[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] Shorewall, what version R U running
Am Sonntag, 26. September 2004 18:38 schrieb melissad:
> Am reading through the extensive documentation, some 400 pages.
> There are a lot of versions, with at least 2.9 being not yet stable.
> What version are you running with 64 bit? I downloaded 2.8 rpm, but
> there is a patch and no instructions on what to do with it? If you have
> done this one, did you patch, and if so how?
[ snip ]
> > www.shorewall.net
> > Makes Iptables easy, and much more flexible than
> > the SuSE firewall.
The discussion about ShoreWall and SuSEfirewall2 needs to hear about FIAIF, I
think. FIAIF Is An Intelligent Firewall (what the 5 letters mean).
After I was through the SuSEfirewall2 docs I headed to ShoreWall and found it
too big. Freashmeat mentioned http://www.fiaif.net , which is a script
configered by a handfull of configuration files, easy to fill, easy to
understand. The different networks are described in "zones" (not new, I
know). The meta-language for the rules, the fiaif script generates the
iptables from, is easy to understand and even after weeks easy to
I run it on a router based on SuSE9.0 with 3 nics, applied a simple header
(SuSE-style) for the /etc/init.d/fiaif script, made a link in /sbin to
rcfiaif. Complete SuSE feeling (start stop status restart ...
You should give it a try, the .pdf doc is 32 pages, the .html faq config etc
is small. But it will not configure your nics.
Fun and success
>> -- hanslik@xxxxxxxxxx -- <<
>> -- http://www.hanslux.de -- <<
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here