Introduction to Linux Firewall Distributions

What is a Firewall?

Firewall is a system (software/hardware) used for protecting a network against intrusions. Let’s take a simple example. Imagine you working for a company and the company having thousands of computers connected together. What if some hacker or a virus gets into one computer in the network? In such a case, the entire network becomes vulnerable and this situation may cause a lot of financial and reputational damage to the company. So, the companies install firewalls in order to prevent viruses and intruders coming into the computer network.

The firewall uses a few rules in order to monitor the incoming and outgoing network traffic and figure out anything suspicious.

What is a Firewall Distribution?

A firewall distribution is a Linux distribution that has been developed to act as a network firewall. The developers do strip-down a lot of standard Linux and kernel functionality in order to custom make a firewall distribution. Therefore, a firewall distribution is small in size and less in functionality when compared to standard Linux distributions. Since firewall distributions are so small, they usually fit into mini-CDs or floppy disks.

Based on the media, firewall distributions can be divided into three categories:

1. Hard drive based

2. CD based and

3. Floppy based

Some Firewall Distributions

SmoothWall Express

SmoothWall Express

SmoothWall is one of the popular firewall distributions used today in the commercial environments. This firewall project was started back in year 2000 in order to develop a firewall product called SmoothWall Express. Unlike some Linux based firewalls in the market, SmoothWall is distributed free of charge, so anyone can download and customize their own copy of SmoothWall.

Currently, SmoothWall is developed by a team of community developers. Their team size is said to be 18,000 at the moment and it is steadily growing.

SmoothWall offers an easy-to-use web interface for managing the firewall rules and administration. The usability offered in this web interface is quite noted and appreciated in the firewall community. In addition, the same usability helps the new network administrators to get used to the firewall quite fast.



IPCop is based on the Netfilter framework. Initially, IPCop was a part of SmoothWall firewall distribution and then it was developed as a branch of the same firewall. Later, it was developed independently and now SmoothWall and IPCop have many differences. Same as for many open source firewall distributions, IPCop is developed as an effort of a community which spans across the globe. The releases are then distributed among the users via a network of mirrors.

Since IPCop is developed and used by many nationalities, their support websites are maintained in four languages. In addition, the web interface for managing IPCop firewall is available in 35 languages.



As the name implies, use of this firewall distribution is “zeroshell”. The administrators do not have to execute shell commands in order to manage this firewall. Zeroshell is not only a firewall distribution. It offers many other tools for managing network services. Therefore, Zeroshell can be considered as a firewall with many other additional features.

Sometimes, the additional features of Zeroshell can be considered a disadvantage, as the whole purpose of the distribution is not just providing a firewall, but a range of network services.



FREESCO stands for Free Cisco. This is one of the floppy based Linux firewall distributions where you can have the entire system stored in a 1.44MB floppy disk. Due to the small size, this distribution can fully run in RAM, so one can use low-end hardware (even 486DX PCs) for running this firewall distribution. FREESCO can run on IBM compatible PC ranging from 386 processors to Core processors.

Author: Nilanka



Leave a Reply