Kai Schaetzl wrote:
Neil Thompson wrote on Thu, 10 Nov 2005 09:49:25 +0200:
If you use Shorewall (http://www.shorewall.net) there is a webmin gui module for administration.
The main problem with all these firewall builders or Open Source gateway applications (shorewall, monowall, ipcop etc.) is that you can't switch off NAT and have to use a DMZ for publically accessable machines. At least at the time when I was evaluating them for my own needs. That's probably just fine for most people, but if you need transparent public IP routing (as the OP said) you have to look elsewhere (I did't find such a package and the only reasonably priced commercial devices I found where the ones from Snapgear) or roll your iptables stuff manually.
M0n0wall is a freebsd based system but it does support a public IP DMZ/Service interface. You have to enable advanced NATing. Remote updating of the firmware/software is a big plus too.
Kai