Shorewall IPtables Made Easy For Linux

[sweet_angel]

hi guys/girls...

I just installed Shorewall after weeks of messing with ipchains/iptables and running smoothly and I like it .

The Shoreline Firewall, more commonly known as "Shorewall", is a Netfilter (iptables) based firewall that can be used on a dedicated firewall system, a multi-function gateway/router/server or on a standalone GNU/Linux system

Shorewall Features

- Can be used in a wide range of router/firewall/gateway applications.

Completely customizable using configuration files.
No limit on the number of network interfaces.
Allows you to partitions the network into zones and gives you complete control over the connections permitted between each pair of zones.
Multiple interfaces per zone and multiple zones per interface permitted.
Supports nested and overlapping zones.
- A QuickStart Guide to help get your first firewall up and running quickly
- Extensive documentation
- Flexible address management/routing support (and you can use all types in the same firewall):

Masquerading/SNAT
Port Forwarding (DNAT).
Static NAT.
Proxy ARP.
Simple host/subnet Routing
- Blacklisting of individual IP addresses and subnetworks is supported.
- Operational support:

Commands to start, stop and clear the firewall
Supports status monitoring with an audible alarm when an "interesting" packet is detected.
Wide variety of informational commands.
- VPN Support

IPSEC, GRE and IPIP Tunnels.
PPTP clients and Servers.
- Support for Traffic Control/Shaping integration.
- Wide support for different GNU/Linux Distributions.

RPM and Debian packages available.
Includes automated install, upgrade, fallback and uninstall facilities for users who can't use or choose not to use the RPM or Debian packages.
Compatible with 2.4-kernel based versions of LEAF.
Quotes from Users

This is good if you guys wanna try alternative of IPtables(bit easier to set up...)

Check out this link http://www.shorewall.net/

[SoggyBottom]

Nice find. Hope I get some time at some stage to have a play around with it.

[sweet_angel]

Upps..Sorry ...I forgot to posted second alternative IPtables firewall..this one easier to set up too
[quote] One such tool is gShield which can be downloaded from http://muse.linuxmafia.org. gShield has support for both ipchains and iptables. If you're using ipchains you'll need to download one of the older packages as the current package for gShield uses iptables. Configuration is as easy and answering YES or NO in a text file. A graphical configurator for gShield also exists and is available at the website.[ /quote]

gShield is an iptables firewall for use with the 2.4.x series of the Linux kernel. It is easily configured through a single, well commented configuration file. If your needs are more minimal, see levy, a iptables ruleset generator.

check out their link http://muse.linuxmafia.org/gshield.html

cheerss