As mentioned earlier, SmoothWall needs a dedicated machine to run on. The good news is that the requirements for this machine are quite low since it will be running only the firewall software. The minimum specifications required for SmoothWall are a Pentium-class Intel-compatible PC running at 200Mhz or higher with at least 32MB of RAM and 512MB of disk space. A more optimal configuration would be a 500Mhz processor with 64MB of RAM and 2GB of disk space. These specifications should be easy to meet on all but the oldest machines. You will also need a CD-ROM drive and at least one network card (typically two, if the WAN interface is Ethernet).
If you have a little money to spend and are considering other commercial alternatives, you might look at the SmoothWall Corporate edition. This firewall has all the benefits of the Express version with the following important differences:
You can see a complete list of the differences at
Pricing for the commercial version is quite reasonable (check the Web site for the latest prices). The cost is significantly less than what you’d pay to buy a server to run it on. SmoothWall also makes other software products for network monitoring and content filtering. Check out their full product line at www.smoothwall.net.
Caution: Remember, installing SmoothWall will erase any data on the hard disk and put its own operating system on it. Do not run this installation on a computer on which you have data or programs you need.
1. You must first create a bootable CD-ROM disk. To do this, use CD-writing software, such as Nero or Easy CD Creator, and create a disk from the .iso image file from the SmoothWall directory on the CD-ROM that accompanies this book. The disk it creates will be bootable.
2. Set your PC to boot from the CD-ROM first. Otherwise, it will search the hard drive and load the operating system it finds there. You usually do this in the BIOS settings of a PC accessed at boot-up before the OS loads. Many PCs use the F2 function key to enter this mode.
3. Boot the machine from the CD-ROM. A title screen displays some basic licensing and disclaimer information. Click on OK.
You have the choice of loading from the CD-ROM or HTTP. Remember, do not enter this mode unless you are ready for all the data on that hard disk to be erased and replaced with the SmoothWall software.
Choose CD-ROM, and the installation will begin.
You will see it formatting the disk and then probing your machine for its network interfaces. It should auto-detect any network interface cards (NICs). It lets you accept or skip each one and set them up as firewall interfaces. For example, if you have two NICs on your computer but only want to use one as a firewall interface on the firewall, you would define that here.
4. Define the attributes of each selected interface. Assign them an IP address and subnet mask. After this, SmoothWall installs some additional driver files and asks you to eject the CD-ROM. You have finished installing the program and will automatically enter setup mode.
5. In setup mode, you will be asked for a hostname for the SmoothWall. You can use the hostname to access the machine instead of using its LAN IP address.
6. Next it asks if you want to install the configuration from a backup. This nifty feature allows you to easily restore your firewall to its original configuration if the system crashes (assuming you made a backup, which is covered later in this section). Don’t select this unless you are in the process of restoring from a backup.
7. Assuming you chose to set up a new firewall (not from backup) in the previous step, you will be prompted to set up several network types:
Select the configuration that is appropriate for your network. Most simple networks will use Green (Red is for modems or ISDN), or Green and Red if you have two NIC cards in the machine.
8. Now it is time to set up the DHCP server. If you want your firewall to be responsible for handing out and managing dynamic IP addresses on your LAN, enable this feature. Otherwise leave it turned off. You can set the range to be assigned, and the DNS and lease times for the addresses given out.
10. Finally, set up a Web interface user account. This isn’t a UNIX-type account and can’t be accessed from the command line. It is strictly used to control access to features from the Web interface.
11. Now reboot the machine and your SmoothWall firewall should be up and running. You can log into the machine from the console using either the root or setup user. You can also SSH into the box from a remote location and get the command line interface.
However, one of the truly nice things about this program is that there is a powerful and easy-to-use GUI accessible from any Web browser that makes administering the firewall a snap.
Administering the SmoothWall Firewall
The easiest way to manage the SmoothWall firewall is using the Web interface. This gives you a powerful tool for administering and adding other functionality to your firewall. You can access this interface two ways: via port 81 for normal Web communications or via port 441 for secured Web communications using SSL. Either way, you put the IP address or URL with the port number in the location window of a Web browser. For example, if your firewall LAN interface card has IP address 192.168.1.1, you would enter the following into the Web browser
for secure Web access.
This will display the SmoothWall opening screen. To access any of the other screens you will need to enter your user name and password. The default user name is admin and the password is the one you entered for the Web interface during the setup process. There are several main menus accessible from the main page (see Figure 3.7)
Figure 3.7. SmoothWall Main Menu
Each menu has a number of submenus underneath it.
Figure 3.8. SmoothWall Traffic Graph
blog comments powered by Disqus