From: Anthony DiSante <theant@nodivisions.com>
To: netfilter@lists.netfilter.org
Subject: Re: Can someone recommend a good simple firewall script?
Date: Thu, 11 Aug 2005 15:06:30 -0400 [thread overview]
Message-ID: <42FBA1B6.6070600@nodivisions.com> (raw)
In-Reply-To: <200508111252.13654.rob0@gmx.co.uk>
/dev/rob0 wrote:
>>learn iptables yourself, fine; if not, look on freshmeat for
>>something better. Just about anything you might find is probably
>>better.
>>
>>At this time I don't have something specific I can recommend. Before
>>I learned iptables I used MonMotha's, but that's too complicated for
>>my liking.
>
> I don't have time to go looking, but ISTM that many of today's crop of
> questions was related to this poster's issue. They are probably not
> really wanting to learn firewalling, they simply want to have a rule
> set that works and is easy to manage.
>
> Yes, I know there are things like firestarter which can generate
> rulesets. But is there something non-GUI, and simple?
I'm not an expert with firewalls, but it seems to me that many people would
be well-served by something even more basic than a simple ruleset-generator.
Two of the most common services anyone would want to offer are HTTP and SSH.
And many people are either directly connected to the internet (i.e. the PC
has a public IP) or else are behind a hardware router (the PC has a private IP).
Let's further assume that in many/most cases, people in that situation (who
want HTTP and SSH open) would want the system completely locked down otherwise.
Given those constraints, which I think would apply to many people in many
situations, couldn't we ("we" meaning the experts, excluding myself here)
just provide two static rulesets that would satisfy all these people? One
for the system with a public IP, and one for the system behind a router?
-Anthony DiSante
http://encodable.com/
http://nodivisions.com/
prev parent reply other threads:[~2005-08-11 19:06 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-08-11 13:16 Getting Tftp to run with this Rule set Ralph Blach
2005-08-11 17:37 ` /dev/rob0
2005-08-11 17:52 ` Can someone recommend a good simple firewall script? /dev/rob0
2005-08-11 18:00 ` Tom Eastep
2005-08-11 19:06 ` Anthony DiSante [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=42FBA1B6.6070600@nodivisions.com \
--to=theant@nodivisions.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox