Hello. And thank you for reading.

I've been going crazy trying to find a distro that is visually pleasing to me, but also is simple to configure. I've been through Bodhi, mageia, kde, debian, etc. They're all pretty but I don't like how the iptables have to be configured. Their iptables file is encrypted or coded weirdly.

Centos and manjaro "next" have iptables that I can vi into and easily configure. The problem is centos is amazing but looks very boring. And I don't like arch pacman package system (of Manjaro).

Is there a distro out there for me? Or should I configure iptables?
Or... should I just deal with it?

I'm just worried that if I settle with one of these, that down the road I'll find other things that can't be configured so easily as well.

Gufw is a simple, straightforward front-end for configuring iptables. It should be in the repos of any distro you've named. Some distros include a GUI tool for configuring iptables in the control center. I know that Mageia does, because I just looked.

Normally, iptables is not encrypted, but it does have its own syntax. This is a pretty good introduction to it.

You can view your iptables rules by entering

as root in a terminal.

One of those things is unl|e the others. DE s a GU the others are dstros. Bodhi is enlightenment-focussed as it's raison d'etre, but something like Debian could be configured to use almost any GUI.

Encrypted I haven't heard of - it is possible I suppose and ultimately there may be a security argument of some kind for it but it isn't common. There is a scheme that I can't remember the name of currently that uses some 'simpler' intermediate language which then produces iptables rules...and that might be easer to recommend if the intermediate language were more clearly 'simpler', so you might as well learn iptables (At least that's how I see it).

Well the choice between a distro that you fix the appearance of, and a distro that you fix iptables on is a close one; something like kde or Gnome it is easy to alter the appearance of a distro. But, 'altering' isn't the same as 'getting how you would like it' necessarily.

@frankbell
That is a pretty good intro; not accurate in every technical detail, but a good overview for the neophyte. If you wanted more information, then this has a lot more of that. 'iptables -L', I don't really like, though. It omits some critical info, and 'iptables -S' is clearer. If you run a bash script to generate your iptables ruleset, the bash script is usually the clearest.

Indeed one shouldn't use 'iptables -L;' to review currently used rule sets, however 'iptables -S' isn't that much better (though it avoids resolving IP addresses and ports which performance-wise is one step forward) as it defaults to listing only the "filter" table unless you explicitly use "-t". Unfortunately it doesn't like multiple "-t" (and even then you'd have to know which tables are in use) so while you could one-liner around that with 'cat /proc/net/ip_tables_names|xargs -iX /sbin/iptables -t 'X' -S;' I'd say 'iptables-save;' still is the single most efficient way to list rule sets in use.