On Saturday 22 December 2007 05:21:14 am Miles Brennan wrote: > > 2. Does one have to understand IPtables any more (chapter 6)? > > I use shorewall, which seems to me to make this bit of life much easier. > > Am I right in thinking shorewall is more or less the default Fedora > > firewall nowadays? > > Shorewall is a graphical tool for configuring iptables (Netfilter) and > is similar to Firestarter. Chapter 6 is constructed to "walk" a new user > through the complexities of iptables and Linux firewalls, so they have > an understanding of what happens at the "packet" level. Shorewall is a > higher level GUI that configures iptables with mouse clicks. I take your other points. But shorewall, at least as I use it, is not graphical at all. It provides 2 or 3 recipes - I use "two-interfaces" - and then it is easy to open any further ports with something like SSH/ACCEPT loc $FW HTTP/ACCEPT loc $FW in the "rules" file. (These use macro.SSH, macro,HTTP in /usr/share/shorewall . There are 20-30 macros for all conceivable services.) -- fedora-docs-list mailing list fedora-docs-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-docs-list
