tim at birdsnest.maths.tcd.ie
Fri Feb 17 13:56:41 UTC 2006
Steve Ziuchkovski wrote:
> Is there a utility that allows iptable to be configured easily and updated
> at runtime, but without sacrificing any security (other than ports I open,
> of course!)?
I'm not sure I understand your question perfectly,
but shorewall has a number of standard configurations (eg two-interfaces)
one of which would suit most situations, I imagine.
I must say, as a shorewall user, I am surprised
at the complication of the resulting iptables,
which makes me think it must be rather difficult
to set up iptables without using an extra program like this.
A bit like sendmail, in fact.
Am I mistaken?
e-mail (<80k only): tim /at/ birdsnest.maths.tcd.ie
tel: +353-86-2336090, +353-1-2842366
s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland
More information about the users