s-c-f
shrek-m at gmx.de
shrek-m at gmx.de
Sat Nov 10 13:36:54 UTC 2007
########
system-config-firewall-1.0.10-1.fc9
-----------------------------------
* Fri Nov 09 2007 Thomas Woerner <twoerner at redhat.com> 1.0.10-1
- fixed problem with network devices (rhbz#331671)
- dropped obsolete translation no.po (rhbz#332331)
########
thanks, s-c-f is now starting :)
i could not find the possibility to
add "other protocols"
manage "policys"
manage "portforwarding"
will these be possible in future releases ?
it is possible to add custom rule files (iptables-save format) but if i could manage nearly all in s-c-f it would be great.
---- eg. iptables ----
## input|output - drop|drop
# iptables -P INPUT ACCEPT
iptables -P INPUT DROP
# iptables -P OUTPUT ACCEPT
iptables -P OUTPUT DROP
## imap (email-archiv) <-- 172.16.2.1
iptables -t nat -A POSTROUTING -s 172.16.2.1 -p tcp -m tcp --dport 143 -j MASQUERADE
## ssh 2222 --> 172.16.1.2
iptables -t nat -A PREROUTING -i ppp0 -p tcp -m tcp --dport 2222 -j DNAT --to-destination 172.16.1.2:22
## pptp tcp:1723; protokoll 47:GRE --> 172.16.0.2
iptables -t nat -A PREROUTING -i ppp0 -p tcp -m tcp --dport 1723 -j DNAT --to-destination 172.16.0.2:1723
iptables -t nat -A PREROUTING -i ppp0 -p 47 -j DNAT --to-destination 172.16.0.2
----/----
--
shrek-m
More information about the fedora-test-list
mailing list