[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] SuSEfirewall2 and multiple IPs for interface



Volker,
Concerning "Smoothwall" I absolutely agree with you, I heard of the writers attitude before
and couldn't get by with it as well.
IPcop seems to be a little "stuck" in development, latest change at sourceforge was on 19.4.2003, which seems rather old to me when it comes to security related things like a firewall. Hmm, openwall doesn't seem to be designed to "simplify" things, to me it looks a little over-
complicated at first sight, but I didn't try it for long ;-)
What I *like* with shorewall compared to SuSE-fw is the concept of having a layout of "tables", which are reflected by different config files in exactly that manner, how they
are constructed form the config-docs.
To me it is a very clear thing to look at these files and see what's happening here or there. Another nice tool is Astaro firewall, but this is commercial and I don't like those graphical
config-tools as well.

Helau, Philipp

Volker Kuhlmann schrieb:

you should have a look at  Shorewall instead of SuSEfirewall2 !

There are also openwall and ipcop. Smoothwall however is out, as far as
I am concerned, because of
http://www.linux.net.nz/lists/NZLUG/2001/12/0176.html
I don't know how they're all related.

Personally I find web-configrable firewalls a pain and a half.

Volker