Re: sarge firewall

To: debian-firewall@lists.debian.org
Subject: Re: sarge firewall
From: Daniel Pittman <daniel@rimspace.net>
Date: Wed, 09 Feb 2005 18:57:27 +1100
Message-id: <[🔎] 87brauqi6w.fsf@enki.rimspace.net>
References: <[🔎] 002701c50e1c$520b69c0$220c6751@genesis> <[🔎] 034d01c50e45$bdac5fd0$0302a8c0@fry>

On 9 Feb 2005, vizi0n wrote:
> I know that this is not a "direct answer" but I would recommend using 
> FireHOL if you are beginning to play around with firewalls and routing. It
> is quite easy to setup and includes some great templates.
>
> You can "apt-get install firehol" and seek some information on 
> http://firehol.sf.net but keep in mind that this is only a frontend to
> generate iptables commands so you will need iptables as well. FireHOL takes 
> a little while to load/reload but is very effective.

I second this;  firehol is a great tool for getting the grunt-work out
of building an iptables ruleset.

Also, it tends to build a firewall that is considerably more secure than
a hand-rolled one, simply because it can automate all the tedious second
and third checks on responses, etc...

    Daniel
-- 
Most of the luxuries and many of the so-called comforts of life, are not only
not indispensable, but positive hindrances to the elevation of mankind.
        -- Henry David Thoreau, _Walden_, "Economy" [1854]

Reply to:

References:
- sarge firewall
  - From: "Kitsonik Design" <techmind@kitsonik.com>
- Re: sarge firewall
  - From: "vizi0n (debian-firewall)" <debian-firewall@vizi0n.com>

Prev by Date: Re: Help, Simple forward doesn't work!
Next by Date: Packet replication
Previous by thread: Re: sarge firewall
Next by thread: Re: sarge firewall
Index(es):
- Date
- Thread