Idea for Slackware 14.0 - Easy Firewall Generator (clone of AlienBob's)
SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
You make a good point about where to start stuff from, but there's always the argument that could be made, "Even a foundation needs a first stone to be placed."
Providing a basic entry level to a system such as a sample, documentation, a generalized HOWTO, and links to advanced documents is better than nothing at all. As far as what is Universal, yes for advanced users universe does not apply. Universal is more or less basically what are the standard network applications, ports, and routing tables that would apply to a standard average user PC... more or less something like AlienBOB's EFG default configuration, give or take.
In my case, I use NAT tables, some custom port forwarding configurations, block off everything else inbound that isn't from applications installed or in use, redirect some outbound stuff to a loopback, and fairly much keep a log of activities that attempt to circumvent the security I have in place. Is it optimal for me? Yes. For anyone else would it work? Maybe not.
As far as documentation, the basics should cover just that, the basics. If you need advanced stuff, then you have to go online, and you're on your own from there.
The other option is... include a offline HTML webpage of AlienBOB's EFG on the disk under /extras or even /unsupported that anyone can access, run, and setup if they so choose to.
Again remember this topic is just a discussion and nothing concrete. But ideas always are good to toss around about things and such.
The following HOWTOs which are included describe the old and no longer functional ways :-
Bridge+Firewall (replaced already by Ethernet-Bridge-netfilter-HOWTO)
Firewall-HOWTO
IP-Masquerade-HOWTO
IPCHAINS-HOWTO
IPMasquerading+Napster
Masquerading-Simple-HOWTO
Currently if a new user goes reading /usr/doc/Linux-HOWTOs they will not be able to learn how to use the firewall features that Slackware currently offers (iptables) but will learn about ipchains and ipfwadm (gasp)
So if we really want to help new users then how about we get the documentation up to date first?
Currently if a new user goes reading /usr/doc/Linux-HOWTOs they will not be able to learn how to use the firewall features that Slackware currently offers (iptables) but will learn about ipchains and ipfwadm (gasp)
So if we really want to help new users then how about we get the documentation up to date first?
Yes, that would definitely help.
However, I think using iptables on the command line is a bit too complicated for new users, and is unnecessary in most cases. You either start with a script like EFG and comment out or in stuff, or you use firewall builder. Does anyone here actually build a firewall script from scratch by writing out iptables commands ? If you do, then you are a hardcore user, cuz I don't. I just use the EFG and comment stuff in or out. I will probably switch to firewall builder sometime ... or maybe not because the EFG works well. One benefit of firewall builder is that you can push iptables rules to your router as well.
[*]Because including a firewall generator as part of the standard Slackware install is inviting n00bs to fire off bug reports to LQ saying that their slackboxware macheen is broaken.
Well, I was with you until this unbelievably condescending statement. So noobs are illiterate idiots, is that it? Perhaps you would be interested to learn that I have an IQ in the 150s, hold more than one advanced degree, am a pretty darn good speller, AND I just started using Slackware.
Everyone in this forum was once a new user at some point. Please do not be a jerk about it.
Well, I was with you until this unbelievably condescending statement. So noobs are illiterate idiots, is that it? Perhaps you would be interested to learn that I have an IQ in the 150s, hold more than one advanced degree, am a pretty darn good speller, AND I just started using Slackware.
Everyone in this forum was once a new user at some point. Please do not be a jerk about it.
I agree, especially using the word n00b.
For sure it is unlikely that any firewall script will be included in the installer for fear of mass upheaval. However, as I said before, maybe the EFG should be included somewhere, but disabled by default, or firewall builder (it's already a slackbuild).
Well, I was with you until this unbelievably condescending statement. So noobs are illiterate idiots, is that it? Perhaps you would be interested to learn that I have an IQ in the 150s, hold more than one advanced degree, am a pretty darn good speller, AND I just started using Slackware.
Everyone in this forum was once a new user at some point. Please do not be a jerk about it.
Agreed. That is unnecessarily harsh. We like to welcome new Slackware users to the official Slackware forum. Glad to hear you're enjoying Slackware.
Agreed. That is unnecessarily harsh. We like to welcome new Slackware users to the official Slackware forum. Glad to hear you're enjoying Slackware.
Thank you. I love this forum, and have always been encouraged by the number of people here who are willing to help. As for Slackware, I took it on as a learning exercise and it has not let me down. I'm sure I'll have fun using it for years to come!
Noob = useless idiot trash, trollish idiot moron, and scum of the internet.
Newbie (Newb) = Novice, beginner, apprentice, and someone without knowledge of advanced topics, methods, and procedures.
Yes calling new Slackware users "nOObs" is one thing that is very condescending not just to Slackware, but to the community, and the new people who need help. This topic was a topic designed to bring about talks of change to help new users, not hinder them, belittle them, or think they can't learn.
I do not see what the big fuss is all about. Could a rc.firewall generator, similar to AlienBob's be added to Slackware? If "yes" -- great, it will make things easier for some people, if "no" -- the Easy Firewall Generator is still there, so no big deal.
That's it.
may I share my humble opinion?
I use my Slackware boxes as desktop computers -- one at home is for multimedia, the other is mainly for testing my slackbuild scripts and the machine at work if for.. eh.. work, which often includes bioinformatics. Please, don't shred me to pieces for saying this, but learning iptables is something that I simply do not want to do. I am neither a computer specialist nor a computer geek. Therefore, a user like me will be happy if provided with a basic firewall script out of the box.
Noob = useless idiot trash, trollish idiot moron, and scum of the internet.
Newbie (Newb) = Novice, beginner, apprentice, and someone without knowledge of advanced topics, methods, and procedures.
Actually the term newbie ( and it's many derivatives ) originated with the American GI in Vietnam. It was used to refer to a soldier who had just arrived in country and needed everyone's help just to survive. It was not derogatory in any way.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.