Dear List, I built an own Firewall with IPTABLES (I inserted every Rule myself) and I want now change to SuSEFirewall2. My Questions are, 1. Would you change to SuSEFirewall2 or would you act like the slogan says "Never touch a running System!"? 2. I've inserted a rule to only let connections into my network if they belong to a parent connection like: <!--snap iptables -A FORWARD -d $LOCAL_NET -i $WORLD_DEV -o $LOCAL_DEV -m state --state RELATED,ESTABLISHED -j ACCEPT snap--!> Now my Question: Does SuSEFIREWALL2 offer this Feature and how can it be activated? What do you think about this rule? Is it usefull or garbish? Sysinfo: kernel: 2.4.17 SuSE: 7.2 iptables: 1.2.2 Ciao ;-) Robert - DE
* Robert Rottscholl wrote on Thu, Jan 03, 2002 at 10:50 +0100:
I built an own Firewall with IPTABLES (I inserted every Rule myself) and I want now change to SuSEFirewall2. My Questions are, 1. Would you change to SuSEFirewall2 or would you act like the slogan says "Never touch a running System!"?
Well, for security reasons you'll have to break it for every update :). But I would say "use the system you're most familiar with".
Now my Question: Does SuSEFIREWALL2 offer this Feature
I would guess it uses it, of course.
What do you think about this rule? Is it usefull or garbish?
A little bit to open I guess... If you start with SuSEfirewall, I would recommend to start iptables to view the generated rules and check if they are as desired. oki, Steffen -- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.
participants (2)
-
Robert Rottscholl -
Steffen Dettmer