On Mon, Apr 05, 2010 at 09:16:20 -0700, Michael Miles <mmamiga6@xxxxxxxxx> wrote: > I'm just using the firewall that comes with Fedora 12, is there better > firewall software out there. That depends on what you are looking for. iptables has limited deep packet inspection features. It is also only maintaining a small amount of state. For some more extensive requirements that might not be good enough. Also as mentioned in another reply, having front ends that build the low level rules can be useful. They also typically prevent you from making rookie mistakes (such as blocking all icmp packets) that might cause odd problems that are hard to figure out. Another feature that is related, is doing traffic control. If you have a router running openwrt (or something similar) you can do traffic control for you home network. It doesn't work well to try this on each machine, since each machine doesn't have the big picture. This is useful for providing lower latency for some traffic despite large transfers going on. Also if some machines should get better service than others on your network, you can use traffic control to implement that. The Linux Advanced Routing and Traffic Control document is a good starting place. It is dated, but still useful. tc has gotten some additional features and ifb is supposed to be replacing imq (though openwrt just provides imq currently unless you build your own image) since that document was written. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
