On Sunday 16 Jan 2005 13:54, blank wrote: > Alberto M R Davila wrote: > >Hi All, > > > >Just installed FC2 with the latest 2.6.10 kernel... look good ;-) however, > >since I did not install "X" I dont have any GUI support then not sure how > >to configure manually (text based) the firewall/iptables... there are lots > >of docs about that on internet, but while I read those I would like to > >know which would be a good (meaning: working well and easy to use by > >beginners) script/tool for that purpose ? I vaguely remember slackware > >cames with a script like that... > > > >Basically, I would like to allow port 80 (http) and 8080 (TomCat)... > > > >Thanks, Alberto > > > > > > > > > >__________________________________ > >Do you Yahoo!? > >Take Yahoo! Mail with you! Get it on your mobile phone. > >http://mobile.yahoo.com/maildemo > > i prefer and use Shorewall (www.shorewall.net) by Tom Eastep. It's > great, easy to use and has tons of features for easy, safe firewall > configuration. i'm sure there are many others, but this one has so well > for me, i've not felt the need to stray (on linux that is). > > jb A followup to this .... If you don't have a X system on that box, Shorewall can be configured from any other box on the network that DOES have a X system if you also install webmin on the target system. Webmin has a pretty good Shorewall module. Alternatively, just install the x libraries on the target system (you don't have to configure the system display for X), then ssh -X into the target system from any other machine that does have X. This way there are a large number of GUI based iptables front-ends you can use, including Firestarter. Just make sure you don't block the ssh port on the target machine. I prefer this last method, as it allows for a very secure way of accessing the target systems firewall setup. And after all, if you are running a headless system, you don't want to have to attach a monitor just to make a minor change to the firewall setup! -- Tony Dietrich ------------- Neckties strangle clear thinking. -- Lin Yutang