On Monday 24 December 2007 03:24:10 am Paul W. Frields wrote:
> I'm not sure, as I said earlier,
> to what extent shorewall has become the standard way
> of setting up iptables.
> But I certainly think, if you are lazy like me,
> that it saves a lot of brain cells.
To whatever extent is possible, it would be good if the HOWTO used
system-config-firewall, since that's the new and future tool. If you
find places where s-c-fw falls short, you could file an enhancement bug
or two. :-) Shorewall is in the repositories too, so you're good to go
there.
I'll certainly look at that,
but my experience of the system-config scripts
(particularly system-config-printer and system-config-network)
is not good.
They seem to me to be simply add a layer of obfuscation
which makes it harder to diagnose any problems that arise.
And I certainly don't think it is any part of a HOWTO
to try to improve the system.
But I will look at it in due course,
if I am updating the HOWTO.