On Tuesday 15 May 2007 20:18, Eduardo Ferreira wrote: > Steve wrote on 15/05/2007 16:12:17: > > Stay on 3.4 for production machines. I was reffering to the 'shorewall > > add' > > > command only. > > But what is not tested yet? I've followed your tests and, from what I > could remember, you've already tested zones, interfaces, hosts, policy, > rules, accounting, nat, masq, mac - and now dynamic zones. For my > configurations, It is almost all that I need. > > Thanks In Advance, > > > -- > Eduardo Ferreira > Icatu Holding S.A. > (21) 3804-8606
Edward Firstly sorry for getting your name wrong before. The testing that I have done so far has been very limited. I have been trying to brake shorewall by what ever means possible. With the exception of last weekend, I had not tried to construct any real firewall scenarios. Those that I had constructed were very simple, the type you might find in a domestic environment. I manually inspected the iptables rules and subjected just one configuration to a port scan. The PC that I used for the test, has just one NIC card which means that none of the configurations has been subject to any 'proper' testing in a live environment. Additionally, I have not tested VPN, tunnels, providers, or traffic shaping. I have no experience in using those features. In short, shorewall 3.9 needs considerably more testing before I would advise anybody to use it in a production environment. Steven. ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
