Firewall Utilities
For about ten years I've been writing my own firewall directives and
today I started setting up a new firewall box. For the past year I've
been using ipcop, but they have some characteristics that I didn't care for.
I noticed that there are a number of iptable management utilities in the
debian arsenal of cool stuff.
First - I have no interest in installation of a GUI front end on my
firewall. It's a headless box and I want to be able to maintain it as
such. This removes some of the firewall utilities because they appear
to be GUI tools.
after this I think I am left with a few options:
ferm
shorewall
arno-iptables-firewall
But I haven't been able to get through the list to find them all. Not
all packages have the same key works under 'apt-cache search'.
My needs are relatively simple today with options going forward:
basic home firewall without a DMZ (this I can do by hand).
But I want options for expanding this into a VPN supported firewall with
a DMZ, LAN, and respective port forwarding.
Even with all of this, I still consider it relatively simple as all
traffic is going in/out through the same IP/interfaces and I am not, as
yet, using anything like socks authentication.
One of the reasons why I am interested in using Debian over ipcop is the
ability to notify me of significant developments and/or the management
tools available (fail2ban, denyhosts, knockd). But those are probably
good for another posting.
Any experience or knowledge of the currently viable tools in Debian
would be appreciate. However, please keep in mind that graphical front
ends are not an option as this is a headless box.
Many Thanks!
Reply to: