Am 13.08.2014 um 15:16 schrieb Timothy Murphy: > > I'm a bit surprised no-one has mentioned shorewall. > I'm using it on two tiny home servers, > one under CentOS-6 and the other CentOS-7. > Basically, this is because I don't understand iptables, > or really want to understand it. here, too, I'm using shorewall, because with the semantics in the config files, I can easily express what I want. It makes it easy to create very complex setups without knowing anything of iptables (although it helps to know about it). Moreover, the superb help of Tom Eastep and others in the support mailing list makes shorewall the firewall of my choice. Hence, the first thing I disable on a fresh centos install: firewall and sh** > I often wonder if I am in a small minority of CentOS users, > who are just running home servers of some kind. welcome to the club ;) Regards Michael