Re: Firestarter VS Shorewall
On Thu, Mar 01, 2007 at 09:25:33PM +0100, Joe Hart wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Juergen Fiedler wrote:
> > On Thu, Mar 01, 2007 at 08:41:10AM -0800, Jordi wrote:
> >> Hello
> >>
> >> I saw two good firewalls:
> >> - Firestarter wich is easy
> >> - Shorewall wich seems versatile
> >>
> >> Wich is best for a single server pc? Does the complexity of shorewall
> >> worth the effort or is firestarter as good as shorewall?
> >
> > The fact that Firestarter has a GUI tipped the scales for me - towards
> > Shorewall. While it may be nice to do the initial setup in a GUI,
> > being able to make modifications from anywhere over SSH has proven
> > valuable enough to justify the initial learning curve. And once you
> > 'got it', Shorewall isn't actually that hard to work with.
> >
> > Just my 2 cents
> > --j
>
> Firestarter and Shorewall are both just front-ends to iptables, but
> firestarter is simple (and has far less features than shorewall).
>
> Shorewall does appear complicated, but in fact, the examples only need
> minor editing for use.
>
> You could just use iptables directly, but _that_ is complicated.
I've never had any problem using iptables directly -- except when I
upgraded from woody to sarge -- suddenly there was a firewall of sorts
introduced by default and I couln't get anything to work until I tracked
it down in /etc and removed it.
-- hendrik
Reply to: