Re: Is ipmasq worth it?
On Wed, 9 Jan 2002, Tzafrir Cohen wrote:
> > I use a script which I wrote which uses a config file to find out what to do
> > and which sets up all the appropriate things I want. Never had any
> > problems, I just install the .deb I made for it, (no debconf yet), edit the
> > config file, and off it goes. And I install a lot of firewalls.
>
> Yup. This means that everybody need to write their own scripts. And the
> start-stop sequences. And the debconf interface.
Yeah, but what's the problem with writing a few lines of shell code? If you
can't handle that, perhaps you shouldn't be herding boxen. What other
rather important skills are you missing?
> Also consider the fact that shell code is hard to debug (for instance: if
> you have a syntax error at an execution path you rarely use and forgot to
> test, your script may blow-up unexpectedly)
That's why we have other languages for writing big things. And yes, I've
screwed up plenty of shell scripts, and I've learnt from that, so now I'm
pretty sure that, when I write one, it's not going to fail in any one of the
myriad ways I've had scripts fail in the past.
> Having configuration from script (in a good way) can make the script more
> robust to syntax errors and such (they can be detected at the beginning,
> and not half-way through execution).
I agree.
> Displacer: I haven't worked with ipmasq .
>
> If you like perl, you may consider using fwctl.
I don't really like it. I see people raving about it, but I've never really
needed it (someone else does log analysis here). As for other people's
firewalling scripts, I trust mine more.
--
-----------------------------------------------------------------------
#include <disclaimer.h>
Matthew Palmer
mjp16@ieee.uow.edu.au
Reply to: