On Thu, 09 Oct 2014 06:18:09 +1000 Stuart Longland <stua...@longlandclan.yi.org> wrote:
> The hard bit about things like firewalling, is that there is really a > minimum technical understanding necessary to do it properly. You've got that right. Years ago, I despaired of ever understanding iptables, and just put a pf firewall between the LAN and the Internet. And although I find pf much more understandable than iptables, pf isn't simple either. One of the first things you need to get used to is what's "in" and "out". With pf, that's relative to the firewall, not the browser. I couldn't imagine making firewalling simple, because there's so much it does: Blocking packets, logging, pinholing with port forwarding, NAT, and probably another hundred things I don't know about. And all sorts of packets. If one wants simple firewalling, about the best you can hope for is something like pfSense, but that's not all that simple either. SteveT Steve Litt * http://www.troubleshooters.com/ Troubleshooting Training * Human Performance -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141008175853.3e435...@mydesq2.domain.cxm
