Shorewall (and Shorewall6) has been fantastic to me, as a multi-ISP
user. I'm deeply indebted to Tom for this fantastic tool, and all the
work he put into the documentation especially. Nothing else seems to
come close to ease-of-configuration and maintenance. I'm dreading the
day when Debian (or the kernel itself) moves iptables from deprecated to
discarded, and I know that nftables is the future, but I'm still yet
waiting for something that even comes close before I risk destablizing
everything my home system relies upon. Tom, if you're reading this, can
I ask - are you still running your own systems, and what you expect to
be shifting to yourself?
(Speaking as someone who started on ipfwadm, then ipchains).
On 2025-02-06 12:57, Phil Stracchino wrote:
On 2/6/25 10:28, Sam wrote:
I think the bigger issue is that Shorewall is more of an iptables
configuration tool. And iptables is now deprecated.
Then what is needed is perhaps a project to update shorewall to emit
the CURRENT flavor of Linux firewalling rules. (One that **does not**
depend on systemd.)
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
