Rodolfo J. Paiz wrote:
On Mon, 2004-11-01 at 22:38 -0500, Phil Schaffner wrote:
Setting eth0 as a trusted device (comment 33 in BZ 133064) is
essentially the same as turning off the firewall if that is your only
interface. Good firewall rules would be preferable, unless you REALLY
trust your hardware firewall. Which begs the question - what is a good
firewall tool for FC3? Have been unable to get firestarter to work.
Compiles, but hangs when executed.
Shorewall (www.shorewall.net). Text files to hold configuration, so no
cute GUI but you do get to access and modify it via SSH. Secure,
reliable, easy to learn and use, very very powerful. 5-star tool. Well
supported and documented, even.
Cheers,
Thanks to Phil for the comments and to Rodolfo for the link. I have
decided to go the safe route and have ordered a copy of "Red Hat Linux
Firewalls" by Bill McCarty. I will also try out shorewall.
Gerry