On Mon, 2005-03-14 at 17:40 +0100, Seferovic Edvin wrote: > Hi list, > > are there some tools for creation of iptables rules that you could refer me > to. I would appreciate it when you could write an opinion to the tool you > maybe use. <snip> Some of my team have used fwbuilder (http://www.fwbuilder.org) in the past with great success. There was recently a post about a new tool, http://firewalladmin.sf.net - I subsequently read some impressive reviews. I believe this product is very granular and is specifically a rule configurator. I am the maintainer of the ISCS project (http://iscs.sourceforge.net) which is the complete opposite -- it is designed for very large and complex environments where it can be overwhelming to configure everything in a granular manner. Instead, it creates dual hierarchies with inheritance (users and resources) and creates relationships between them. It also automates the coordination of the access control rules with user authentication, VPN, routing, NAT and, hopefully soon, QoS/CoS. It is thus a very different approach -- in fact we joke that the unlearning curve is greater than the learning curve. It's sort of a replacement for very expensive tools like SolSoft, Provider1, and SmartPipes but much more efficient. It is designed to be able to administer more than just Linux systems (e.g., Cisco, Juniper). My work situation has made it a bit difficult to advance the project for the last few months so all volunteers are gladly welcomed. Good luck in your search - John -- John A. Sullivan III Open Source Development Corporation +1 207-985-7880 jsullivan@xxxxxxxxxxxxxxxxxxx Financially sustainable open source development http://www.opensourcedevel.com
