Hello List,
FireHOL is well documented, it is written in bash,
it is intuitive to configure and to maintain,
and it comes with options that produce a template
for your current box, that allow to check your
configuration, and to read the effective iptable.
Furthermore, it is maintained,
The cons:
Michael Pobega wrote:
On Sun, Nov 16, 2008 at 05:59:50PM -0600, Boyd Stephen Smith Jr. wrote:
On Sunday 16 November 2008 12:00, Michael Pobega wrote:
Do you know of any reliable way to make sure my firewall is working?
I'm behind a router so I don't think any of those TCP scanning sites
would w
On Sun, Nov 16, 2008 at 05:59:50PM -0600, Boyd Stephen Smith Jr. wrote:
> On Sunday 16 November 2008 12:00, Michael Pobega wrote:
> >
> > Do you know of any reliable way to make sure my firewall is working?
> > I'm behind a router so I don't think any of those TCP scanning sites
> > would work.
>
On Sunday 16 November 2008 12:00, Michael Pobega wrote:
> do you know of any reliable way to make
> sure my firewall is working? I'm behind a router so I don't think any of
> those TCP scanning sites would work.
nmap from various locations is my general testing proceedure. There might be
more ag
Jerome BENOIT wrote:
firehole is great too !
Can you elaborate a little bit on pro/cons?
Right now I'm trying to get through shorewall docs and it's "OK" but
they could use a better initiation/orientation starting point. I'm only
now grasping the different roles that zone/policy/rule play.
On Sun, 2008-11-16 at 08:52 -0800, Kenward Vaughan wrote:
> On Mon, 2008-11-17 at 00:10 +0800, Jerome BENOIT wrote:
> > firehole is great too !
>
> Anyone work with firestarter?
Sorry about the post... I did not see the originals and had this
question in mind at the moment. Now I see I probably
On Mon, 2008-11-17 at 00:10 +0800, Jerome BENOIT wrote:
> firehole is great too !
Anyone work with firestarter?
Kenward
--
In a completely rational society, the best of us would aspire to be
_teachers_ and the rest of us would have to settle for something less,
because passing civilization al
On Sat, Nov 15, 2008 at 06:56:48PM -0500, Douglas A. Tutty wrote:
> On Sat, Nov 15, 2008 at 01:59:43PM -0500, Tom Allison wrote:
> > For about ten years I've been writing my own firewall directives and
> > today I started setting up a new firewall box. For the past year I've
> > been using ipcop
firehole is great too !
Douglas A. Tutty wrote:
On Sat, Nov 15, 2008 at 01:59:43PM -0500, Tom Allison wrote:
For about ten years I've been writing my own firewall directives and
today I started setting up a new firewall box. For the past year I've
been using ipcop, but they have some characte
On Sat, Nov 15, 2008 at 01:59:43PM -0500, Tom Allison wrote:
> For about ten years I've been writing my own firewall directives and
> today I started setting up a new firewall box. For the past year I've
> been using ipcop, but they have some characteristics that I didn't care for.
> after thi
It's a headless box and I want to be able to maintain it as
> such. This removes some of the firewall utilities because they appear
> to be GUI tools.
>
> after this I think I am left with a few options:
>
> ferm
> shorewall
> arno-iptables-firewall
...
> My
tilities in the
debian arsenal of cool stuff.
First - I have no interest in installation of a GUI front end on my
firewall. It's a headless box and I want to be able to maintain it as
such. This removes some of the firewall utilities because they appear
to be GUI tools.
after this I think
12 matches
Mail list logo
