Wow, that is news to me... I've always just banged out iptables rules and
then saved them...
On Tue, 6 Sep 2005, Dave Nebinger wrote:
I've been trying to build a simple firewall with a DMZ for a
web server.
Dude, trying to use iptables directly was your first mistake.
Take a spin out and look at shorewall (I'm sure others have different
recommendations).
Shorewall will get you up and running in no time and will easily handle the
configuration stuff from your original post.
Trying to manage such a complex config using iptables directly is doomed to
failure; any mistake in ordering of rules, etc., will break your
connectivity. Sticking with a tool like shorewall will simplify rules
maintenance and pose less of a problem when performing updates later on.
Dave
--
Bryan Whitehead
Email:[EMAIL PROTECTED]
--
gentoo-user@gentoo.org mailing list
