** This was also posted to comp.os.linux.networking **
I have recently fallen in love with the interactive dynamic firewall
capabilites of the Firestarter firewall app for Gnome-enabled linux
boxes. You can block everything (and it does this perfectly as
tested at www.grc.com) and then watch the hit list and
decide in real time which connections you will let through. A thing of
beauty.
However, having said that, I still feel that it is not in my best
interests to have the firewall sitting on my production box. Instead, I
would like to have my old trusty 486 box running a single floppy Coyote
linux LRP based firewall and connect to it through a hub. THEN, I would
like Firestarter to ALSO be running on my production box as a 2nd tier
of
defence...and almost more importantly as a real time monitor.
Problem is that it does not seem to work. A check of running processes
shows Firestarter running and configured to be monitoring my
production box eth0 interface which is downstream of the firewall box.
However, a port probe from www.grc.com shows that the port settings are
being controlled by the upstream set of rules even though Firestarter is
running.
I am assuming that the downstream instance of ipchains rulesets is
independent
of the upstream ones. Am I overlooking something here, or am I just out
of luck?
Jack
Jack Bowling
Prince George, BC
mailto:[EMAIL PROTECTED]
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
