On Fri, Jan 4, 2013 at 12:31 PM, James A. Peltier <jpeltier@xxxxxx> wrote:
> ----- Original Message -----
> |
> | On 1/4/2013 12:21 PM, Tim Evans wrote:
> | > On 01/04/2013 12:01 PM, Tim Evans wrote:
> | >> I'm replacing an ancient Solaris 'ipf' firewall/router with a
> | >> brand new
> | >> CentOS 6.3 system. In the olden days, I successfully used the
> | >> attached
> | >> iptables script (as /etc/rc.local) on Red Hat 5.x systems, but
> | >> this
> | >> doesn't seem to be quite working on the new system.
> | >>
> | >> Specifically, while it seems to be routing ok, you cannot connect
> | >> to
> | >> anything on the inside net (e.g., with ssh or a browser) and
> | >> cannot
> | >> connect to the system with ssh or anything else from elsewhere on
> | >> the
> | >> inside net. Yet arp shows this system active.
> | >>
> | >> Is there obsolete stuff here, and/or anything missing that would
> | >> cause
> | >> this?
> | >
> | > Nevermind... Temporary IP address in the script was wrong;
> | > corrected
> | > and now working. Will be glad to see comments, though.
> | >
> | >
> | Use Firewall Builder. It makes things so much easier. And it's free.
> |
> | http://www.fwbuilder.org/
> |
> | steve campbell
>
> Or don't use CentOS at all and try OpenBSD & PF. The syntax is much
> cleaner and easier to maintain than Netfilter/IPTables and it works pretty
> darn well. ;)
If you want to stick with linux look at Vyatta. I have 5 production
installs (3 physical and 3 VMs) and upgrades have been flawless. The config
resides in one file and the console has a Juniper style syntax.
Ryan
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
