configuring iptables
Jeff Vian
jvian10 at charter.net
Fri Feb 17 14:30:42 UTC 2006
On Fri, 2006-02-17 at 13:56 +0000, Timothy Murphy wrote:
> Steve Ziuchkovski wrote:
>
> > Is there a utility that allows iptable to be configured easily and updated
> > at runtime, but without sacrificing any security (other than ports I open,
> > of course!)?
>
fwbuilder does a very good job of creating/compiling an iptables
configuration script for you.
To tweak the running tables just run a new script and it completely
replaces the running rules with the new ones.
> I'm not sure I understand your question perfectly,
> but shorewall has a number of standard configurations (eg two-interfaces)
> one of which would suit most situations, I imagine.
>
> I must say, as a shorewall user, I am surprised
> at the complication of the resulting iptables,
> which makes me think it must be rather difficult
> to set up iptables without using an extra program like this.
>
> A bit like sendmail, in fact.
>
> Am I mistaken?
>
> --
> Timothy Murphy
> e-mail (<80k only): tim /at/ birdsnest.maths.tcd.ie
> tel: +353-86-2336090, +353-1-2842366
> s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland
>
More information about the fedora-list
mailing list