[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Shorewall, what version R U running



Am Sonntag, 26. September 2004 18:38 schrieb melissad:
> John,
>
> Am reading through the extensive documentation, some 400 pages.
>
> There are a lot of versions, with at least 2.9 being not yet stable.
>
> What version are you running with 64 bit?  I downloaded 2.8 rpm, but
> there is a patch and no instructions on what to do with it?  If you have
> done this one, did you patch, and if so how?
>
> melissa
>
[ snip ]
> > www.shorewall.net
> > Makes Iptables easy, and much more flexible than
> > the SuSE firewall.
> >

The discussion about ShoreWall and SuSEfirewall2 needs to hear about FIAIF, I 
think. FIAIF Is An Intelligent Firewall (what the 5 letters mean).
After I was through the SuSEfirewall2 docs I headed to ShoreWall and found it 
too big. Freashmeat mentioned http://www.fiaif.net , which is a script 
configered by a handfull of configuration files, easy to fill, easy to 
understand. The different networks are described in "zones" (not new, I 
know). The meta-language for the rules, the fiaif script generates the 
iptables from, is easy to understand and even after weeks easy to 
maintain ...
I run it on a router based on SuSE9.0 with 3 nics, applied a simple header 
(SuSE-style) for the /etc/init.d/fiaif script, made a link in /sbin to 
rcfiaif. Complete SuSE feeling (start stop status restart ... 
YaST-Runlevel-Editor...).

You should give it a try, the .pdf doc is 32 pages, the .html faq config etc 
is small. But it will not configure your nics.

Fun and success

Christoph

-- 
>> -- hanslik@xxxxxxxxxx    -- <<
>> -- http://www.hanslux.de -- <<

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here