-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/18/2013 11:12 PM, Pandu Poluan wrote: > > On Feb 19, 2013 9:10 AM, "Michael Mol" <[email protected] > <mailto:[email protected]>> wrote: >> >> On Feb 18, 2013 8:35 PM, "Tamer Higazi" <[email protected] > <mailto:[email protected]>> wrote: >>> >>> hi people! I have used all the time "firehol" (gentoo sources >>> 3.3.8) to make my firewall rules. After kernel 3.4.x I can't >>> make use of it any more. >>> >>> Has anyone of you got firehol running on a genoo system with a >>> 3.4.x kernel above to run? And if not, can you adivse me >>> something similiar to build linux firewall rules ?! >>> >>> For a short reply I would thank you. >>> >>> >>> >>> Tamer >>> >> >> I use a fork of firehol, based on Phil Whineray's IPv6 >> patches...but > on Debian. I'll see about getting it working on Gentoo, and let > you know. Perhaps I can get it (or Phil's version) into the tree. > > Pah! Real Men™ hack iptables rules directly with their hands, not > using baby walkers... > > LOL, just kidding. What's the firehol fork's name in Debian? I'm > interested to see how it looks like now... > > (About 4 years ago, these tools are so dismal I created one > myself, failed miserably, and just code the rules up by hand.) > > Rgds, -- >
It's not in Debian, technically... https://github.com/philwhineray/firehol-fork Incidentally, firehol upstream isn't maintained any more. (Or wasn't when Phil needed IPv6 support.) Also, firewall packages which don't *explicitly* support IPv6 will not protect you from attackers using IPv6; iptables and ip6tables are two separate commands. (One nice thing about Phil's fork is that it defaults to applying policies to both IPv4 and IPv6 where possible.) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJRI6kOAAoJED5TcEBdxYwQdEkH/iwL6EqMDRpMxVqUgLwvTBzM EE37/gA9xVItXFwgBi12Htva31FavRT5TCzoCNaMs/vU9s93+sx9YZRP2j1Z9dq5 bFrf2IBLGQzCmKu55ysxXp9D6ZAX9bULHteEvZDIgrkp8geCGjrBBwjuXX7bQ4RN 9TFwTIGfboUxYnJa4QTP7+diY/RET53oKBu69YCsHZbqDCJEa94mYuMdvoezob/G L2HaX5VN5ABkmey2ZSc1nXmdTS7DxsTUI97VbxxWNl7B54gLzpMLl5h+iyYvHkhd 411fzyqz2WtjwwAa82cqQTfl7PMInpeZjLHHaKCFC9cVF+pagAdBtX3AfHUqXYI= =Bph0 -----END PGP SIGNATURE-----
