"jdebert" == jdebert <jdebert@garlic.com> writes:
jdebert> John Andersen: >> >> I just use Shorewall. The documentation is excellent, comes with most scripts >> you will ever need, but it is so easy to add your own. jdebert> Already have the scripts. That's even easier! jdebert> The scripts take care of all the static stuff & shorewall can jdebert> handle the dynamic bits with fail2ban's help. jdebert> Additional benefit to scripts is that there are no surprises on jdebert> updates. jdebert> Not long ago an unsupervised system update elsewhere removed jdebert> shorewall, etc., & installed SuSEFirewall2 because of an error in jdebert> a chain of dependencies. Are we talking shorewall packaged by opensuse or Tom Eastep provided rpms. ? In the former case it conflict with SuSEfirewall2 and this should have brought a solver question regarding the conflict. If that is the case I suggest you file a bug report against SuSEfirewall2 or the installation process. However if you used Tom Eastep provided rpms then you are on your own, because those rpms have no clue about a conflict with SuSEfirewall2 >> I found the suse firewall pretty obtuse an unwieldy for anything but >> the basics like allowing samba etc. jdebert> It doesn't seem to behave as expected. And seems too inflexible jdebert> as well. Well it is not an enterprise level firewall true, but it is flexible when one knows the internals of how those functions work, and how one can tweak the SuSEfirewall2-custom script. For example for a multi isp setup the easiest way is just use shorewall and follow the guides. To achieve the same thing with SuSEfirewall2 is a bit tricky and tiresome but doable. At the end of the day it depends what one wants to achieve Togan -- Life is endless possibilities -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org