[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

iptables "frontend" on FC



Hi!

As we stand now, FC doesn't have a firewall configuration tool worthy of that name. There is system-config-securitylevel which is fine for a workstation or desktop machine, but for a server or gateway box there is no way to build a good firewall short of diving into iptables directly.

There are a bunch of iptables frontends (GUI or otherwise) out there, but I would rather have something more high-level. So, my preference would go to something I have been using in my home gateway, and some servers at work, for some time now. That something is FireHOL (http://firehol.sourceforge.net).

I think this would be a nice addition fo FC because is is not only a simple iptables frontend. It is a language to describe firewalls, which generates them using iptables rules. It is very straigthforward and powerful. The config script even accepts the use of bash constructs - FireHOL is itself bash based - which makes it a tool which "makes simple things simple and hard things possible".

I'm not the author of FireHOL, so this isn't gratuitous publicity. It's just a great tool (which successfully passed my "first hours excitement") that would make a good addition to FC (and it's small, so no problems there).

What do you people thing about this: good, bad, alternatives?

Carlos Rodrigues


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]