So after using Shorewall for years, I've been taking my first foray into real router devices by playing with a MikroTik Routerboard 750. Nice little unit, 400MHz Mips CPU, 32MB RAM, 64MB flash.
I'm trying to wrap my head around writing actual router/firewall rules now, and it's quite interesting. The layout is similar to iptables (RouterOS is, after all, built on top of Linux), but I still have to convert all my existing proxy arp, firewall rules, and zone configurations to RouterOS commands and configuration. Which led me to wonder: Is the shorewall compiler output "pluggable," or at least self-contained as to be easily replaceable? I was thinking along the lines of the rules and config being parsed into a firewall-agnostic datastructure, then I could take that data structure and write out rules in the RouterOS dialect. Any chance of that? j -- Joshua Kugler Part-Time System Admin/Programmer http://www.eeinternet.com PGP Key: http://pgp.mit.edu/ ID 0x14EA086E ------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
