On Tue, 1 Jan 2002, Tzafrir Cohen wrote: > I want to convert my firewall from kernel 2.2 to kernel 2.4 . I believe > that 2.4 is by now stable enough.
make sure to go straight to 2.4.17. pretty much every other version had known problems. > My main limitation with this system is that I would like to minimize the > console time spent near it. Furthermore, I don't have much of a testing > environment, so I would like to start with s script that is generally know > to work, and has all the major features that I need. > > When browsing over project lists in freshmeat I can see features list, but > stability is not something aparent from there. moast such scripts simply call iptables. where does stablity come into play? > I would also prefer a system that does some sanity-checking to the rules > before applying them (to minimize the chance of locking myself out because > of a simple typo). > > Major features that I need: > > * NAT check > * DMZ donno > * Forwarding of internal ports check. > Any recomendations? i use a heavily modified version of monmotha's firewall. it's easy to understand and modify, and does the job for my lan. http://monmotha.mplug.org/firewall/index.php [looking at the site, i see there were some *security* problems with it lately (although i was not affected). so take this recommendation with a grain of salt]. -- mulix http://vipe.technion.ac.il/~mulix/ http://syscalltrack.sf.net/ ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
