I've added a task for saving firewall configuration to a file or script. However, packet filtering and mangling is only one technique used in firewalls. This topic is completely ignoring application-layer proxies (e.g. Squid) as well as transport-layer proxies (SOCKS). Configuration of a transparent proxy might also be covered here. The Content Area should really be expanded to cover permeter firewalls in a more general way.
Even for a masquerading firewall, we might also want to cover some of the kernel variables, eg. sys.net.ip_v4.ip_forward, rp_filter, etc. as well as the use of conntrack and nat modules, e.g. for FTP. Best, --- Les Bell, RHCE, CISSP [http://www.lesbell.com.au] _______________________________________________ lpi-examdev mailing list [EMAIL PROTECTED] http://list.lpi.org/mailman/listinfo/lpi-examdev
