Re: Lockdown system by IP addresses
From: darkside (darksidex_at_charter.net)
Date: 07/21/04
- Next message: Harry Phillips: "Re: IPTables forwarding rule"
- Previous message: Black Adder: "Re: IPTables forwarding rule"
- In reply to: Harry Phillips: "Re: Lockdown system by IP addresses"
- Next in thread: Harry Phillips: "Re: Lockdown system by IP addresses"
- Reply: Harry Phillips: "Re: Lockdown system by IP addresses"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Wed, 21 Jul 2004 07:17:21 -0400
On Wed, 21 Jul 2004 14:17:08 +1000, Harry Phillips wrote:
> Take the time to learn a bit about IPTables, you will find the knowledge
> worth it when you want to do *really* funky things with your network
> traffic. The firewall script generators are always limited in what they
> can do, they can't be all things to all people. They have to make
> assumptions and those assumptions are what will limit it's flexibility.
Good advice, but for basic setups, pre-made scripts work. Indeed, they
can't be all things for all people, but they CAN be *most* things for
*most* people... adding IPs to /etc/firewall/conf/client_hosts and port
numbers to /etc/firewall/conf/client_services is much faster than man'ing
for how to make an IPTables rule work.
If something really funky must be done, then do it manually... otherwise,
why not recommend an easier solution? The right tools for the right job,
right?
-- darkside Homepage: http://webpages.charter.net/darksidex/index.html Email: darksidex at charter dot net
- Next message: Harry Phillips: "Re: IPTables forwarding rule"
- Previous message: Black Adder: "Re: IPTables forwarding rule"
- In reply to: Harry Phillips: "Re: Lockdown system by IP addresses"
- Next in thread: Harry Phillips: "Re: Lockdown system by IP addresses"
- Reply: Harry Phillips: "Re: Lockdown system by IP addresses"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
