1 |
Holly Bostick <motub <at> planet.nl> writes: |
2 |
|
3 |
|
4 |
> If you're trying to learn, James, there is something to be said for |
5 |
> Dave's position; it's not as if the config files are going to disappear |
6 |
> just because you used shorewall to write them with correct settings. |
7 |
|
8 |
Following this example, I've had no problems, only it did not |
9 |
include the DMZ portion of the example. I looked at Shorewall. No thanks. |
10 |
|
11 |
> It might be easier to understand how iptables works if you configure it |
12 |
> through a system that will do it properly, *then* look at the configured |
13 |
> rules and work out why they work (as opposed to what your self-made |
14 |
> rules do), rather than wait to have a working configuration until you've |
15 |
> understood iptables (which is apparently not really easy for most |
16 |
> everybody). |
17 |
|
18 |
Hey, it took me quite a long time to digest OpenBSD +pf and other tools. |
19 |
That's OK, even fantastic. It's what I want to do. Struggle, learn, |
20 |
make little mods and test the results..... |
21 |
|
22 |
If I need immediate coverage, I have a OpenBSD +pf box that is fantastic, |
23 |
because I took the time to learn. If shorewall is so easy, then just email |
24 |
to me the config files for a 3 nic network, with DMZ based web server, |
25 |
and only internally (LAN) initiated connections allowed, in the form |
26 |
of config files, OK? |
27 |
|
28 |
I'm quite sure I'll master iptables/netfilter, the commnand line and |
29 |
config file way.........the old fashion, hard-headed way. |
30 |
|
31 |
YMMY |
32 |
|
33 |
James |
34 |
|
35 |
|
36 |
|
37 |
-- |
38 |
gentoo-user@g.o mailing list |