Re: some reality about iptables, please
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, Aug 27, 2003 at 11:06:23AM -0400, Bret Comstock Waldow wrote:
> 1) If I use one of those tools, it does something, sets up something.
> What will it do? It's someone else's canned decisions about how to
> implement the choices I select from what it offers. What do I end up
> with? Are there any holes? How will I know if other choices I make
> open up holes because I don't know how it's all coordinated?
You're welcome to go through the resulting config files and take a
looksee for yourself. It's not like the Windows registry or reading
an SQL database with less or anything like that.
> And I don't think leaving documentation like the above is very kind or
> useful for newbies.
I apologize for sounding harsh, and I do remember my newbie days, but
it appears that you missed the obvious.
> If I'm to figure out how to solve the problem, I
> need to know how, and leaving stress-inducing comments like that in
> released code is a cop-out.
Howso? Why should the iptables maintainer be expected to write an
end-to-end solution to this problem when there are tools already
readily available that do exactly what you're asking?
- --
.''`. Paul Johnson <baloo@ursine.ca>
: :' :
`. `'` proud Debian admin and user
`- Debian - when you have better things to do than fix a system
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQE/TzGnUzgNqloQMwcRAj31AJ9z5BIxKDN9putPlRcy69Ocj/Bp5ACfbAsJ
K2UmCJdcSN52DO6OGCMGwnQ=
=vHQJ
-----END PGP SIGNATURE-----
Reply to: