[CentOS] [OT] Corporate Firewall
Adam Gibson
agibson at ptm.com
Thu Nov 10 23:40:24 UTC 2005
Kai Schaetzl wrote:
> Neil Thompson wrote on Thu, 10 Nov 2005 09:49:25 +0200:
>
>
>>If you use Shorewall (http://www.shorewall.net) there is a webmin gui module for
>>administration.
>
>
> The main problem with all these firewall builders or Open Source gateway
> applications (shorewall, monowall, ipcop etc.) is that you can't switch off NAT and
> have to use a DMZ for publically accessable machines. At least at the time when I
> was evaluating them for my own needs. That's probably just fine for most people,
> but if you need transparent public IP routing (as the OP said) you have to look
> elsewhere (I did't find such a package and the only reasonably priced commercial
> devices I found where the ones from Snapgear) or roll your iptables stuff manually.
>
M0n0wall is a freebsd based system but it does support a public IP
DMZ/Service interface. You have to enable advanced NATing. Remote
updating of the firmware/software is a big plus too.
> Kai
>
More information about the CentOS
mailing list