[CentOS] Firewall frustration

Robert Moskowitz rgm at htt-consult.com
Mon Dec 31 12:58:43 UTC 2007


Matt Shields wrote:
> On Dec 31, 2007 12:13 AM, Robert Moskowitz <rgm at htt-consult.com> wrote:
>   
>> Well FWbuilder is NOT easy.  The documentation does not match the
>> current GUI.  Now the box is locked up.  I will have to pull it again,
>> hook it up to a kybd/VGA and reset iptables....
>>
>> Maybe Shoreline with webmin....
>>
>> Problem is I want a REAL router/firewall with little work.  Both public
>> and private nets have routable addresses.  No NATing for me!  I just
>> help write the RFC ;)  And all the templates for fwbuilder want you to
>> be using NATing.
>>
>> Perhaps I should just set up another Astaro firewall.  I have been using
>> Astaro since v3, so I am comfortable with it....
>>
>>     
>
> If you've ever used a Checkpoint firewall, FWBuilder is exactly like
> that interface.  It even comes with a module that will let you modify
> Checkpoint firewalls.
I noticed the later, also a PIX module. No I have not personally needed 
that costly of a firewall.

Full discloser time. My day job is with ICSAlabs. My area is security 
protocols research (like setttin up the initial IPsec certification 
criteria), but when I visit the labs there are all those firewall 
products up and running.... So, yeah, I know checkpoint. I talk with the 
gang over in the labs about 'simple' firewalls, but there are only 
certain things the boss funds here. So then I have to go cheap.





More information about the CentOS mailing list