Firewall - Very limited Access - suggestions
Jack Bowling
jbinpg at shaw.ca
Sun May 30 22:51:54 UTC 2004
On Sat, May 29, 2004 at 06:26:08PM -0400, Kevin F. Berrien wrote:
> I did check Firestart out yesterday on the old box which will serve as
> the firewall. Found it someone odd, in that when I'd activate the
> firewall it didn't look as if iptables was running. Also, it didn't
> look granualar enough (from my quick overview) for what I want to do,
> very specific rules. Perhaps I'm wrong. If you use Firestarter, do you
> think it's detailed enough for my needs (see below).
Hi, Kevin. GUI front ends to netfilter/iptables such as Firestarter,
GuardDog, Shorewall, etc. should all be considered as learning tools. They
will allow you to have a decent firewall in place while you roll up your
sleeves and do your homework on how iptables works. There is *no*
substitute for writing your own iptables rules. It really is not all that
hard to learn the syntax either. I use Firestarter on my LAN boxes but use
a hand-written iptables script for my border firewall. I want to ensure
that I know every in and out of that script.
--
Jack Bowling
mailto: jbinpg at shaw.ca
More information about the users
mailing list