--- Jason Stubbs <[EMAIL PROTECTED]> wrote: > Shorewall is a firewall. It is used to secure up the box a little from remote > intrusions. Useful as a gateway/router or a desktop, no? Yes it does all of the above. Its a full firewall. Basically a bunch of scripts that make configuring iptables easier. Its fully statefull with the current kernel build and allows you to set it up like a firewall with mulitple interfaces. Net, local, Dmz.. You can port forward, DNAT, one to one Static NAT and it does snat masq'ing out bound. Pretty robust actually.
YOu can setup for a standalone system or like mine. Two interface system to block all the bullcrap coming inbound. (since we basically live online we start to get hammered with little script kiddies doing thier thing.)Outbound this Gentoo box nats for two other Windows machines and I only allow the needed ports out.Dns, http, https, smtp, pop3, ping, tracert/route. www.shorewall.net check it out.. Great web site and easy firewall to setup. > Actually, I'm using natting just to use squid as a transparent proxy - and > it's only a desktop. I figure may as well share an internet cache and > couldn't be bothered setting it up for each user, especially if I need to > turn squid off for any reason. This is what I would like to do eventually once I get confortable with linux. The area I live in won't be getting cable or dsl anytime soon so a dns/caching and web caching server like squid would be nice for getting any more bandwidth saved outbound. How to set this up is beyond me at this point. Trying to focus on the basics for now. Firewalling is second nature for me so that wasn't hard to get setup even know I don't know my way around linux that well yet. __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com -- [EMAIL PROTECTED] mailing list