On 4/24/07, Tony Nelson <tonynelson@xxxxxxxxxxxxxxxxx> wrote: [...]
I wanted to set up a firewall, as running bare bothers me and the logs were showing enough attempts to make it worthwhile, especially for FTP. I found that I couldn't use any iptables modules, state, tcp, udp, or recent, which made for a rather useless firewall. I think that those modules and others could reasonably be preloaded or built into the kernel and so made available to all the clients, but I don't know if any hosting company does it.
Well we do have iptables, and use apf as the "firewall". Don't even know if states can be configured in apf - I just cut off everything but web, mail, and a custom SSH port... Chris
