setting up nat

Ed Greshko Ed.Greshko at greshko.com
Mon May 22 17:07:37 UTC 2006


Arun Binaykia wrote:
> What's the big deal about shorewall. It claims to be a high level
> firewall but as i see one still needs to know about networking,
> interfaces,rules,zones etc. 
> If you are going to that depth why not just do iptables. It's almost the
> same work. It seems that shorewall is just a wrapper of iptables.

Yes, it is a wrapper for iptables.

Yes, you need to know something about networking to use it to its full
capabilities.

But, you need not learn the semantics of iptables.

> I do not intend to flame shorewall users/developers. Just trying to
> understand. 

What's to understand?  With the work done by the shorewall folk you need
not learn the semantics of iptables.  It also assists you in keeping the
order straight.






More information about the fedora-list mailing list