Firewalls for Linux

***lumpyporridge*** · June 15th, 2004, 08:06 AM

Originally posted here by madjag291
i love you both but why go with software unless ure pretty much on dial up which is rare these days.... most, pretty sure all, routers come with a firewall in them that u can figure to the upmost extent.. i dont know whyd youd want to waste ur precious resources or whatever htey are in linux on a software firewall..??

as for any that i know of.. i know 0, i played with the rh9 firewall for bou 1 hour and gave up =P

I have found routers (home ones anyways) make filesharing crappy and slowwwww.

I never bothered with firewall for slackware, no point unless on a network with other boxes and then you should have a hardware firewall anyways. Anyhoo , isn't IPFW available for linux? Its syntax is a million times easier to use than iptables.

***the_JinX*** · June 15th, 2004, 08:10 AM

I use iptables too

used to write them in /etc/rc.d/rc.local but now append it to /etc/rc.d/rc.ip_forward

Working on a new script for my firewall at home, will feature some of iptabels lesser known functions like the tarpit from the patch-o-matic extra's http://www.netfilter.org/patch-o-matic/pom-extra.html
http://www.securityfocus.com/infocus/1723

I prefer not to use a GUI to configure

**KeyserSoze** · June 15th, 2004, 01:57 PM

I have always used shorewall . It came with my first distro (mandrake) and learning IPtables has been on the backburner. Shorewall is easy to configure IPtables script; it can sit on a gateway box or a standalone, whatever your want. It accomodates most if not all the features of IPtables.

***MicroBurn*** · June 15th, 2004, 04:19 PM

I really like FW-Jay for setting up IPTables. It's really easy, has many options, isn't a large program, and can be run directly from the terminal.

http://firewall-jay.sourceforge.net/

It's got alot of great features, like port forwarding if needed, an ad blocking option (blocks IPs of servers ads are on), very easy to configure and easy to use.

MB

**madjag291** · June 15th, 2004, 04:39 PM

Originally posted here by lumpyporridge
I have found routers (home ones anyways) make filesharing crappy and slowwwww.

That's why you don't get a home router when you plan on doing massive sharing and etc, you get a industrial router with better capabilities..

**!mitationRust** · June 15th, 2004, 06:16 PM

Different firewalls, like different operating systems offer different architectures and functionalities and levels of assurance.

If you are looking for a firewall that can verify the actual content of the data iptables is utterly worthless as it lacks this functionality.

Commander Data

http://www.antionline.com/showthread...hreadid=245733

FWTK on Linux

Code:

ftp://ftp.tis.com/pub/firewalls/toolkit/fwtk-v1.3.tar.Z

http://www.linuxjournal.com/article.php?sid=1204
http://www.pauck.de/marco/misc/fwtk_on_linux.html

"Useful Linux resources include the Linux NET-2 HOWTO, the Linux Firewall HOWTO, the Linux Multiple Ethernet mini-HOWTO, and the Linux Kernel HOWTO. All of these are available on sunsite.unc.edu, tsx-11.mit.edu, and their mirrors."

Several excellent books on firewalls are:

Firewalls and Internet Security. Cheswick & Bellovin, Addison Wesley.
Building Internet Firewalls. Chapman & Zwicky, O'Reilly & Associates.
Internet Firewalls and Network Security. Siyan & Hare, New Riders Publishing.

**SexyBadGirl** · June 15th, 2004, 10:43 PM

Originally posted here by lumpyporridge
I have found routers (home ones anyways) make filesharing crappy and slowwwww.

I never bothered with firewall for slackware, no point unless on a network with other boxes and then you should have a hardware firewall anyways. Anyhoo , isn't IPFW available for linux? Its syntax is a million times easier to use than iptables.

No point in having a firewall for slackware, unless you're on a neetwork with other boxes? Uhm ... Do you know what the inter[net] is?

***lumpyporridge*** · June 16th, 2004, 12:18 AM

Originally posted here by SexyBadGirl
No point in having a firewall for slackware, unless you're on a neetwork with other boxes? Uhm ... Do you know what the inter[net] is?

Qualify your statement, your a smart guy. Prove me wrong with info instead of half assed comments I expect better from you than just cheap vitriol. Wtf is someone gonna do to a home box with no services exposed and nothing to exploit?

***lumpyporridge*** · June 17th, 2004, 07:52 PM

After rereading , i will clarify although the intention was quite obvious was it not?
"no point unless on your home network with other boxes and then you should have a hardware firewall anyways if connected to the internet. "

And ignore the above post as i had misinterpeted quad/sbgs statement due to not realizing mine was not obvious enough for him/her.

**!mitationRust** · June 18th, 2004, 12:13 AM

Originally posted here by lumpyporridge
After rereading , i will clarify although the intention was quite obvious was it not?
"no point unless on your home network with other boxes and then you should have a hardware firewall anyways if connected to the internet. "

And ignore the above post as i had misinterpeted quad/sbgs statement due to not realizing mine was not obvious enough for him/her.

Sir "Hardware Firewall" & "Physical Firewall" are incorrect terminology, the proper term is "Dedicated Firewall".

Commander Data

just messing with ya....

Thread: Firewalls for Linux

Thread Tools

Display

Posting Permissions