[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Firewall tools don't play nice with each other

Hash: SHA1

Hmmm....I meant the GUI tools, and even a few of the command line ones. Not 
specifically ipchains or iptables. I also meant the packaging of the tools. 
Part of Debian Policy states that some packages should conflict with other 
packages. I think that, for example, guarddog should conflict with shorewall 
firewall. I think that only one should be in place at a time. When I do 
apt-get install guarddog, and I've already got shorewall, that I'll get a 
very specific warning message that I'm playing with firewalls (heh), that 
this is a security issue, be careful, do I really want to do this, etc., and 
that by choosing to install one, I'll be removing the other one, or no, you 
can't do this right now, you have to separately choose to remove shorewall 
first. That's what I meant. :-) 

I didn't mean to be clear as mud earlier. 


On Tuesday 23 April 2002 10:45 am, Laurence J. Lane wrote:
> On Sun, Apr 21, 2002 at 09:13:28AM -0400, Russell Hires wrote:
> > I've been playing with the various firewall tools that are a part
> > of debian, and I'm surprised by something: None of them conflict
> > with each other, and I think they should.  Rather than filing bug
> > reports for each different tool, I was thinking that there should
> > be some sort of conference between all of the firewall tool
> > maintainers so that they can coordinate a firewall policy of some
> > kind, and so that their firewall tools will play nice with each
> > other.
> Do you mean ipfwadm, ipchains, and iptables? There is no technical
> conflict between them.
> > Is such a thing feasable? If so, how would one go about organizing
> > such a thing? Any advice out there? Is this even a good idea?
> Based on the information given so far, I do not see it as a good
> idea.

- -- 
Linux -- the OS for the Renaissance Man 
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org


To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: