On Sun, Oct 07, 2007 at 04:32:15PM -0400, Roberto C. S?nchez wrote: > On Fri, Oct 05, 2007 at 07:36:16PM -0700, Tom Eastep wrote: > > Tom Eastep wrote: > > > > > > Roberto > > > > > > This might be another point to make on your "Shorewall on Debian" > > > article on the Wiki. > > > > > > > Because I think that anyone who is serious about running a firewall > > (like the OP) believes that the Shorewall interpretation of "stop" is > > more appropriate. > > > I've added the note, but without taking sides :-)
I hadn't actually seen that article before. It's worth noting that since shorewall doesn't contain any library dependencies, you can usually grab the shorewall package from unstable and install it on a stable system without any trouble. That's what I do on all my complex firewalls, eliminating the problem of the old packages in stable. (The simple desktop-to-DSL NAT firewalls that go all over the place run quite happily with the stable packages. I think I even still have a couple still running shorewall 2.x, and they probably haven't even been rebooted since that was current - their function is so trivial that there's just no reason to bother upgrading them) Uncertain how this will work with shorewall-perl, I can't tell until Lorenzo gets around to packaging it. But I don't forsee any particular difficulties in doing the same thing. ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
