mouss wrote:
depends on your situation. if you don't have performance issues and no
special configuration needs, then a low end commercial firewall would
be enough. otherwise, you need to take the time to learn iptables, or
find someone to help you build your firewall.
there are guis available. google is your friend. one that comes to
mind now is fwbuilder.
Personally, if I was using the box as a firewall, lightweight network
utility, VPN, router, NAT,
or whatever else a typical gateway might handle, I'd run it on BSD and
PF in a heartbeat over
iptables. Linux's general adhesion to the ridiculously obtuse and
difficult ipchains/iptables
legacy is extremely unfortunate at best, and IMO, far less functional.
Your entire PF
configuration file (amazingly) named /etc/pf.conf can be easily less
than 15 lines and
cover quite a lot of ground.
Kinda reminiscent of the old IPFW, only evolved about 200 years, which
would make it
10,200 years more evolved than ipchains/iptables.
:P
(*climbing back into Nomex in nuke bunker*)
Peter
--
Peter Serwe <peter at infostreet dot com>
http://www.infostreet.com
"The only true sports are bullfighting, mountain climbing and auto racing." -Earnest Hemingway
"Because everything else requires only one ball." -Unknown
"Do you wanna go fast or suck?" -Mike Kojima
"There are two things no man will admit he cannot do well: drive and make love." -Sir Stirling Moss
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
