On Thu, 6 Jan 2005 08:50:38 -0700 "Jamin W. Collins" <[EMAIL PROTECTED]> wrote:
> On Wed, Jan 05, 2005 at 08:22:17PM -0600, Jacob S wrote: > > > > P.S. Jamin, any chance of firewall making it into Debian? I kind of > > like being able to apt-get install/upgrade stuff. > > I've thought about this a bit and am rather torn on it. There are a > number of other firewall scripts and tools already in Debian. I guess I haven't done a thorough investigation of the ones in Sarge. I did however look at all of the ones I could find in Woody and then Shorewall, Firestarter and a few others I had heard good things about. I did do a little more looking when I was installing Sarge on a Sun Ultra10 several months ago as well. Firestarter and quite a few of the others are gui, so that takes them off my list. I spent a couple hours reading Shorewall docs and trying to configure it, but only succeeded in locking myself out. Then I stumbled across firewall and had it configured and running in 15 minutes. It even works great on my firewall/squid box with barely any config time required. We've started using it at work (small webhost) as well, now that we're finally migrating away from ipchains (2.4 kernel, so the change is minor). So, I'd be happy to see it make it into Debian. :-) BTW - since my diffs to implement the TRUSTED_CONNECTIONS feature in firewall were less than 5K I sent them to the list, but I guess attachments are blocked. Do you want me to send them to you off-list? Thanks, Jacob
