Re: Firewall for zSeries Linux?
On Thu, 12 Sep 2002 22:46, you wrote: > If you really want a commercial solution then there's the new StoneGate > product (from Stonesoft at http://www.stonesoft.com/ ) which is a > firewall and VPN solution and there's also zGuard (from FBIT at > http://www.fbit.de/ ) but I'm not certain about current availability. I was going to say, "If you want a commercial product, see what Rusty has to offer." Rusty started this, and he is/was offering commercial software too. I tried to track him down, but thet trail ended here: What's Happening? Rusty's (new) GPG Key Rusty is now working for IBM. Wednesday September 4 2002 More little cleanups: have hotplug CPUs almost working in x86 (well, they don't actually shutdown the CPUs, but it's more to test the generic code). Take a look at rustcorp.com.au (mentioned in another context further down the same document). -- Cheers John Summerfield Microsoft's most solid OS: http://www.geocities.com/rcwoolley/ Join the "Linux Support by Small Businesses" list at http://mail.computerdatasafe.com.au/mailman/listinfo/lssb
Re: Firewall for zSeries Linux?
On Thu, 12 Sep 2002 21:35, you wrote: > David, > try looking at either "IPCHAINS" or "IPTABLES" for Linux. They might do > what your client needs and they are open source. And this script might be a good starting-point. ftp://ftp.clarkconnect.org/clarkconnect-1.0/sources/cc-firewall-1.0-5.src.rpm -- Cheers John Summerfield Microsoft's most solid OS: http://www.geocities.com/rcwoolley/ Join the "Linux Support by Small Businesses" list at http://mail.computerdatasafe.com.au/mailman/listinfo/lssb
Re: Firewall for zSeries Linux?
Thanks very much everyone, you've been a great help! David -- David J. Chase, zSeries Techline, New York City -- --IBM - 7th Fl, 590 Madison Ave, NYC, NY 10022 -- -- 212-745-3890 (tieline 243) --
Re: Firewall for zSeries Linux?
On Thu, 2002-09-12 at 16:13, Jon R. Doyle wrote: > You might be looking at version 1? If you are on Kernel 2.4, use > SuSEfirewall2 that has ipchains and can get quite extensive. Take a lok at > the security packages here: Packet filtering goes back to Linux 1.2 so it shouldnt be the cause 8)
Re: Firewall for zSeries Linux?
David J. Chase writes: > I tried to search the archives and was unable to get in and I need the > information as soon as I can find it so I'm going to ask here and beg > your indulgence :-) I am going to use words I don't understand, so > please try to read into my question if it doesn't make sense :-) :-) > > A customer has the SuSE distribution but feels that the default firewall > doesn't have as many features as they want. It seems to only do network > address translation and they are also looking for packet filtering. Is > there a commercial firewall program available for Linux for zSeries? > Is there anything else you can tell me? I tried searching linuxvm.org > but couldn't find what I was looking for. If you really want a commercial solution then there's the new StoneGate product (from Stonesoft at http://www.stonesoft.com/ ) which is a firewall and VPN solution and there's also zGuard (from FBIT at http://www.fbit.de/ ) but I'm not certain about current availability. --Malcolm -- Malcolm Beattie <[EMAIL PROTECTED]> Linux Technical Consultant IBM EMEA Enterprise Server Group... ...from home, speaking only for myself
Re: Firewall for zSeries Linux?
You might be looking at version 1? If you are on Kernel 2.4, use SuSEfirewall2 that has ipchains and can get quite extensive. Take a lok at the security packages here: www.suse.de/~marc Regards, Jon Jon R. Doyle Sendmail Inc. 6425 Christie Ave Emeryville, Ca. 94608 (o_ (o_ (o_ //\ (/)_ (\)_ V_/_ On Thu, 12 Sep 2002, David J. Chase wrote: > I tried to search the archives and was unable to get in and I need the > information as soon as I can find it so I'm going to ask here and beg > your indulgence :-) I am going to use words I don't understand, so > please try to read into my question if it doesn't make sense :-) :-) > > A customer has the SuSE distribution but feels that the default firewall > doesn't have as many features as they want. It seems to only do network > address translation and they are also looking for packet filtering. Is > there a commercial firewall program available for Linux for zSeries? > Is there anything else you can tell me? I tried searching linuxvm.org > but couldn't find what I was looking for. > > Thanks very much! > David > > -- David J. Chase, zSeries Techline, New York City -- > --IBM - 7th Fl, 590 Madison Ave, NYC, NY 10022 -- > -- 212-745-3890 (tieline 243) -- >
Re: Firewall for zSeries Linux?
On Thursday 12 September 2002 09:11 am, David J. Chase wrote: > A customer has the SuSE distribution but feels that the default firewall > doesn't have as many features as they want. It seems to only do network > address translation and they are also looking for packet filtering. Is > there a commercial firewall program available for Linux for zSeries? > Is there anything else you can tell me? Don't confuse SuSE's default "starting point" firewall configuration with containing the total capabilities of IPTABLES. SuSE doesn't claim that their default config is comprehensive. IPTABLES can do a *lot* of neat things. IPTABLES is the current Linux packet filtering control utility. The actual filtering is within the kernel. IPTABLES replaces the older (kernel 2.2.x and earlier) IPCHAINS and IPFWADM which are both deprecated. Typically, packet filtering consists of a group of inter-related modules. It is rarely, if ever, built into a monolithic kernel. Fortunately, IPTABLES is similar enough to IPCHAINS that migration is typically not difficult. If you *really* need full backward compatibility, you can load the old ipchains.o kernel module instead of iptables.o and friends, and thereby actually use the old IPCHAINS commands. I don't recommend doing this as a general rule, especially for new installations. Migrate to IPTABLES. In addition to the IPTABLES HOWTO (also look for HOWTOs and Mini-HOWTOs on NAT and Packet Filtering -- there are several), you may also want to take a look at the tutorial presentation I did for SHARE Nashville. It's online on Sine Nomine's web site, in our Publications section. (URL in my tagline) I'll be presenting this introductory class also at IBM's VM/VSE Technical Conference (Miami, in October) as well, if you plan to attend that event. Kind regards, Scott -- - Scott D. Courtney, Senior Engineer Sine Nomine Associates [EMAIL PROTECTED] http://www.sinenomine.net/
Re: Firewall for zSeries Linux?
iptables - standart Linux firewall does packet filtering.
man iptables or find IPTABLES HowTo.
WBR, Sergey
"David J. Chase" <[EMAIL PROTECTED]>
Sent by: Linux on 390 Port <[EMAIL PROTECTED]>
12.09.2002 16:11
Please respond to Linux on 390 Port
To: [EMAIL PROTECTED]
cc:
Subject: Firewall for zSeries Linux?
I tried to search the archives and was unable to get in and I need the
information as soon as I can find it so I'm going to ask here and beg
your indulgence :-) I am going to use words I don't understand, so
please try to read into my question if it doesn't make sense :-) :-)
A customer has the SuSE distribution but feels that the default firewall
doesn't have as many features as they want. It seems to only do network
address translation and they are also looking for packet filtering. Is
there a commercial firewall program available for Linux for zSeries?
Is there anything else you can tell me? I tried searching linuxvm.org
but couldn't find what I was looking for.
Thanks very much!
David
-- David J. Chase, zSeries Techline, New York City --
--IBM - 7th Fl, 590 Madison Ave, NYC, NY 10022 --
-- 212-745-3890 (tieline 243) --
Re: Firewall for zSeries Linux?
On Thu, 2002-09-12 at 14:11, David J. Chase wrote: > A customer has the SuSE distribution but feels that the default firewall > doesn't have as many features as they want. It seems to only do network > address translation and they are also looking for packet filtering. Is > there a commercial firewall program available for Linux for zSeries? The base Linux 2.4 firewalling does packet filtering, nat , tracking, ftp rewriting and other stuff.
Re: Firewall for zSeries Linux?
David, try looking at either "IPCHAINS" or "IPTABLES" for Linux. They might do what your client needs and they are open source. Good luck. Dave Jones Sine Nomine Associates Houston, TX - Original Message - From: "David J. Chase" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, September 12, 2002 8:11 AM Subject: Firewall for zSeries Linux? > I tried to search the archives and was unable to get in and I need the > information as soon as I can find it so I'm going to ask here and beg > your indulgence :-) I am going to use words I don't understand, so > please try to read into my question if it doesn't make sense :-) :-) > > A customer has the SuSE distribution but feels that the default firewall > doesn't have as many features as they want. It seems to only do network > address translation and they are also looking for packet filtering. Is > there a commercial firewall program available for Linux for zSeries? > Is there anything else you can tell me? I tried searching linuxvm.org > but couldn't find what I was looking for. > > Thanks very much! > David > > -- David J. Chase, zSeries Techline, New York City -- > --IBM - 7th Fl, 590 Madison Ave, NYC, NY 10022 -- > -- 212-745-3890 (tieline 243) -- >
Firewall for zSeries Linux?
I tried to search the archives and was unable to get in and I need the information as soon as I can find it so I'm going to ask here and beg your indulgence :-) I am going to use words I don't understand, so please try to read into my question if it doesn't make sense :-) :-) A customer has the SuSE distribution but feels that the default firewall doesn't have as many features as they want. It seems to only do network address translation and they are also looking for packet filtering. Is there a commercial firewall program available for Linux for zSeries? Is there anything else you can tell me? I tried searching linuxvm.org but couldn't find what I was looking for. Thanks very much! David -- David J. Chase, zSeries Techline, New York City -- --IBM - 7th Fl, 590 Madison Ave, NYC, NY 10022 -- -- 212-745-3890 (tieline 243) --
