Re: AW: [gentoo-user] iptables firewall+nat problem
--- Simon_Kühling <[EMAIL PROTECTED]> wrote: > > http://www.shorewall.net > > ok, shorewall really seems to be quite popular in here :) so i should > give it a try > # emerge shorewall Hi Simon, Like anything new, you will need to get familar with "Shorewalls" web site which is top notch. The other thing that you will want to do is join their mailing list. The person who writes Shorewall does a very expert job at responding to users questions in an amazingly short time frame on this list. I found that with Shorewall in place I was able to garner immeadiate satisfaction of having a fully functional statefull firewall in place. Once everything was up an running, then I took the time to learn what was going on under the hood so to say. Just because your running Shorewall doesn't mean that your not going to understand whats running under the hood. I happened to learn iptables allot faster with Shorewall installed and running using its various diagnostic iptables tools. So if anyone try's to mislead you into thinking that you won't understand iptables with Shorewall installed that would be false. You still have control over iptables in the raw under the hood style if you wish. Shorewall just allows you immediate simplification of setting up Zones, Policy's, Rules, Masqing, and port forewarding to name a few. Joshua Banks __ Do you Yahoo!? Exclusive Video Premiere - Britney Spears http://launch.yahoo.com/promos/britneyspears/ -- [EMAIL PROTECTED] mailing list
Re: AW: [gentoo-user] iptables firewall+nat problem
On Sunday 02 Nov 2003 13:28, Simon Kühling wrote: > ok, shorewall really seems to be quite popular in here :) so i should > give it a try > # emerge shorewall Really?? I tried it when I was using Mandrake and didn't like it. What worked for me was the IP-Masquerade-HOWTO.html. With that I do feel in control of things. $ qpkg -f /usr/share/doc/howto/html-single/IP-Masquerade-HOWTO.html app-doc/howto-html-single * Peter -- == Portage 2.0.49-r15 (default-x86-1.4, gcc-3.2.3, glibc-2.3.2-r1, 2.4.23_pre8-gss) i686 AMD Athlon(tm) XP 3200+ == -- [EMAIL PROTECTED] mailing list
AW: [gentoo-user] iptables firewall+nat problem
> --- Simon_Kühling <[EMAIL PROTECTED]> wrote: > > > I wonder if your firewall is blocking ping scans. Disable the > > > firewall and see > > > if you can ping google. > > > > well, you are right - disabling the firewall makes ping work again. > > maybe it is easier to build my own script from scratch instead of > > using the one from gentoo-security-guide. > > If you insist. Your making allot of extra work for yourself. > Shorewall already has all of the scripts that you need. All > you need to do is simply modify them. Trust me. Try it, and > you will understand. If you don't like it go back to writing > everything from scratch. > > http://www.shorewall.net ok, shorewall really seems to be quite popular in here :) so i should give it a try # emerge shorewall ... thanks for help so far! simon -- [EMAIL PROTECTED] mailing list
