Re: firewall for my laptop ?
On December 28, 2003 07:55 pm, Daniel Pittman wrote:
> On Fri, 26 Dec 2003, Derek Broughton wrote:
> > For instance, I completely trust everything on my SOHO network, but
> > don't trust my connection to the internet. I don't trust anything but
> > my desktop machine on the client's network, but I _do_ trust their own
> > internet firewall. So it's often important to be able to detect
> > details of the connection.
> While I agree with this, I don't think that the best location to perform
> this detection is as part of the firewall package itself.
Right, but some of the firewall builders one might find adequate for a
fixed-location system don't very well react to having an interface (or even
different network interfaces) that may come up with different IPs depending
where you are. So I think the choice of a firewall package for a laptop is
slightly more limited than for a desktop machine.
> Firehol adds a lot of custom commands to bash, making firewall setup
> trivial, but is still a shell script under it all. So, you can use that
> to conditionally execute firewall code.
> Thanks for the feedback, though, and I will try to remember your point
> about complexity of rule setup in future.
And I will check out firehol :-) I'm using Guarddog these days, and it's
working fairly well, but it's the first package I've found adequate for my