Hello Cookers!
First, this is not a plea to have the Bastille packages re-
integrated with cooker. I'm sure that the Mangagement was very
careful in their decision to drop Bastille in favour of Shorewall,
and I won't whine about it, but for folks like me who are too
busy with other things to become grandmasters of IPCHAINS,
Bastille was very nice. (Besides, if I were a master of IPCHAINS,
I wouldn't even need shorewall, would I? I could just forge out
all my own rules by hand and keep them in a text file to feed into
the chain-locker at boot-time...)
After concussing myself for several weeks now trying to figure out
how to make shorewall play nice, unsuccessfully, I found that the
rpmfind.net repository still has the last released Mandrake-cooker
versions of the Bastille packages (Bastille-1.3.0-3mdk.noarch.rpm
and the UI modules (Bastille-Tk-module-1.3.0-3mdk.noarch.rpm and
Bastille-Curses-module-1.3.0-3mdk.noarch.rpm) Even better, they
still work, so one can install them on a current cooker, and then
run InteractiveBastille to configure their iptables or ipchains
firewall, (and all the other stuff that it lets you do, if you are
so inclined)
Furthermore, There are packages for the new Bastille-2.0 version,
but they are not Mandrake specified, though the description page
indicates that it will work on a Mandrake system. I was too
agitated by fighting with all the other network problems I was
having after the last cooker updates I did (NAT was inoperative,
and I couldn't even resolve names on the machine with the direct
connection to the network!) to feel like testing a new version,
but it is there for those who are interested. I still think it is
unfortunate that Bastille has been dropped from the package
line-up. It was very nice for those of us who want a safe
machine, but who are not TCP/IP ninjas, as seems to be required to
configure shorewall.
With best regards,
Chuck Shirley
--
+-% He's a real UNIX Man $-+----------------------------------+
\ Sitting in his UNIX LAN \ Charles A. Shirley \
\ Making all his UNIX plans \ cashirley (at) comcast (dot) net \
+------# For nobody @------+----------------------------------+
