>> shorewall has taken a bashing on this list, >> with many suggesting alternatives, >> eg gshield, guarddog, firestarter, etc. >> >> i just wanna relate my own good experience. >> >> i was trying to configure my mdk 9.0 box to share >> my internet connection with a small home network >> consisting of 3 win9x pcs and 2 linux boxes. >> >> i first used the internet connection wizard in mcc, >> which didn't work. >> >> went to www.shorewall.net, and the quickstart guide suggested >> the two interface config. >> >> instead of using it wholesale, i compared the config files, >> found a few differences, opened up the ports i needed, >> restarted shorewall, and it worked. >> >> the entire process took me around 15 mins, >> included reading the stuff at www.shorewall.net. >> >> i think the essential diff was mdk 9.0 tried to >> 3 zones in their shorewall config, while the two >> interface version of the quickstart guide used 2 zones. >> (if you dun understand what i'm saying, >> just spend a couple of mins with www.shorewall.net) >> >> i'm no expert, and i'm sure the mdk developers had >> a good reason to do what they did, but this setup worked >> easily for me. >> >> others trying to configure shorewall can also search >> the archives for a couple of extremely well written
I do not doubt that Shorewall can run nicely once configured properly. I was meaning that my experiences with it (like most) are terrible. Most of my experiences with any firewall configurator sucks. Thats why i say go down to learning the actual rules and ways of iptables since it is directly in charge of it...not any of the GUI configurators. Rob
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
