Wolfgang Rosenauer wrote:
Hi,
Hi,
for smaller installations (using a Linux gateway) I used to use SuSEfirewall2 which basically has everything I needed so far.
Now I'd something for another usecase: An old Linux gateway (with SuSEfirewall) got a hardware gateway in front of it now which blocks traffic from outside. So there is no need anymore to do extensive filtering and also masquerading on the old gateway while it's still there as kind of second stage hiding the internal network behind it. Now I still need to control which traffic is allowed from the inside to the internet which was done via FW_MASQ_NETS in SF2. Since I want to get rid of a second masquerading, SuSEfirewall has no mechanism to control this traffic anymore.
Now I could write all iptables rules on my own (which is possible but I'm kind of lazy in that case) but I wonder if there is no other simple iptables "generator" outside which does it already.
I plan to look at shorewall but thought I'd just ask here for recommendations. Also try Firewall Builder at http://www.fwbuilder.org/ Since the v2.1.12 version, is able to import your existing iptables configurations, witch is a nice thing to upgrade your existing machines as well. Also has an excellent GUI.
Thanks, Wolfgang
-- Rui Santos http://www.ruisantos.com/ Veni, vidi, Linux! -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org