| 1 |
Holly Bostick <motub <at> planet.nl> writes: |
| 2 |
|
| 3 |
|
| 4 |
> If you're trying to learn, James, there is something to be said for |
| 5 |
> Dave's position; it's not as if the config files are going to disappear |
| 6 |
> just because you used shorewall to write them with correct settings. |
| 7 |
|
| 8 |
Following this example, I've had no problems, only it did not |
| 9 |
include the DMZ portion of the example. I looked at Shorewall. No thanks. |
| 10 |
|
| 11 |
> It might be easier to understand how iptables works if you configure it |
| 12 |
> through a system that will do it properly, *then* look at the configured |
| 13 |
> rules and work out why they work (as opposed to what your self-made |
| 14 |
> rules do), rather than wait to have a working configuration until you've |
| 15 |
> understood iptables (which is apparently not really easy for most |
| 16 |
> everybody). |
| 17 |
|
| 18 |
Hey, it took me quite a long time to digest OpenBSD +pf and other tools. |
| 19 |
That's OK, even fantastic. It's what I want to do. Struggle, learn, |
| 20 |
make little mods and test the results..... |
| 21 |
|
| 22 |
If I need immediate coverage, I have a OpenBSD +pf box that is fantastic, |
| 23 |
because I took the time to learn. If shorewall is so easy, then just email |
| 24 |
to me the config files for a 3 nic network, with DMZ based web server, |
| 25 |
and only internally (LAN) initiated connections allowed, in the form |
| 26 |
of config files, OK? |
| 27 |
|
| 28 |
I'm quite sure I'll master iptables/netfilter, the commnand line and |
| 29 |
config file way.........the old fashion, hard-headed way. |
| 30 |
|
| 31 |
YMMY |
| 32 |
|
| 33 |
James |
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
-- |
| 38 |
gentoo-user@g.o mailing list |
Archives