For our May “Staff Pick” Project of the Month, we selected Smoothwall Express, a Linux distribution that turns a PC (or VM) into a firewall. The Smoothwall Express team shared their thoughts about the project’s history, purpose, and direction.
SourceForge (SF): Tell me about the Smoothwall Express project please.
Smoothwall Team: Smoothwall Express (Smoothwall) is a specialized Linux distribution that turns a spare PC (or VM) into a firewall. It features a caching Web proxy, VPN service, DHCP server, and other assorted network services. Smoothwall Express is a solid, secure firewall that is safely maintained and administered by people who are not IT experts, much less network security experts. The main goal is to be as easy to use as possible, so we don’t flood the user with features they’ll never use.
SF: What made you start this?
Smoothwall Team: Smoothwall started in 2000 when there were only a few similar projects around, these projects were extremely hard to use and nearly all of them required Linux command line knowledge. The goal of Smoothwall was to change that and present an easy to use Web interface. We also wanted the initial install and setup to be as quick and painless as possible.
SF: Has the original vision been achieved?
Smoothwall Team: I’d like to think yes. Tens of thousands of people around the world use Smoothwall to protect their personal networks and their home and business offices, and there are a number of corporations who use Smoothwall; a few of them visit the online forum to obtain setup and configuration assistance. As time has gone on, people want more from their firewall, but the core vision, ease of use and setup, has remained.
SF: Who can benefit the most from your project?
Smoothwall Team: Anyone who wants safe and secure Internet access and who needs an easy to manage firewall will benefit from Smoothwall.
SF: What is the need for this Internet firewall?
Smoothwall Team: Watch the computer/Internet news. There are far too many break-ins reported; each is associated with the loss of personal data entrusted to the entity storing it. And look at the reports of botnets: networks of computers that Internet miscreants have commandeered for their nefarious purposes. All of these thefts could have been avoided with proper network security in place, with a proper firewall segregating sensitive internal networks from the Internet and other accessible networks.
SF: What’s the best way to get the most out of using Smoothwall?
Smoothwall Team: Join our community and see what other extensions (mods) people have written. Download it. Install it. Configure it. Go to the community forum and ask questions. As shipped, Smoothwall is relatively basic. Members of the online community have added many installable features (we call them ‘mods’); we incorporated a few of those mods in version 3.1, carefully choosing a few that belong in a firewall. These mods add valuable functionality to the firewall for those who need it.
SF: What has your project team done to help build and nurture your community?
Smoothwall Team: The Web forum is the main thing here. We maintain a friendly, on-topic discussion forum where all are treated with dignity and respect. (OK, sometimes the old-timers needle each other.) Back in ’08 when Murphy (the current project director) was looking for a better firewall than those that he found in commodity devices, he checked out most of the Open Source systems and kept coming back to Smoothwall for two reasons. First, even though Smoothwall Express 3.0 was a little limited in hardware support, it was still the easiest to install and configure. Second, the online forum is by far the most friendly and helpful that he’d encountered. There are no bad mods and no dumb questions. Mods are improved and questions are clarified. And everyone benefits.
SF: Have you all found that more frequent releases helps build up your community of users?
Smoothwall Team: More frequent updates stave off disillusionment among users. As long as their problems are taken seriously and they see that progress is being made, users will stick around. And has always been true, word of mouth is still the best advertising.
SF: What was the first big thing that happened for your project?
Smoothwall Team: In 2001 we had our first “big” release. It added many new features and really got the project noticed. The most recent big thing was turning the project direction over to Neal Murphy in 2013.
SF: What helped make that happen?
Smoothwall Team: In 2009, Murphy started work on a friendly fork of Smoothwall. He spent five years greatly improving the build system, tweaking the UI to make it easier to understand, and updating most the underlying Open Source software packages. That’s why when Murphy took the reins in 2014, we merged most of this friendly fork into Smoothwall Express.
SF: What was the net result for that event?
Smoothwall Team: People around the world began to see that ordinary people could install and maintain a firewall to protect their networks. In the second case, Smoothwall Express became much easier for almost anyone to build. Version 3.1 was released in October, 2014. We’ve release two updates since.
SF: What is the next big thing for Smoothwall?
Smoothwall Team: I think the next big thing will be to restore Smoothwall’ relevance to the network security market. Most commodity firewall/routers do what Smoothwall set out to accomplish; it’s time for Smoothwall to
lead the way into the next 15 years of network security. Most businesses need email, web, fax, video security, multimedia, and other services; some home and SOHO users need some of those services too. Today’s ‘retired’ computers often contain far more memory and CPU power than Smoothwall needs and we intend to use it. We will make it easy for people to configure and run virtual machines on top of Smoothwall Express, with one service per VM.
SF: How long do you think that will take?
Smoothwall Team: It will take at least a year and probably won’t start for at least a year. There are still many latent problems, niggling things that aren’t right, inherited from previous versions that must be fixed. We’re not here just to add features ad infinitum. Smoothwall Express is a solid running, secure firewall, but we do have to take the time to fix things that are wrong. Once done, then we can move on to major feature changes.
SF: Do you have the resources you need to make that happen?
Smoothwall Team: Not quite yet. We’re rebuilding the development team and the team’s expertise. Over the years, updates lagged and enthusiasm for the project waned. Otherwise, SourceForge provides the central source management and product release controls. Smoothwall, Ltd. provides the server for the forum and website and some other data-related activities.
SF: If you had it to do over again, what would you do differently for Smoothwall?
Smoothwall Team: Publish the code in a public repo much sooner than we did. It took us a long time to do this.
SF: Why publish the code?
Smoothwall Team: It makes it easier for people to contribute when they can access the sources. In the early stages of Smoothwall Express, this was quite difficult.
SF: Is there anything else we should know?
Smoothwall Team: Since the initial release of Smoothwall, we are proud of the fact that it has been forked several times, and even the forks have been forked. We think that this shows the true power of Open Source and that we started something special with Smoothwall Express.
Even though it may seem like a one-man show at times, Smoothwall Express as a project and a community would fail without a dedicated core of volunteers who support users via the web forum, who maintain the forum (such as scrubbing spammers and scammers from the site), who stub their toes on and report bugs, who fix bugs, who write and proofread documentation, and even the cheerleaders who convince us to continue even when problems seem insurmountable.
Smoothwall is much more than a distributed ISO image; it’s also a group of people who want only to improve Smoothwall Express so new users don’t face the same old problems and few new ones.
[ Download Smoothwall ]