On Mon, 14 Mar 2005, Bob Brennan wrote:
As a final thought, messing directly with your iptables setup is fun but can become a distracting and wasteful time burner. If you are, or can get comfortable with any of the GUI based firewall setup tools on Fedora I urge you use them. They are not as flexible as direct manipulation but they are less error prone and, unlike the advice I give above, they are not based on someone else's iptables assumptions, which when unknown, (as in this case), will eventually bite you.
Thanks again for the great advice Jeff - I will read and re-read the link you sent until something sinks in. In the meantime I have been (not comfortably) using the iptables command but would rather use one of the "GUI based firewall setup tools on Fedora" you mention above. I did try all of the logical system-config-xxx commands I could find but none that show me a neat list of iptables. Tips-for-Dummies, or better links-for-dummies here would help. Dabblers in an area like this can do more damage than good - like someone who provides an open relay to the entire spam world without knowing it..... :-( ...for instance.
The FC3 tool to manage firewalls is system-config-securitylevel. It's pretty primitive, though. I have used fwbuilder (www.fwbuilder.org). It's quite general and powerful, but it takes a bit of practice to get handy with it.
thanks, bob
-- Matthew Saltzman
Clemson University Math Sciences mjs AT clemson DOT edu http://www.math.clemson.edu/~mjs
