Jeff Waugh wrote:
<quote who="O Plameras">
David Kempe wrote:
If you want a good firewall, use shorewall. and have it do it for you
How will shorewall solved this particular problem when he is missing this
functionality ? "echo 1 > /proc/sys/net/ipv4/ip_forward"
One of the things "shorewall" does is to enable "ip forwarding" ?
Yes, it's essentially a firewall construction kit, and makes deployment and
configuration of firewalls and modular rules quite simple.
And "shorewall" is such a user-friendly kit that anyone using it is not
required to know
how to "iptables". It is even made simpler with the current release
because a user simply
use "SMTP/REJECT" to block SMTP packets or "SMTP/ACCEPT" to permit SMTP
packets. Of course what one needs is know to RTFM and understand what's
meant in it.
There are samples of how to construct these MACROS in "shorewall"
documentations.
O Plameras
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html