On 29 Aug 2003 12:16:04 -0400
Bret Comstock Waldow <bwaldow@alum.mit.edu> wrote:
> So, I can invest my time into studying their proprietary systems, or...
All systems are proprietary. Debian is proprietary to Debian. Instead of
learning Red-Hatisms you're learning Debianims.
> How much study does it take for me to know enough about shorewall,
> fwbuider, firestarter, etc. to know it will solve my problems, how to
> use it, how to be sure of the implications, gotchas, etc.? And what do
> I have to study to know that?
The respective documentation?
> Should I put my effort into understanding iptables in the first place so
> I can evaluate what shorewall does, or put my effort into trying to get
> shorewall to do something (I can't evaluate if it's working - I don't
> know enough. What isn't it covering? How do I know?)
Uh, by testing? It is far easier to set something up and test it than it
is to learn the whole freakin' system from scratch. From what I've seen of
your setup Shorewall would hand it trivially. Define 4 interfaces, define
policy for those interfaces, define rules for which you need exceptions to
policy. Done.
--
Steve C. Lamb | I'm your priest, I'm your shrink, I'm your
PGP Key: 8B6E99C5 | main connection to the switchboard of souls.
-------------------------------+---------------------------------------------
Attachment:
pgpWYEx8OPXS7.pgp
Description: PGP signature