LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (https://www.linuxquestions.org/questions/slackware-14/)
-   -   iptables configuration poll (https://www.linuxquestions.org/questions/slackware-14/iptables-configuration-poll-530208/)

pbhj 02-18-2007 04:19 PM

iptables configuration poll
 
How have you configured iptables on your system[s]; that is what did you use to write your current iptables rules (eg to put in rc.firewall). Self written scripts are "some other script".

Easy Firewall Generator (efg) http://freshmeat.net/projects/easyfwgen/
(or a derivative like Alien Bob's http://www.slackware.com/~alien/efg/, post link please)
Firestarter http://www.fs-security.com/
KMyFirewall http://extragear.kde.org/apps/kmyfirewall/ (also on sf.net)
fwbuilder http://www.fwbuilder.org/
Guarddog http://www.simonzone.com/software/guarddog/
Script from an LQ forum post (link please)
Some other script (link please) or GUI
Don't use iptables

---

I originally used nothing. Then I used guarddog which was great until I had to do NAT/ICS and wanted to have a single app in which to configure it; also it was getting a bit long in the tooth and I thought it might be abandoned so I went looking. So I tried fwbuilder and efg. Then I tried KMyFirewall as things weren't working and I didn't know where.

Then I came across firestarter and liked the traffic notifications that it gives, but haven't settled with it yet (not installed it fully).

I can only assume that the likes of Ubuntu, FC and Mandriva have their own scripts as I can't really find the "industry" leader in user configurable firewall builders ( I think I must be missing something big here) ... I thought a post might be illuminating. This is also something that gets a lot of questions.

I could have posted in the Security forum, but I'm interested in what other Slackers use. Please feel free to "check" the box of all those in current use and maybe tell us your preference in a post.

pdw_hu 02-18-2007 04:58 PM

You should've included: "By hand/manpages" :)

Edit: nvm, i didn't read the whole post throughoutly.

pbhj 02-18-2007 05:07 PM

Quote:

Originally Posted by pdw_hu
You should've included: "By hand/manpages"

Yeah options are hard to choose and I was trying to keep poll text short - other self-helpers might like to say if they just used man pages or if they based it on a generated script or post, etc..

H_TeXMeX_H 02-18-2007 05:44 PM

Yeah, by hand or not at all :D

Eternal_Newbie 02-18-2007 06:01 PM

Generated with Alien Bobs scripts then slightly tuned by hand. I have also used guarddog and the iptables generator in Webmin, but this seems to work best.

sruckh 02-18-2007 06:43 PM

Shorewall
 
http://www.shorewall.net/

drumz 02-18-2007 07:08 PM

I use Guarddog. Seems pretty straight-forward to me.

////// 02-18-2007 08:19 PM

What I would suggest to every one is: use 50-100$ and buy second (used) computer and install some firewall distro to that box, for me that was a best way to learn about iptables.

I used to use this one: http://easyfwgen.morizot.net/gen/
Now I write my own rules.

gilead 02-18-2007 08:20 PM

I've always done mine manually - the info at http://iptables-tutorial.frozentux.n...-tutorial.html was useful and it seems to have been updated over the years...

alienux 02-18-2007 08:34 PM

I'm a long time Checkpoint user/administrator, so I found it to be a very comfortable interface using fwbuilder with iptables. I absolutely love it.

H_TeXMeX_H 02-18-2007 08:37 PM

Quote:

Originally Posted by gilead
I've always done mine manually - the info at http://iptables-tutorial.frozentux.n...-tutorial.html was useful and it seems to have been updated over the years...

Wow, that's very detailed. I guess I'll have to look into it sometime.

h1tman 02-18-2007 09:11 PM

i used guarddog, i really dont need anything to complex right now

rworkman 02-18-2007 09:15 PM

I've always done mine by hand - that's the Slackware way, right? ;-)

I wasn't aware of Oskar's tutorial when I was learning iptables, so I learned almost entirely from iptables(8) and Robert Zeigler's book "Linux Firewalls." If you like things in dead-tree format, I can wholeheartedly recommend purchasing that one. On the subject of the tutorial, it's wonderful - definitely worth a read. The box that hosts the tutorial has a few other things on it that cause it to get loaded quite often (this is based on a discussion with Oskar), so I've got it mirrored on my site (it's one of the "official" mirrors): http://iptables.rlworkman.net

I've also got a few sample "generic" scripts as well as my current configs posted in case anyone's interested:
http://rlworkman.net/conf/firewall/

H_TeXMeX_H 02-18-2007 11:04 PM

Quote:

Originally Posted by robw810
I've also got a few sample "generic" scripts as well as my current configs posted in case anyone's interested:
http://rlworkman.net/conf/firewall/

Thanks, that's very useful info :)

brashley46 02-18-2007 11:10 PM

I use XandrOS' native firewall; I know it's an IPTables tool but I don't know which one it is. It Just Works.


All times are GMT -5. The time now is 02:15 PM.