Florian Philipp skrev:
> forgottenwizard schrieb:
>> On 00:24 Sun 05 Apr, gigli wrote:
>>> Hi
>>>
>>> I wonder if there is any easy firewall for gentoo. I tried ubuntu for a
>>> while and used their ufw, which was very simple.
>>>
>>> My needs:
>>>
>>> Block incoming traffic except for sshd and https (and sometimes
>>> bittorrent) and allow my lan to connect to my samba share, mythtv and
>>> mysql when i use openvpn or allways, which would be easyist. My box is
>>> usually protected by pfsense.
>>>
>>> I have a hard time to understand iptables and i have tried guarddog and
>>> kmyfirewall and others, didn't really like them. Something like ufw
>>> would be nice.
>>>
> [...]
>> As for software, you could look into Shorewall and see if that works for you.
>>
>
> I second that recommendation. Shorewall is a really great piece of
> software: a lot of functionality paired with a lot of documentation.
>
> It has got support for OpenVPN and macros for most common services
> (which makes it a matter of maybe a minute to add a rule for a new service).
>
> The only downside I see is that it compiles many rules which wouldn't be
> strictly necessary and therefore needs a lot of kernel modules to start
> (and it doesn't always give helpful error messages when it misses a module).
>
Thanks for the answers, i will give shorewall a new try and hope i'll
make better progress thsi time
