Erwan David <er...@rail.eu.org> wrote: >Le 09/11/2013 23:06, Shawn Wilson a écrit : >> Redhat has something called firewalld which generates rules based on >zones. I don't use it because using dbus to help manage rules scares >me. But it's there and could be what you want. >> >> >I use fwbuilder which helps to define elaborated rules ; >there is also shorewall which uses zones, both generates the ryules >either as shell script or itptables-save/restore configuration. >Both are available in debian.
Just FYI, a shell script will be slower than iptables-save since the later only makes one call while the former makes one call per ipt command. I looked at shorewall and didn't know it had zones - that's cool (since I don't like xml that firewalld uses). I've now got a 2k line perl script that does almost everything we need but I'll take another look at shorewall (for ideas if nothing else). -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/3da3a425-3862-4156-9116-1ebc3d3b3...@email.android.com
