Christian Vieser wrote: > Shorewall Geek wrote: > >> The output of 'shorewall dump' tells you everything you ever need >> to know about your Shorewall configuration. Of course, you have to >> understand IP networking, Linux Networking and Netfilter in order to >> interpret the output. > > > And this is the point. Not all employees are at the same high skill > level.
But your goal should be to get them to that skill level, right? > So there is > the wish to have a little command line tool (perhaps it could even be > embedded in an > apache service), where you put in a host name or ip address, and you get > out a > compact listing of allowed connections to/from this host. > > I don't think that it's very much work to write such a tool. I disagree. If you try to account for policy routing (multi-ISP), packet marking, NAT, Proxy ARP, ... the tool will be quite complex. ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
