From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Ida4Q-0005ZW-VJ for garchives@archives.gentoo.org; Thu, 04 Oct 2007 23:25:31 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.14.1/8.14.0) with SMTP id l94NEKw1025395; Thu, 4 Oct 2007 23:14:20 GMT Received: from mail.pcsrvc.com (webmail.pcsrvc.com [24.225.5.124]) by robin.gentoo.org (8.14.1/8.14.0) with ESMTP id l94NEJKD025390 for ; Thu, 4 Oct 2007 23:14:20 GMT Received: from localhost (localhost [127.0.0.1]) by mail.pcsrvc.com (Postfix) with ESMTP id 54AD3D25E5 for ; Thu, 4 Oct 2007 18:14:22 -0500 (CDT) X-Virus-Scanned: amavisd-new at pcsrvc.com Received: from mail.pcsrvc.com ([127.0.0.1]) by localhost (mail.pcsrvc.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id HeO5y4jcBNMV for ; Thu, 4 Oct 2007 18:14:17 -0500 (CDT) Received: from [192.168.1.5] (linux.homershut.net [24.225.5.125]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) by mail.pcsrvc.com (Postfix) with ESMTP id 27580D25CC for ; Thu, 4 Oct 2007 18:14:17 -0500 (CDT) Subject: Re: [gentoo-amd64] Re: KISS firewall not working on Gentoo Hardened From: Homer Parker To: gentoo-amd64@lists.gentoo.org In-Reply-To: <4705370A.4010709@getdesigned.at> References: <470438AA.8040502@singnet.com.sg> <4705370A.4010709@getdesigned.at> Content-Type: text/plain Date: Thu, 04 Oct 2007 18:14:12 -0500 Message-Id: <1191539653.16375.5.camel@laptop> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-amd64@gentoo.org Reply-to: gentoo-amd64@lists.gentoo.org Mime-Version: 1.0 X-Mailer: Evolution 2.10.2 Content-Transfer-Encoding: 7bit X-Archives-Salt: c99c19fe-c013-4c75-a1eb-993c53ff52ac X-Archives-Hash: 48408d16d68526a67cf810179a38858d On Thu, 2007-10-04 at 20:55 +0200, Sebastian Redl wrote: > > Configuring this is easy enough in IPTables (I did learn them > somewhat, > out of interest, though I've forgotten a lot, too), but it's really, > really easy in shorewall. Seconded.. I've used it since 1.x in a variety of situations, and it's always made short work of it. My previous home router had a several page script to setup firewall rules and QOS on a 4 legged router that took me a week or two to get right from pouring over lartc.org. i've done more complex setups in very short time with shorewall. the docs at shorewall.net are great and get simple firewall/routers up in no time, and includes more complex setups such as Tom's Xen setup he uses at home. -- Homer Parker -- gentoo-amd64@gentoo.org mailing list