Review: SmoothWall Express 2.0

Reports and Logs

Once Smoothwall is set up the way you want it, you can check in from time to time to see how things are going. Smoothwall has you covered here too, with status pages and even traffic graphs containing all the information you should ever need. Here's a look at the "Traffic Graphs" page:

Figure 8: About : Traffic Graphs
(click image to enlarge)

You can even click each interface graph for a detailed look at traffic by the day, week, month, and year. In addition to the status pages and graphs, there's also a page for viewing logs. Some logs are viewed as just plain text, but others, like the "Firewall" and "Intrusion Detection System" logs are formatted for easier reading. The "Firewall" log page even includes checkboxes and buttons for looking up or blocking offending IP addresses.

Figure 9: Logs : Firewall
(click image to enlarge)

The "Intrusion Detection System" logs as shown below displays attempts by others trying to compromise your system, which can frankly be rather unsettling.

Figure 10: Logs : IDS
(click image to enlarge)

Keep in mind that Intrusion Detection is just that - detection only. Smoothwall doesn't block these attacks unless they're on a port that the firewall rejects. If you have set up any port forwarding rules, just make sure that the system you're forwarding traffic to (hopefully in your "orange" network) isn't vulnerable to all the junk out there, because there's a lot of it.

Smoothwall also includes facilities for changing passwords, performing backups, and getting information about Internet addresses (whois, ping, and traceroute) among other things. All in all, it's a very complete system that works well for many users.  

There's a couple of things about Smoothwall however, that just seem left out or kind of weird to me. First of all, wiping out the entire hard disk during the installation is a bit drastic considering that Smoothwall was originally based on Redhat, which has long had an excellent partitioning system as part of the installation. Also, there's no web interface edit utility for the /etc/hosts file, although you can of course use the SSH login to edit it manually. Next, Smoothwall uses NTP to synchronize time with Internet based time servers, but doesn't in turn make that service available to the "green" or "orange" network. And finally, Smoothwall provides DNS resolution, but only to the "green" network. Systems in the "orange" network must resolve addresses using an external DNS service (probably your ISP's). None of these things are showstoppers or major problems, just curiosities in the system that can possibly be changed with some research and persistence. Remember, it's Linux underneath - you could probably transform it into a Bigmouth Billy Bass if you really wanted to.

This thread is closed for comments
No comments yet
    Your comment