-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sunday 19 January 2003 06:12, Shawn Grover wrote: > So, is it safe to say then that ICS is suitable for most home network > situations? But not suitable for server hosting on a home network?
just did some more hunting and pecking through mandrake's firewall stuff this morning since i couldn't ssh from the firewall to my desktop (!). this time i decided to see what was underneat the GUI tools and discovered that while the GUI front end to is pretty basic, they're using shorewall for their firewalling which is a very capable system... it's got a nice, easy and very well documented set of config files in /etc/shorewall... fixing my problem amounted to adding: ACCEPT fw masq all - - to /etc/shorewall/rules (fw is the firewall, masq is the name of the internal network zone) and then restarting the shorewall service. shorewall has a ton of nice features (thanks largely to iptables) including NAT'ing to internal servers, zoning, blacklisting, traffic control and shaping, IPSEC tunnels, etc, etc.. the real plus is how easy it is to configure if you aren't afraid of a text editor =) more info at: http://www.shorewall.net/ - -- Aaron J. Seigo GPG Fingerprint: 8B8B 2209 0C6F 7C47 B1EA EE75 D6B7 2EB1 A7F1 DB43 "Everything should be made as simple as possible, but not simpler" - Albert Einstein -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE+LHsT1rcusafx20MRApnDAJ42r5WOlEZ8RVmQ/DHNcgEuFnbQvQCgmnsv +3Zxq0y3RB+41WX4zPnSU40= =vvnu -----END PGP SIGNATURE-----
