On Tue, 2010-01-19 at 14:32 -0600, Carlos Santana wrote:
On Tue, Jan 19, 2010 at 1:31 PM, Kai Schaetzl maillists@conactive.com wrote:
Carlos Santana wrote on Tue, 19 Jan 2010 08:51:19 -0600:
'But it's harder to maintain as a script of your own.'. You are also using script, right?
The "as" is ambiguous in this case ;-) Read: But it's (adding on the fly, no script) harder to maintain as if you use a script of your own.
Kai
Thanks for clarifying... :)
CS.
If you're concerned about maintaining a script for your iptables configuration, consider the Shoreline firewall ( www.shorewall.net ) to manage your firewall.
The things I like about Shorewall is that it uses human-readable config files, AND it generates iptables chains that are much more comprehensible than the other stuff that I've seen.
Naturally, this is just my $0.02 (US) worth.