Usually I roll my own routers off of RHE4 to I can bolt on whatever software I need in addition to the pure routing toys. So I’m able to add things like Wireshark, Etherape, Nagios… Etc.
From an administrative standpoint this works best in my environment where I have a number of edge routers, where firewalling is done through a bridge, and NAT is used if a LAN is present. I also need to be able to punch in remotely and be able to see and or capture traffic graphically, so quick decisions can be made administratively.
(Just as a reference, I’ve got root on over 50 servers- I’m a busy man)
I’ve had a back and forth with Fulvio via e-mail regarding making Zeroshell also be a “bolt on” to a standard linux distro- which at face value seems fairly easy (Even if you needed a custom kernel).
It doesn’t matter *which* distribution it would bolt on to- whatever is easiest. The idea would be to take the firewall system to a level higher than any of the systems out there, with the addition of a GUI/package management system to easily customize and provide some real time traffic analysis tools.
So in essence the idea would be to have two versions, a standalone (like we have now), and a version that can be installed onto a particular distribution (the “bolt on”).
Fulvio asked me to post this here, and see what the rest of the community thinks.