Re: My own Firewall ??
Then, he will need to harden the kernel, no? Enabling SElinux, etc in the
security section. Or even adding other security patches to the kernel.
For those things the kernel source needs to be downloaded as well.
You might want to consider this hardened _distribution_ (including
RSBAC, PaX, etc.pp.) - definitely worth a look:
It builds upon a debian woody and I'm happily running half a dozen
productive servers and 4 firewalls with it.
Lacks a few odds and ends of X-support (VNC works perfectly) but hey,
who needs that on a firewall :-)