Jason asked: > What do some of you think of the Seawall firewall scripts? > I find they work well, and I like the file layout. Anyone > not think they are good firewall scripts? Would it be better > to use the built in Dachstein rules?
I really love Dachstein, and it's predecessor Eigerstein. Charles is a genius! But I always use Seawall with Dachstein because it is easier to use and understand, and integrates well with Dachstein. I have a simple three NIC setup with a DMZ. I could not figure out how to set this up with Charles's extended scripts (and later with Dachstein, which includes the scripts). But with Seawall this is a piece of cake. Seawall is very organized and easy to use. There is a systematic way to specify what ports should be accessible to where and from where. Also, Seawall by default makes a very secure stealth firewall. Having said this, I should add that Dachstein by itself has a very decent firewall. I just understand Seawall better. The only downside I can see of using Seawall with Dachstein is it isn't always obvious which settings in the Dachstein setup can be ignored because Seawall overwrites them. I have always intended to go through and mark what those are (since I have only medium knowledge level this would be a good learning exercise). The Seawall ipchains setup appears to be loaded after the Dachstein ipchains setup, so all the port filtering rules Dachstein does are replaced. So I assume everything in the Dachstein setup that results in ipchains setup can safely be ignored. Finally, Tom Eastep gives super support for Seawall. Of course Charles Steinkuehler is equally heroic in helping perople out with Dachstein. Remember that Seawall is for ipchains so it is only for 2.2 kernel versions of leaf. For 2.4 kernel versions you can use Tom's Shorewall. I think the Bering developers were very smart to integrate Shorewall from the getgo. I am intending to migrate my Dachstein+Seawall setup to Bering. Tim Wegner _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
