Its not just easing the pain: I am not sure that someone who is not intimately familiar with iptables doing what amounts to a home brew is advisable. There's quite a number of ways to screw up and leave your system exposed. The way to minimise the risk is to start with a known, popular, opensource (i.e., many eyes) script that does the main things for you - and then *test* it from both inside and outside.
The time to fiddle with something as "critical" as this is when you know what you are doing. Many (most?) will be successful, but what about those who try and do everything right and fail ... BillK On Sat, 2005-08-27 at 09:11 -0400, Mark Shields wrote: > I know you mentioned easing the pain, but good old iptables worked for ... -- gentoo-user@gentoo.org mailing list