On Sat, 2003-12-13 at 22:39, Bryan Phinney wrote: > On Saturday 13 December 2003 10:00 pm, Carren Stuart wrote: > > > What do you people all use/prefer for a firewall to run with Mandrake? > > Well, I use iptables and have a custom written bash script to update the > firewall with ip ranges that I want to block. Not particularly newbie > friendly, but it gives me maximum control over the firewall. > > > I am not overly impressed with the inbuilt firewall configuration ... > > so far I have had to disable it completely to get GAIM or my mail to > > work. > > Firewalls are not the most newbie friendly technology to work with. If you > have a broadband connection, you really should invest in a hardware > router/firewall, there is really no substitute for that.
I have to disagree here, since I was able to install 9.2 on a firewall box with 2 nics, then use Drakconf to share the connection. The firewall box is minimal hardware, 200 mhz Pentium I MMX with 80 megs of memory; not costly at all. All this depends on the intentions of the newbie; which is whether they are going for a functional installation to "do stuff" on the internet with or whether they are in this for the learning process. Most newbies are here to learn, and attack a learning curve, not run from it. If they are in it for the greater understanding of what is going on underneath, which alot of newbies are, then the ideal route to go is a Mandrake firewall running 9.2, with internet connection sharing enabled which btw automatically enables Shorewall, which is of course a firewall. Even at it's basic configuration, Shorewall is much better than a hardware router. Hardware routers are generally for Mac users or non-tech types. That's fine, but if you are looking for knowledge, a router appliance is not going to get you there; in fact I recommend against it. Having said all that, to avoid standard newbie frustrations when you are implementing a solution for learning purposes, it is best to let Mandrake install programs set up internet connection sharing using two nics in the firewall; one for the local lan and the other for connection to DSL. Packet filtering/mangling can then occur between the two nics inside the firewall box. When internet connection sharing is set up (using Drakconf), Shorewall is automatically installed/activated. The newbie should then back up his /etc directory before he messes around with Drakconf any more; then he should start examining the Shorewall config files in /etc/shorewall. This will give a better understanding of a default firewall setup, from which they can begin making changes. LX -- ����������������������������������������������� Linux Mandrake 9.1 Kernel 2.4.21-0.13mdk "Lets face it if winblowz wasn't full of holes then it would probably look like Linux" -- Aron Smith, Mandrake OT mailing list *Catch Star Trek Enterprise, Wednesdays on UPN* ������������������������������������������������
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
