On Wed, 2005-03-09 at 10:53 -0700, Craig White wrote: > On Wed, 2005-03-09 at 11:18 -0500, Mark Haney wrote: > > I'm suspecting that you aren't aware that INCOMING and OUTGOING rules > are part and parcel of iptables/netfilter as well (omitting for a second > FORWARDING). No 'firewall' would really be a firewall if it didn't cover > both types. The 'system-config-security' tool rather glosses over these > issues - the distinction of inbound/outbound/forward rules - it's > somewhat of a ignorant tool. Yes I am well aware of this. My point was to establish that setting rules allowing incoming and outgoing traffic with SP2's firewall doesn't always work. In a lot of cases I disabling the firewall is the only way to make that behaviour stop. > > Thus it is not a matter of Windows Firewall from XP SP2 being a bit much > for the Windows end user - but rather a matter of being a proper tool. > > Starting with NT4, Windows has had packet filtering at the network > adapter level and that was clumsy to use and probably inefficient. > > But discussing Windows on this message base is entirely off topic - I > just thought it necessary to straighten out this mis-information since > people are so eager to blame Microsoft for their own lack of knowledge > of the processes involved. Personally, I'm not blaming MS for anything. It was high time Windows OS's came with a firewall. The tool itself is pretty useful and fairly intuitive, however, it's not consistent. Which is SOP in most MS products I've ever dealt with. > > Craig > -------------------------------------- Mark Haney markh@xxxxxxxxxxxxxxxxxx Fedora Core release 3 (Heidelberg) Kernel: 2.6.10-1.770_FC3 GNU/Linux 13:08:39 up 5 days, 2:48, 2 users, load average: 3.02, 2.95, 2.20
