[wellylug] Configuring firewall
David Antliff
david.antliff at gmail.com
Fri Feb 9 11:21:38 NZDT 2007
On 15/01/07, Cliff Pratt <enkidu at cliffp.com> wrote:
> Except that webmin (excellent though it may be) doesn't (or more
> correctly, didn't) do shorewall configs very well.
I have had a lot of success using Firewall Builder (fwbuilder) with a
Devil Linux firewall. Fwbuilder takes a firewall abstraction that you
create (drag-n-drop) and compiles it into an iptables script (as well
as other firewall configs if you are using something different, like
PF).
Devil Linux is a great firewall distro - it boots from CDROM (or USB
pendrive) and you can store the config on a write-protected medium
(such as floppy or USB pendrive). You set it up (menu driven, very
easy), lock down the config media, and off it goes. Integrating a
permanent firewall config is as simple as transferring the script
(e.g. with fwbuilder), setting a symlink, unprotecting the config
media, typing 'save-config', then protecting the config media.
I don't use Shorewall but as it's a popular firewall distro I'm sure
fwbuilder can be used with it easily enough.
--
David.
More information about the wellylug
mailing list