Matt Shields wrote: > On Dec 31, 2007 12:13 AM, Robert Moskowitz <rgm at htt-consult.com> wrote: > >> Well FWbuilder is NOT easy. The documentation does not match the >> current GUI. Now the box is locked up. I will have to pull it again, >> hook it up to a kybd/VGA and reset iptables.... >> >> Maybe Shoreline with webmin.... >> >> Problem is I want a REAL router/firewall with little work. Both public >> and private nets have routable addresses. No NATing for me! I just >> help write the RFC ;) And all the templates for fwbuilder want you to >> be using NATing. >> >> Perhaps I should just set up another Astaro firewall. I have been using >> Astaro since v3, so I am comfortable with it.... >> >> > > If you've ever used a Checkpoint firewall, FWBuilder is exactly like > that interface. It even comes with a module that will let you modify > Checkpoint firewalls. I noticed the later, also a PIX module. No I have not personally needed that costly of a firewall. Full discloser time. My day job is with ICSAlabs. My area is security protocols research (like setttin up the initial IPsec certification criteria), but when I visit the labs there are all those firewall products up and running.... So, yeah, I know checkpoint. I talk with the gang over in the labs about 'simple' firewalls, but there are only certain things the boss funds here. So then I have to go cheap.