I know what you mean, also given the security requirements of this
installation. I was thinking of using a GUI, and reviewing the firewall
script. I've got that good Linux Firewalls text to read up on.
Jack Bowling wrote:
On Sat, May 29, 2004 at 06:26:08PM -0400, Kevin F. Berrien wrote:
I did check Firestart out yesterday on the old box which will serve as
the firewall. Found it someone odd, in that when I'd activate the
firewall it didn't look as if iptables was running. Also, it didn't
look granualar enough (from my quick overview) for what I want to do,
very specific rules. Perhaps I'm wrong. If you use Firestarter, do you
think it's detailed enough for my needs (see below).
Hi, Kevin. GUI front ends to netfilter/iptables such as Firestarter,
GuardDog, Shorewall, etc. should all be considered as learning tools. They
will allow you to have a decent firewall in place while you roll up your
sleeves and do your homework on how iptables works. There is *no*
substitute for writing your own iptables rules. It really is not all that
hard to learn the syntax either. I use Firestarter on my LAN boxes but use
a hand-written iptables script for my border firewall. I want to ensure
that I know every in and out of that script.
--
Jack Bowling
mailto: jbinpg@xxxxxxx
