Firewall OS for pc or raspberry pi?

Would a firewall os be necessary in any capacity for home users? I have UFW on my ubuntu server and I know the home router has its own firewall and is suppose to be able to help prevent against certain attacks.

I have a friend that I rarely get to talk to and he mentioned something about an actual os thats nothing but a firewall so you could turn an old machine or a raspberry pi into one for enhanced security. However I don't know anything much about the physical firewalls. In my mind I feel like they'd be overkill.

Does anyone have any names of these that I could load on to either something like an Intel NUC or Raspberry Pi 2 ?

There are a bunch of different Firewall OSes out there. 

Pfsense is as big one.

I mentioned Untangle in your other thread.

Sophos has a free UTM.

Here is a list of 6 different ones.

I wouldn't run a firewall off a Raspberry pi. Mostly for this one reason. It doesn't have two Ethernet ports. With a firewall you would want it to sit between your modem and your router (or switch). Without having 2 fast Ethernet ports you could potentially bog your network down a good amount (I wouldn't do it with a usb Ethernet). For the hardware I would use a cheap workstation. Doesn't need much just the ability to add a couple PCI Ethernet cards. You can get refurbished workstations online for like 100 bucks, or cheaper, and those would probably work out just fine.

*Edit

Forgot to answer your first question.

Necessary... probably not. It does add that extra layer and these Firewall OSes have way more abilities and features then your typical router. I am actually thinking about buying one of the Untangle hardware firewalls (cheapest one is only around 400 or so). Really it comes down to you and if you think you want to add that layer of protection to your home network.

Edited by DeimosChaos, 08 December 2016 - 10:49 AM.

Thanks, I don't know why but either i kept searching the wrong keywords or just didn't look hard enough. I heard of most of those but I think my morning fog just kept me drawing a blank.

The smoothwall looks really nice and for my needs, simplified.

Edited by wishmakingfairy, 08 December 2016 - 11:15 AM.

Haha all good. Gotta get that morning coffee, if you drink coffee.

Smoothwall is one I'm not familiar with. I'll have to check it out as well.

My friend just got back to me, he mentioned Zero shell.

Thinking about this again. You could run it off a pi or a VM if you did proxying and all that jazz. Make the network think its in between the modem and router even if it is physically not.

Good post and a good idea for a project .

I think it is well worth doing and very satisfying to accomplish .

As mentioned earlier , the Raspberry Pi is a little lacking on the hardware side but the Banana Pi is a better fit .

They make a variant called BPI-R1 which is designed for just this kind of thing ( and won't break the bank ) .

I would recommend installing pfsense or dd-wrt as the "firewall OS " of choice .

Thanks for the suggestions, guys!  I thought of doing this myself.  I bought myself a nice Single Board Computer (with two Ethernet ports) just for that purpose.  Now, I only need more time to develop the (hardcoded) firmware.  Yet another layer...

In my mind I feel like they'd be overkill.

Never underestimate criminals!  It's not because you don't see them that they aren't there to hurt you... Just read the Bleeping Computer headlines for a taste of this small tip of the Iceberg.

Pf-sense is a nice firewall and there are many you tube videos to help you set it up i find a good video makes it so much easier.

@synaptic I thought DD-wrt was router firmware with a firewall built in?

If DD-wrt do a stand alone firewall can you provide me a link please I had a look couldn't find the stand alone firewall.

Thanks

Thank you , I can see that what I wrote could be confusing .

You are right of course , AFAIK there is no stand-alone firewall from dd-wrt.

But thanks for pointing it out ; that distinction should now be clear to anyone reading this thread

Ok thank you for the reply that's a shame thought i'd missed it wouldn't be the first time I overlooked something that was right in front of me.