Forum OpenACS Q&A: Response to experience with firewall tools...
I never was able to get those firewalls talking to each other, so I tried SmoothWall. I had my first firewall working in 20 minutes, and that included downloading the code, burning a CD, installing a new hard drive, temporarily hooking a CD up, and running the install. It couldn't have been easier. Once I had two of them setup it took me about two hours to figure out how to connect them via IPSec, now that I am not making the same stupid mistakes it adds about five minutes per machine to connect them.
To call the creators of SmoothWall "mega jerks" is, however, awfully mild. Definitely Daniel Bernstein class. Fortunately, I doubt that there is much reason to care. When I was using the OpenBSD/IPFilter system I was running DJBDNS in them, which exposed me to more of Bernstein than the SmoothWall experience exposed me to Richard Morrell.
Another possibility that might make sense would be to use one of the Webmin tools to make IPChains or IPTables understandable. When I was starting this whole mess a year ago I don't think these were available, but there are several listed now on the Webmin site:
But SmoothWall is, by far, the easiest solution I've seen.