[CentOS] Iptables front-end

Wed Nov 29 17:25:37 UTC 2006
Jordi Espasa Clofent <jordi.listas at multivia.com>

Aleksandar Milivojevic escribió:
> There's this system-config-security-level GUI application that is part
> of distribution.  However it provides only very very very basic
> functionality.  You can only specify ports to open (and than all
> traffic on those ports is allowed, both incomming and forwarded), and
> select trusted interfaces (all traffic comming from them is allowed). 
> It doesn't even support NAT (AFAIK).  For very simple firewall it may
> suffice.
>
> There are much better 3rd party GUI interfaces, ranging from simple
> (for managing single firewall), to medium (managing multiple
> firewalls, but each separately) to complex (for managing multiple
> firewalls (and everything else security related) by using high level
> abstractions).  Some I can think of, in no particular order would be:
>
>  - fwbuilder: http://www.fwbuilder.org/
>  - firestarter: http://www.fs-security.com/
>  - integrated secure communications system: http://iscs.sourceforge.net/
Yes. I already know the firt and the second. The third is new for me;
I'll look into.
>
> And of course, if you are not affraid of command line, you can always
> use firewall editors such as ed, vi, emacs or any other fine tool
> available out there (there's too many to choose from).
I totally agree with you. Before to use the friendly front-ends I
learned about it with the classic way: man pages+shell editor (vi
especially)
>
> I'm sure folks on the list will have many many more suggestions.
Of course! All will be welcomed!

-- 
Jordi Espasa Clofent

PGP id 0xC5ABA76A #http://pgp.mit.edu/
FSF Associate Member id 4281 #http://www.fsf.org/



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 254 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20061129/30e37f85/attachment-0005.sig>