Aleksandar Milivojevic escribió: > There's this system-config-security-level GUI application that is part > of distribution. However it provides only very very very basic > functionality. You can only specify ports to open (and than all > traffic on those ports is allowed, both incomming and forwarded), and > select trusted interfaces (all traffic comming from them is allowed). > It doesn't even support NAT (AFAIK). For very simple firewall it may > suffice. > > There are much better 3rd party GUI interfaces, ranging from simple > (for managing single firewall), to medium (managing multiple > firewalls, but each separately) to complex (for managing multiple > firewalls (and everything else security related) by using high level > abstractions). Some I can think of, in no particular order would be: > > - fwbuilder: http://www.fwbuilder.org/ > - firestarter: http://www.fs-security.com/ > - integrated secure communications system: http://iscs.sourceforge.net/ Yes. I already know the firt and the second. The third is new for me; I'll look into. > > And of course, if you are not affraid of command line, you can always > use firewall editors such as ed, vi, emacs or any other fine tool > available out there (there's too many to choose from). I totally agree with you. Before to use the friendly front-ends I learned about it with the classic way: man pages+shell editor (vi especially) > > I'm sure folks on the list will have many many more suggestions. Of course! All will be welcomed! -- Jordi Espasa Clofent PGP id 0xC5ABA76A #http://pgp.mit.edu/ FSF Associate Member id 4281 #http://www.fsf.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 254 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20061129/30e37f85/attachment-0005.sig>