Le jeudi 15 novembre 2012 à 03:23 +0100, Kevin Kofler a écrit :
iptables rules are a long-established cross-
distribution interface
Not really. For example, ubuntu use ufw, mandriva used shorewall. Debian
offered several frontend, but IIRC, didn't use one by default.
And I have worked as firewall admin and developper, and while netfilter
is a impressive piece of work, this is more used as a framework than
anything. For example, one of the client wrote a script with automated
roolback in case of issue, and we ( my company ) wrote a tool to edit
rules without having to reload the whole firewall ( cause waiting 1
minutes to see if you crashed the whole network is not fun the 10 first
time ).
--
Michael Scherer