[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: firewalls

Dan Ritter wrote:

> After install you have a powerful L3 firewall system available to
> you, but not configured to block anything.
> 
> There are two command-line interfaces to it, iptables and
> nftables. nftables is the newer interface, but iptables has more
> documentation written.
> 
> You also have options to install other interfaces to the system.

I've been struggling with those for years and tried many tools ... at the
end I ended up with shorewall.

While most of the tools target a single host - perhaps desktop or notebook
computer. I also needed flexibility and simplicity configuring a firewall
with 3 interfaces (DMZ, intranet and internet). I must admit that shorewall
beat it all.

So while some distros like RedHat offer active firewall per default, Debian
gives you the choice what system you will choose to manage the firewall.

It is matter of philosophy and I allow to speak for some of the users here,
that we really appreciate this philosophy of choice.

I don't know about Ubuntu, I would expect it would have a preconfigured
firewall and some kind of Gnome interface to it.

regards
Reply to: