On Thu, 26 Apr 2007 20:55:36 -0400 "Michael Pobega" <[EMAIL PROTECTED]> wrote:
> On Thu, Apr 26, 2007 at 07:33:31AM -0400, Andrew J. Barr wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > Michael Pobega wrote: > > > On Thu, Apr 26, 2007 at 08:11:26AM +0200, Michael Dominok wrote: > > >> Am Mittwoch, den 25.04.2007, 15:05 -0400 schrieb Celejar: > > >>> Well, on this list our (including me) favorite firewall is > > >>> Shorewall, > > >> Well, is it? Mine's IPCop, though. > > >> > > > > > > iptables here. It's a little bit tough to set up, but in the end it's > > > worth it in my opinion. Once you get used to the way iptables works > > > you can build a firewall for any system. > > > > IPtables is *the* Linux firewall. Most of the other things people are > > discussing here are higher-level tools designed to configure the > > kernel-level IPtables stuff. > > > > Okay, I guess I didn't make that clear. > > I mean "plain old vanilla iptables". I prefer to learn the inner > workings of the program rather than use an interface to try to figure > things out. > > And from what I've seen from some graphical firewalls, there are some > precise things that you just can't set up without the use of the > iptables command. But I guess that's the only REAL advantage using > iptables without an interface has. Certainly true for the GUI firewalls. But is there anything common that shorewall doesn't do? Celejar -- mailmin.sourceforge.net - remote access via secure (OpenPGP) email ssuds.sourceforge.net - A Simple Sudoku Solver and Generator -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
