| 1 |
On 2018-02-28 13:28, Jorge Almeida wrote: |
| 2 |
|
| 3 |
> > Is there something besides iptables? It seems to be like |
| 4 |
> > systemd/perl/python, continuously expanding its scope. And no, I'm |
| 5 |
> > not looking for an "easy-peasy front-end gui" that'll probably pull |
| 6 |
> > in 90% of QT as dependancies. I fondly remember IPCHAINS. |
| 7 |
> |
| 8 |
> shorewall seems to be the most powerful one. Lots of documentation, |
| 9 |
> configured via text files. firehol is much simpler to use, but less |
| 10 |
> well documented and the mailing list doesn't show much life. None has |
| 11 |
> any useless GUI. I find both usable. |
| 12 |
> |
| 13 |
> I would just use iptables if I were iptables-wise enough. |
| 14 |
|
| 15 |
Isn't iptables (the userspace program) just a very thin wrapper over the |
| 16 |
underlying kernel interface (netfilter)? AFAIK there is no other kernel |
| 17 |
interface, at least not in stable kernels, so all the other packages |
| 18 |
just abstract and simplify it more - I would not consider that reduction |
| 19 |
of scope. |
| 20 |
|
| 21 |
I actually like iptables, of course I'll never learn about _all_ its |
| 22 |
features, but I've already used some not quite trivial ones. |
| 23 |
|
| 24 |
-- |
| 25 |
Please don't Cc: me privately on mailing lists and Usenet, |
| 26 |
if you also post the followup to the list or newsgroup. |
| 27 |
To reply privately _only_ on Usenet and on broken lists |
| 28 |
which rewrite From, fetch the TXT record for no-use.mooo.com. |
Archives