Firewall - Very limited Access - suggestions
Kevin F. Berrien
kblists at comcast.net
Mon May 31 00:29:27 UTC 2004
I know what you mean, also given the security requirements of this
installation. I was thinking of using a GUI, and reviewing the firewall
script. I've got that good Linux Firewalls text to read up on.
Jack Bowling wrote:
>On Sat, May 29, 2004 at 06:26:08PM -0400, Kevin F. Berrien wrote:
>
>
>>I did check Firestart out yesterday on the old box which will serve as
>>the firewall. Found it someone odd, in that when I'd activate the
>>firewall it didn't look as if iptables was running. Also, it didn't
>>look granualar enough (from my quick overview) for what I want to do,
>>very specific rules. Perhaps I'm wrong. If you use Firestarter, do you
>>think it's detailed enough for my needs (see below).
>>
>>
>
>Hi, Kevin. GUI front ends to netfilter/iptables such as Firestarter,
>GuardDog, Shorewall, etc. should all be considered as learning tools. They
>will allow you to have a decent firewall in place while you roll up your
>sleeves and do your homework on how iptables works. There is *no*
>substitute for writing your own iptables rules. It really is not all that
>hard to learn the syntax either. I use Firestarter on my LAN boxes but use
>a hand-written iptables script for my border firewall. I want to ensure
>that I know every in and out of that script.
>
>--
>Jack Bowling
>mailto: jbinpg at shaw.ca
>
>
>
>
More information about the users
mailing list