On Wednesday 22 January 2003 09:55, Raymond Leach wrote:
On Wed, 2003-01-22 at 10:47, Steffen Dettmer wrote:
* Harald Wallus wrote on Wed, Jan 22, 2003 at 09:21 +0100:
Another tools is fwbuilder, which I think it looks very nice.
Does anybody have experiences? It looks like this is a kind of rule compiler that generates some script. This is a nice way of doing I think, but it's complex to do right and flexible...
It basically generates an iptables script with the rules ... IMHO it is better and more flexible to do it yourself ... at least then you'll understand what you are doing ...
But I have to configure firewalls remotly and thats the reason I prefere SuSEfirewal.
Could you explain that, please?
SuSEfirewall only has one config file and is therefore easy to configure? You are right. At a maximum you need only 20 lines for realy complex firewall configuration. And you can easily read it, make commands and so on. I do my comments like this: %<------ # <name> soll auf SAP router xxx.xxx.xxx.xxx zugreifen koennen. <firma> FW_MASQ_NETS=${FW_MASQ_NETS}" 192.168.251.233/32,213.157.3.110/32 " --->% Please don't forget the spaces, else SuSEfirewall cannot parse.
Greetings Harald
oki,
Steffen
-- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.
-- Dr. Harald Wallus netlike-gmbh Am Listholze 78, D-30177 Hannover Tel: +49(0)511 90 95 1-23 Fax: +49(0)511 90 95 1-90 Email: wallus@netlike-gmbh.de Internet: http://netlike-gmbh.de