On Tue, 2010-01-19 at 14:32 -0600, Carlos Santana wrote: > On Tue, Jan 19, 2010 at 1:31 PM, Kai Schaetzl <maillists at conactive.com> wrote: > > Carlos Santana wrote on Tue, 19 Jan 2010 08:51:19 -0600: > > > >> 'But it's harder to maintain as a > >> script of your own.'. You are also using script, right? > > > > The "as" is ambiguous in this case ;-) Read: > > But it's (adding on the fly, no script) harder to maintain as if you use a > > script of your own. > > > > Kai > > > > Thanks for clarifying... :) > > - > CS. > > > If you're concerned about maintaining a script for your iptables configuration, consider the Shoreline firewall ( www.shorewall.net ) to manage your firewall. The things I like about Shorewall is that it uses human-readable config files, AND it generates iptables chains that are much more comprehensible than the other stuff that I've seen. Naturally, this is just my $0.02 (US) worth. -- Ron Loftin reloftin at twcny.rr.com "God, root, what is difference ?" Piter from UserFriendly