Steve Ziuchkovski wrote: > Is there a utility that allows iptable to be configured easily and updated > at runtime, but without sacrificing any security (other than ports I open, > of course!)? I'm not sure I understand your question perfectly, but shorewall has a number of standard configurations (eg two-interfaces) one of which would suit most situations, I imagine. I must say, as a shorewall user, I am surprised at the complication of the resulting iptables, which makes me think it must be rather difficult to set up iptables without using an extra program like this. A bit like sendmail, in fact. Am I mistaken? -- Timothy Murphy e-mail (<80k only): tim /at/ birdsnest.maths.tcd.ie tel: +353-86-2336090, +353-1-2842366 s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland
