Re: RFC: new network config (was: Re: network configuration)
On Fri, Feb 12, 1999 at 09:36:49AM +0100, Turbo Fredriksson wrote:
> I think it's better to have a separate 'firewall' package, where all
> the stuff that have to do with firewalling can be put, like: ipfwadm,
> ipfwadm-wrapper, ipchains, ipmasqadm (with lib's) the init scripts
> (more than one?) etc, etc...
no, most of these low-level tools belong in netbase so that a system
admin has the tools they need to build their own firewalling stuff
without having to conform to someone else's way of doing it.
i.e. there needs to be a separation between the low-level tools and
the high-level "model" - this also allows experimentation with several
different firewalling strategies.
> A fiend is working on a 'firewall config program', I'll see how faar
> he have come...
yep. this is the kind of thing which should go in a 'firewall' package.