Firewall configuration for Fedora 16
Ben Walton
bdwalton-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Sun Jun 3 12:21:44 UTC 2012
> I will look into using shorewall and cfengine as well. However, I prefer the
> raw tools.
I'm with Anthony on this one. Understanding the raw rules is great
and you should definitely have some familiarity with them. I don't
have the time to manually write all of the complex rules I need
though, so shorewall is a good compromise for me. As a learning tool,
you could use the compile mode that shorewall offers to inspect the
raw iptables commands that are generated. And when using shorewall as
a live firewall, iptables -L (or shorewall show) give you a nicely
segrated rule set that is easy to digest as well. (It makes heavy use
of _tables_ which most manual firewall configs don't.)
Anyway, don't give up on learning the raw rules, just make sure you
use your time wisely. :)
Thanks
-Ben
--
---------------------------------------------------------------------------------------------------------------------------
Ben Walton <bdwalton-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org>
Take the risk of thinking for yourself. Much more happiness,
truth, beauty and wisdom will come to you that way.
-Christopher Hitchens
---------------------------------------------------------------------------------------------------------------------------
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list