tools, and relies on the diligence of the admin to keep checking the logs to make sure no uninvited guests have come a'calling.
According to the documentation provided with SmoothWall, this distribution will run quite efficiently on a 486 machine with as little as 16 MB of RAM. The performance of this configuration was not checked, however. Still, if this is a valid statement, using SmoothWall might be an excellent way to recycle one of your old boxes lying around somewhere in your house.
On my test machine, I found setup of the PPP dialer easy to manage. I connected another machine to the box and, with just a little finagling on the client machine's end, I was able to get the DHCP functions going as well.
Moving Into the Future
Throughout the SmoothWall documentation, the developers maintain that no prior experience is needed to run and configure SmoothWall.
"...When Lawrence and I started designing SmoothWall we really had the idea of looking at LRP and EdgeFireplug and FreeSco, which we liked without reserve, but we wanted to make life so much easier to newbies and non-Linux users, as this was in ideal tool for everyone at home and in small offices," Morrell wrote in an on-line interview.
For the most part, I tend to agree with their self-assessment. And more is yet to come for this distro. Both Manning and Morrell both agree that there will not be a formal final release for their creation. "...we will keep releasing the product and ensuring it as feature-full and stable as it ever was/is," Morrell wrote.
So what is coming in future releases of SmoothWall?
"ADSL and cable modem support are a biggy and they are on our radar, but as with everything we only release when stable," Morrell indicated. " We're exploring an IPSec compliant VPN client/gateway (but export restrictions screw us?)"
The developers are also planning on adding proxy server capability, based on the UK Wwwoffle project or Apache's proxy.
SmoothWall is a completely volunteer effort thus far, though Morrell and Manning hold out hope that more help, and perhaps even a sponsorship, will be along soon.
When you think of the major advantages this offers to dialup users worldwide," Morrell wrote, "and also our commitment as a team of five people here in the UK doing this in our spare time, some help and assistance would be cool."
SmoothWall does not support X, nor will it ever, according to the developers. It will always be a utilitarian distribution.
"This is not a distro for users looking for a replacement for their RH, Caldera, or Mandrake distros, etc.," Morrell wrote, "We are not supporting X, we are providing functionality, and the ability to take redundant hardware and turn it into a router that secures the way you work--think of it as a websurfer's condom if you will--except we're killjoys and prevent penetration."