Ah..so I presume that firestarter and lokkit is the same.. (only there's a GUI) and I presume also that shorewall has a Gui.
No, Shorewall is only configured with a set of files in /etc/shorewall. They are easy to use, though.
I _think_ the problem here is that my wifi card is _not_ plugged into the lappy by default. as such, there's not eth1 to select.(?) All I see if eth0, vmnet, lo (i think) and there's the option (talking about firestarter) enable on dial-out (i presume this means ppp0)
I am not sure whether you can simply create rules for an interface even if it is not up at the moment, but I think you can.
>> * eth0 to the internal home LAN >> * eth1 to my DMZ >> * eth2 to my wifi access point
So.. you've got 3 interefaces on 1 PC?? wow! DMz means firewall right?
DMZ is "demilitarized zone," a term IIRC created in the Vietnam War. Means an area where neither side goes freely and all traffic is watched. You generally put servers in there, so NOTHING comes into your internal network and it is easier to secure: both your internal clients and the people out on the Internet connect to servers in the DMZ. The DMZ servers, in turn, do not need free access to the Internet so you can lock them down more tightly, another improvement to security. This is the way I see it, anyway; it's not a texboot definition.
-- Rodolfo J. Paiz rpaiz@xxxxxxxxxxxxxx
-- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list
