Paul wrote: > Hi Michael, > > Yes, I just got a debian box for my business and didn't used Debian > before nor have experience as a sysadmin. > Despite what it says on: > man /etc/default/iptables > I thought of giving it a try. :) > Is there a better alternative I should try? I like shorewall, because it allows you to group hosts into zones, and then define policies (general or default rules) and rules (exceptions to policies) between those zones, without having to worry about the physical interface or IP address when you write every rule. All of your iptables knowledge is not wasted, but shorewall takes the hard work out of it for you. Shorewall's syntax and the number of options available can be bewildering at first, but the documentation for it is immense, and well-maintained. See http://shorewall.net for more info. -- Paul <http://paulgear.webhop.net> -- Did you know? If you use two dashes followed by a space as your signature separator, good email programs will chop them off automatically, reducing noise in email replies.
Attachment:
signature.asc
Description: OpenPGP digital signature