Colin Murphy wrote:
Recent events have made me think about firewalls.
What is the difference between SuseFirewall2 and the firewalls found in other distros - which I am assuming are referred to as IPTables.
Susefirewall2 is just a set of scripts and configuration files to configure IPtables on the fly, which is probably the same as most distros offer. I've no experience with those, but I assume they are about as straightforward, and allow the same kind of versatility/complexity of the firewall, as Susefirewall -- which is to say, easy as blazes to configure but far too simplified for any but the most modest of firewall requirements. They're all pretty good at what they can do, but rather limited in their flexibility. (Since someone is bound to try to tell me how complex a setup he has at home, let me add this: even if you have an internal LAN and have fully configured all your firewall rules/policies, masqing and routing in Yast, I still say your requirements are modest -- and if you happen to have 5 internal LANs on one router/firewall that includes port forwarding, etc but still used Yast to configure it, I can only suggest it would have taken you about 1/4 the time under something like Shorewall :-) )