[CentOS] [OT] Corporate Firewall
Kai Schaetzl
maillists at conactive.com
Thu Nov 10 14:31:44 UTC 2005
Neil Thompson wrote on Thu, 10 Nov 2005 09:49:25 +0200:
> If you use Shorewall (http://www.shorewall.net) there is a webmin gui module for
> administration.
The main problem with all these firewall builders or Open Source gateway
applications (shorewall, monowall, ipcop etc.) is that you can't switch off NAT and
have to use a DMZ for publically accessable machines. At least at the time when I
was evaluating them for my own needs. That's probably just fine for most people,
but if you need transparent public IP routing (as the OP said) you have to look
elsewhere (I did't find such a package and the only reasonably priced commercial
devices I found where the ones from Snapgear) or roll your iptables stuff manually.
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
IE-Center: http://ie5.de & http://msie.winware.org
More information about the CentOS
mailing list