Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Iptables script

From: Luca Berra <bluca () comedia it>
Date: Wed, 30 Oct 2002 08:19:08 +0100
On Sun, Oct 27, 2002 at 11:09:33AM -0700, Mark Ryan wrote:

Is there a definitive iptables firewall/nat script out there that offers
the most protection and flexibility?  I currently run a script that I
found on the net but I am sure there is a better one out there
somewhere.  I use a minimal install of Redhat 7.2 on a p166 to act as a
firewall/router.


i just hate it: everybody and his dog has written an iptable firewall
script. a search for iptables on freshmeat returns 98 hits.
there are some interesting things like ferm or filtergen that try to
write a frontend which a less verbose interface (things you are probably
not interested much in).
i'd have two suggestions:
1) write your own, you will probably need to read some of them to get
examples, but please, please when you are over do not put it on
freshmeat, please.
2) try shorewall (www.shorewall.net) which is a neat and well document front-end
to iptables. you'll have to write your policy with it. but i would
never trust my policy to a pre-made script.

L.

--
Luca Berra -- bluca () comedia it
       Communication Media & Services S.r.l.
/"\
\ /     ASCII RIBBON CAMPAIGN
 X        AGAINST HTML MAIL
/ \
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: