[CentOS] iptables default configuration

Ron Loftin reloftin at twcny.rr.com
Tue Jan 19 20:47:42 UTC 2010


On Tue, 2010-01-19 at 14:32 -0600, Carlos Santana wrote:
> On Tue, Jan 19, 2010 at 1:31 PM, Kai Schaetzl <maillists at conactive.com> wrote:
> > Carlos Santana wrote on Tue, 19 Jan 2010 08:51:19 -0600:
> >
> >> 'But it's harder to maintain as a
> >> script of your own.'. You are also using script, right?
> >
> > The "as" is ambiguous in this case ;-) Read:
> > But it's (adding on the fly, no script) harder to maintain as if you use a
> > script of your own.
> >
> > Kai
> >
> 
> Thanks for clarifying... :)
> 
> -
> CS.
> 
> >

If you're concerned about maintaining a script for your iptables
configuration, consider the Shoreline firewall ( www.shorewall.net ) to
manage your firewall.

The things I like about Shorewall is that it uses human-readable config
files, AND it generates iptables chains that are much more
comprehensible than the other stuff that I've seen.

Naturally, this is just my $0.02 (US) worth.

-- 
Ron Loftin                      reloftin at twcny.rr.com

"God, root, what is difference ?"       Piter from UserFriendly



More information about the CentOS mailing list