Re: [SLUG] clicky clicky firewalls
On 9 Feb 2003, James Gregory wrote: I was just asked for recommendations of a good linux distro to run as a router/firewall. The user in question wants a gui type thing to configure it with. He has been using IPCop, and says it has some shortcomings. I was a little surprised that the shortcomings he cited, so I suspect it's actually the UI that is bad. Annnyway, I'm looking for something I can suggest to him which will setup a good iptables firewall and is clicky. Can be a firewall app that runs on another distro or a complete distro, I don't really mind. Install redhat and buy Checkpoint Firewall1. Remote administration via GUI - even from WindoZe workstations. DaZZa -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
[SLUG] clicky clicky firewalls
Hi all, I was just asked for recommendations of a good linux distro to run as a router/firewall. The user in question wants a gui type thing to configure it with. He has been using IPCop, and says it has some shortcomings. I was a little surprised that the shortcomings he cited, so I suspect it's actually the UI that is bad. Annnyway, I'm looking for something I can suggest to him which will setup a good iptables firewall and is clicky. Can be a firewall app that runs on another distro or a complete distro, I don't really mind. Thanks, James. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] clicky clicky firewalls
* James Gregory [EMAIL PROTECTED] [2003-02-10 00:39]: Annnyway, I'm looking for something I can suggest to him which will setup a good iptables firewall and is clicky. Can be a firewall app that runs on another distro or a complete distro, I don't really mind. Perhaps http://www.bastille-linux.org/ Got a good clicky Tk interface. Bit more than just a firewall, but the firewall module is very good. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
RE: [SLUG] clicky clicky firewalls
Take a look at shorewall (www.shorewall.net) - distro-independent, has a VERY simple configuration system, and the latest webmin (1.060) has a module for configuring it. Jon Hi all, I was just asked for recommendations of a good linux distro to run as a router/firewall. The user in question wants a gui type thing to configure it with. He has been using IPCop, and says it has some shortcomings. I was a little surprised that the shortcomings he cited, so I suspect it's actually the UI that is bad. Annnyway, I'm looking for something I can suggest to him which will setup a good iptables firewall and is clicky. Can be a firewall app that runs on another distro or a complete distro, I don't really mind. Thanks, James. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] clicky clicky firewalls
On 9 Feb 2003, James Gregory wrote: Annnyway, I'm looking for something I can suggest to him which will setup a good iptables firewall and is clicky. SME server is a great firewall (uses iptables) but it's not 'clicky' in the sense that anyone who can click a mouse can change it's configuration. This is sensible because you really need to know what you are doing to properly configure a firewall and a casual 'clicky' approach is almost certainly not a good indicator of this. -=-=-==-=-=--=-=-=-=-=-=-=-=-=-=-=-= Graeme Robinson - Graenet consulting www.graenet.com - internet solutions -=-=-=-=-=-=-=-=-=-=-==---=-=--=-=-= -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] clicky clicky firewalls
On Mon, 2003-02-10 at 08:39, Graeme Robinson wrote: On 9 Feb 2003, James Gregory wrote: Annnyway, I'm looking for something I can suggest to him which will setup a good iptables firewall and is clicky. SME server is a great firewall (uses iptables) but it's not 'clicky' in the sense that anyone who can click a mouse can change it's configuration. This is sensible because you really need to know what you are doing to properly configure a firewall and a casual 'clicky' approach is almost certainly not a good indicator of this. Perhaps I should qualify this. I agree that you need to be very competent to build a good firewall. However, GUIs can work really well for assembling them. I suppose what I'm really looking for is something like Raptor Firewall. I stumbled upon fwbuilder, which looks promising. The webmin frontend to shorewall also sounds good (though I haven't looked at it). But, I really want to tell this guy here, install this and you can set up a bad ass firewall really easily. You can grock networks without knowing iptables syntax. But thanks for the suggestion. Actually sounds like the sort of thing I might use elsewhere. James. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] clicky clicky firewalls
quote who=James Gregory I suppose what I'm really looking for is something like Raptor Firewall. I stumbled upon fwbuilder, which looks promising. How about: - Red Hat's simple firewall admin tool - Firestarter (or a KDE equivalent) - Jeff -- http://www.xach.com/debian-users-are-beatniks.html -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] clicky clicky firewalls
On 10/02/2003 7:18 AM +1100 James Gregory wrote: Perhaps I should qualify this. I agree that you need to be very competent to build a good firewall. However, GUIs can work really well for assembling them. I suppose what I'm really looking for is something like Raptor Firewall. I stumbled upon fwbuilder, which looks promising. The webmin frontend to shorewall also sounds good (though I haven't looked at it). But, I really want to tell this guy here, install this and you can set up a bad ass firewall really easily. You can grock networks without knowing iptables syntax. But thanks for the suggestion. Actually sounds like the sort of thing I might use elsewhere. There's also www.shorewall.net. By default it's not clicky clicky but I beleive there is a webmin module for it. This is good because you could not only edit the rules via Webmin, but you could also edit the rules by editing the shorewall configuration files. HTH, Gonz. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
Re: [SLUG] clicky clicky firewalls
This one time, at band camp, James Gregory wrote: Annnyway, I'm looking for something I can suggest to him which will setup a good iptables firewall and is clicky. Can be a firewall app that runs on another distro or a complete distro, I don't really mind. fwbuilder is a clicky thingy, it sorta kinda looks like Checkpoint, and it either generates a shell script to run on the firewall to set it up, or it can upload the firewall configuration to a daemon running on the firewall. (Last time I used it, though, the shell script gvenerated was buggy and needed some manual hacking to get it to load some of the extra iptables modules before trying to use those features.) I now use filtergen for my firewall building (http://hairy.beasts.org/fk) but that's hardly a clicky thing so it won't help you. -- [EMAIL PROTECTED] http://spacepants.org/jaq.gpg -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug