Re: Firestarter VS Shorewall

To: debian-user@lists.debian.org
Subject: Re: Firestarter VS Shorewall
From: Andreas Duffner <temp@smilingcat.net>
Date: Sat, 03 Mar 2007 14:25:12 +0100
Message-id: <[🔎] esbsut$d2c$00$1@news.t-online.com>
In-reply-to: <7TWXa-2yC-35@gated-at.bofh.it>
References: <7TWXa-2yC-35@gated-at.bofh.it>


Jordi wrote:

I saw two good firewalls:
- Firestarter wich is easy
- Shorewall wich seems versatile

Wich is best for a single server pc? Does the complexity of shorewall
worth the effort or is firestarter as good as shorewall?


I can only tell about firestarter. Perhaps it helps a bit.

First, about the "understanding what is happening"-argument:
I do not want to know about the lowest level of my firewall.
I do not programm in assembler, I use C++ or C#.
With an assembler I would have "a better understand what
is happening". I do not need it. I want a solution.
I do not write my own operating system out of the same reason.

So I just want a working firewall.
And firestarter does this job.
I do not know about complex setups with multiple servers.
I am just using one server, client etc at the time.
The firewall shall protect one computer at a time.
And so I use firestarter everywhere.
I use ssh with X11 forwarding to manage the firewall.
If I have a pure debian server without gui, it takes
ca. 70 MB extra space to install firestarter + gui bla bla.
Then I can use the firestarter gui to setup.

It shows the active connections it it has a mode, where
it stops all outgoing connections per default  (this has
to be activated: one click) etc....
Before you use this option, you should enable ssh :-)

It is just great.

But I do not know, if shorewall is better or worse.


Cu,
Andreas

Reply to:

Follow-Ups:
- Re: Firestarter VS Shorewall
  - From: Andrei Popescu <andreimpopescu@gmail.com>

Prev by Date: a few things ...
Next by Date: Re: Two identical usb networking cards problem
Previous by thread: Re: Firestarter VS Shorewall
Next by thread: Re: Firestarter VS Shorewall
Index(es):
- Date
- Thread