> -----Original Message-----
> From: Eli Billauer [mailto:[EMAIL PROTECTED]
[snip]
> Problem: Setting up (static) routing tables and/or firewall rules is
> rather counterintuitive (at least to me). I find it rather
> uncomfortable
> to read the routing table, and when it comes to firewall rules, it's
> evidently difficult to grasp from a long list of rules, whether the
> firewall indeed stops what it should stop.
Solution: Use the distribution's configuration files for interfaces, ans shorewall
(www.shorewall.net) for firewall rules. It simplifies thing to great extents.
> Suggested solution: Instead of defining a set of sequential rules,
> create a configuration file, which would look something like (syntax
> like I just felt for):
>
> group local-net { net=10.0.0.0/8, if=eth0 }
> group hostile { net=0.0.0.0/0, if = ppp0}
Shorewall syntax is not very different from this.
> 2. Write a GUI application, which allows a graphical depiction of the
> network structure and its rules. This application will create the
> configuration file.
Now this could be very nice. I've yet to find the coherent, consistant GUI that could
configure Shorewall and the network.
-- Arik
**********************************************************************
This email and attachments have been scanned for
potential proprietary or sensitive information leakage.
PortAuthority(TM) Server
Keeping Information Inside
Vidius, Inc.
www.vidius.com
**********************************************************************
================================================================To unsubscribe, send
mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
