firewall + ipsec?
Paul Morgan
paul.morgan at jumanjihouse.com
Tue Sep 23 13:37:09 UTC 2003
On Tue, 2003-09-23 at 08:02, Neal D. Becker wrote:
> I need a firewall that will work with ipsec. It needs to pass protocols 50 +
> 51. I don't want to write all the rules by hand, I'd like to find a
> reasonable firewall setup script that I could just add a couple of lines to.
> Actually, a gui would be great.
>
> I have tried:
>
> redhat-config-securitylevel
> firestarter
> shorewall
Try a search at http://www.freshmeat.net on the keywords "firewall
ipsec". Then you can peruse the results to find something that hopefully
meets all of your needs and expectations.
You might also try
http://www.linuxsecurity.com/docs/LDP/VPN-Masquerade-HOWTO.html
if you need ipsec and masquerading.
>
> None seemed to do the job. Several could open ports, but only for tcp and
> udp, whereas I need other protocols (50 and 51).
Whatever protocol you're using will likely be based on either tcp or udp
if it goes over an ip network. Ports 50 and 51 are just doorways for
either tcp or udp or both that your protocol happens to use.
Perhaps it would be helpful to think of tcp and udp as transports
instead of protocols (which are implemented on top of either tcp or
udp). tcp is used for connection-oriented protocols, meaning that a
single connection is maintained for the entire conversation like a
telephone call. udp, on the other hand, is connection-less and could be
compared to sending postcards or telegrams back and forth in order to
carry on a conversation.
HTH,
paul
More information about the fedora-test-list
mailing list