Re: Firestarter VS Shorewall
Jordi wrote:
I saw two good firewalls:
- Firestarter wich is easy
- Shorewall wich seems versatile
Wich is best for a single server pc? Does the complexity of shorewall
worth the effort or is firestarter as good as shorewall?
I can only tell about firestarter. Perhaps it helps a bit.
First, about the "understanding what is happening"-argument:
I do not want to know about the lowest level of my firewall.
I do not programm in assembler, I use C++ or C#.
With an assembler I would have "a better understand what
is happening". I do not need it. I want a solution.
I do not write my own operating system out of the same reason.
So I just want a working firewall.
And firestarter does this job.
I do not know about complex setups with multiple servers.
I am just using one server, client etc at the time.
The firewall shall protect one computer at a time.
And so I use firestarter everywhere.
I use ssh with X11 forwarding to manage the firewall.
If I have a pure debian server without gui, it takes
ca. 70 MB extra space to install firestarter + gui bla bla.
Then I can use the firestarter gui to setup.
It shows the active connections it it has a mode, where
it stops all outgoing connections per default (this has
to be activated: one click) etc....
Before you use this option, you should enable ssh :-)
It is just great.
But I do not know, if shorewall is better or worse.
Cu,
Andreas
Reply to: