[wellylug] Configuring firewall
Cliff Pratt
enkidu at cliffp.com
Fri Feb 9 20:03:20 NZDT 2007
David Antliff wrote:
> On 15/01/07, Cliff Pratt <enkidu at cliffp.com> wrote:
>> Except that webmin (excellent though it may be) doesn't (or more
>> correctly, didn't) do shorewall configs very well.
>
> I have had a lot of success using Firewall Builder (fwbuilder) with a
> Devil Linux firewall. Fwbuilder takes a firewall abstraction that you
> create (drag-n-drop) and compiles it into an iptables script (as well
> as other firewall configs if you are using something different, like
> PF).
>
> Devil Linux is a great firewall distro - it boots from CDROM (or USB
> pendrive) and you can store the config on a write-protected medium
> (such as floppy or USB pendrive). You set it up (menu driven, very
> easy), lock down the config media, and off it goes. Integrating a
> permanent firewall config is as simple as transferring the script
> (e.g. with fwbuilder), setting a symlink, unprotecting the config
> media, typing 'save-config', then protecting the config media.
>
> I don't use Shorewall but as it's a popular firewall distro I'm sure
> fwbuilder can be used with it easily enough.
>
I don't think so. Shorewall uses a bunch of configuration files and not
a bunch of iptables commands. fwbuilder creates a bunch of iptables
commnands, doesn't it? Just had a look at the site and I don't think it
mentions Shorewall.
Cheers,
Cliff
More information about the wellylug
mailing list