# Looking for some firewall recommendations

## Saundersx

I will be upgrading my aging pos linuxbox within the next week or two. As it stands I have been using shorewall for the past 6 years or so as my firewall. Although it does everything firewall-wise I want I am looking for something with a bit more "monitoring". For example I would like to be able to view network traffic, maybe by port or by computer. Be able to open/close ports, setup portknocking, openvpn etc more easily. 

I am also interested in any advice on an IDS, something less retardo then snort preferably   :Very Happy:  Also I would also like to be able to log my bandwidth, in something that keeps specific info unlike say cacti (rrd files). 

I'm also open to any other nicities that people suggest. The computer will have some juice (unlike this one) so I want to take advantage of that.

ps. I am not looking to make this a dedicated firewall. It will double as a pvr/development box.

----------

## alex.blackbit

Saundersx,

IMHO shorewall is a very good iptables frontend, why move away from it?

maybe this solves your monitoring/statistics needs (at least partly).

current network traffic can be visualized with other tools, e.g. net-analyzer/{ntop,bmon,ibmonitor,ifstat,ifstatus,iftop,iptraf}, ... this does not have so much to do with the firewall management itself.

----------

## alatar

You can read this for some examples.

----------

## Saundersx

from the reading ive done I may just stick with shorewall. but I'm still looking for good web-based monitoring, not interested in the command-line ones.

----------

