Firestarter to me was like using a ZoneAlarm type of windows firewall program. It was very super easy to configure but not very flexible. I could not figure out how to specify UDP vs TCP on rules. This seemed like a great program for your average run of the mill home/desktop user.
For a GUI I settled on Kmyfirewall as it was extraordinarily easy to configure and use once I learned the basics of how iptables worked. I also wrote a perl script to automatically block IP addresses of hosts that do brute force SSH attempts. The IP addresses are automatically unblocked after 1 day. Every time a change is made it sends out an email. This has really helped to keep my log files cleaner instead of seeing 500 failed login attempts in a 3 hour span from one IP address, then multiply that by 1-5 IP addresses per day. Note Kmyfirewall is very nice but is still considered beta and it shows but it is not broken in any way that I can tell, just the interface has a couple of small bugs AFAICT. On Thursday 22 December 2005 05:17 am, Gavin Seddon wrote: > It's alright for some. I eat lunch with a couple of dogs (canine). > Gavin > > On Wed, 2005-12-21 at 09:01 -0800, Steve Herber wrote: > > I would recommend you use Shorewall for an easy way to configure and > > manage you iptables based linux firewall. The documentation is > > excellent. Plus, I like to have lunch with the author. > > > > shorewall.net > > > > Steve Herber [EMAIL PROTECTED] work: 206-221-7262 > > Security Engineer, UW Medicine, IT Services home: 425-454-2399 > > > > On Wed, 21 Dec 2005, Gavin Seddon wrote: > > > Hi, > > > I have merged iptables. Will they start at boot and is there a link > > > for configuring on Gentoo? > > > Thanks. > > > -- > > > Dr Gavin Seddon > > > School of Pharmacy and Pharmaceutical Sciences > > > University of Manchester > > > Oxford Road, Manchester > > > M13 9PL, U.K. > > > > > > -- > > > [email protected] mailing list > > -- > Dr Gavin Seddon > School of Pharmacy and Pharmaceutical Sciences > University of Manchester > Oxford Road, Manchester > M13 9PL, U.K. -- [email protected] mailing list
