Re: sarge firewall
On 9 Feb 2005, vizi0n wrote:
> I know that this is not a "direct answer" but I would recommend using
> FireHOL if you are beginning to play around with firewalls and routing. It
> is quite easy to setup and includes some great templates.
> You can "apt-get install firehol" and seek some information on
> http://firehol.sf.net but keep in mind that this is only a frontend to
> generate iptables commands so you will need iptables as well. FireHOL takes
> a little while to load/reload but is very effective.
I second this; firehol is a great tool for getting the grunt-work out
of building an iptables ruleset.
Also, it tends to build a firewall that is considerably more secure than
a hand-rolled one, simply because it can automate all the tedious second
and third checks on responses, etc...
Most of the luxuries and many of the so-called comforts of life, are not only
not indispensable, but positive hindrances to the elevation of mankind.
-- Henry David Thoreau, _Walden_, "Economy"