[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Shorewall, what version R U running



On Sunday 26 September 2004 08:38 am, melissad wrote:
> John,
>
> Am reading through the extensive documentation, some 400 pages.
>
> There are a lot of versions, with at least 2.9 being not yet stable.
>
> What version are you running with 64 bit?  I downloaded 2.8 rpm, but
> there is a patch and no instructions on what to do with it?  If you have
> done this one, did you patch, and if so how?
>
> melissa

I'd think twice about the RPM.  I always build from tar-balls on
Suse, because for some reason, his rpms often have a problem
with something in SuSE's distro.  

Its a very simple install.

As for the docs - just go to his quick start guide, down load the
the Two Interface example and step thru that configuration.

There are tons of esoteric examples for oddball situations that
you might run into in a large complex corporate environment,
but most small installations just use the two interface example or
the three interface example if you need a DMZ.

I always stay one release behind his current development release
but Tom's idea of Unstable is a little odd, because all the normal stuff
works in his "unstable" release, its just that he may have new features
that have not quite jelled yet.

Again, Shorewall only loads iptables, so once the rules are loaded into
ip tables, its as stable as a rock.

I find the creation and the adding of new rules for
new services etc, very easy to understand, and easy to manipulate
when I need to add a new inward port, or impose egress filtering
to stop worms or something.


-- 
_____________________________________
John Andersen

Attachment: pgpMadOTEyixl.pgp
Description: signature