Agreed Fwbuilder eases the pain of working with iptables
Regards
Michael Sim
SLI - MIS Central Team
Phone: (32 0) 16 800 369
Fax: (32 0) 16 800 398
The information contained in this email is private and is solely for the
use of the intended recipient(s). If you are not the intended recipient you
have no entitlement to use the contents of this email. Views expressed in
this email do not necessarily reflect SLi policies, does not guarantee that
any attachments are free from viruses or other defects and accepts no
liability for any losses resulting from infected email transmissions.
Further information on SLi, services and products can be found at
www.sylvania-lighting.com
-----"Mike Tierney" wrote: -----
To:
From: "Mike Tierney"
Date: 20/10/2004 23:36
Subject: RE: [suse-security] IPTables Firewall script Generator
I've just started using Fwbuilder. It has a VERY nice graphical interface
and can generate rules for a variety of platforms (including iptables).
It stores the rules and objects in a platform independent fashion which
unfortunitely means you can't just read in your old ruleset but once you've
built your new one you could easily change your firewall platform (i.e.
from
Linux to some form of BSD) and just re-compile the rules for whichever
system you need! The Linux/etc versions are free to use. The Windows
version
isn't free.
Check out http://www.fwbuilder.org/
I've just built rules for our new firewall with 5 network interfaces with
no
trouble.
Cheers
-----Original Message-----
From: suse@karsites.net [mailto:suse@karsites.net]
Sent: Monday, 11 October 2004 11:02 p.m.
To: suse-security@suse.com
Subject: [suse-security] IPTables Firewall script Generator
Hi all.
Just found this in freshmeat daily news.
http://www.links2world.org/doc/links2world-Firewall-HOWTO/index.html
Still in development.
Taken from the homepage:
links2world Firewall is a very simple tool writen in C, that
helps you generate iptables rules for Linux 2.4.x and newer
kernels. Released under GNU General Public License, it is
very easy to configure and designed to run on hosts with one
or more network interfaces.
Most of the existing iptables script generators are shell
scripts. You have to dig in and to look through entire
script in order to customize and configure it for your
needs. Furthermore, they are able to generate iptables rules
for one or maximum two network interfaces.
On the other hand, links2world Firewall uses a very human
readable configuration file that is very easy to understand
and write. Still more, it does not matter if you have one,
two, three or twenty network interfaces, links2world
Firewall is able to generate statefull iptables rulesets
able to control the packet flows between all the networks
your machine is connected to.
May be of interest to anyone managing alot several NIC IF's.
HTH - Keith Roberts
--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@suse.com
Security-related bug reports go to security@suse.de, not here
--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@suse.com
Security-related bug reports go to security@suse.de, not here