This is part of The Pile, a partial archive of some open source mailing lists and newsgroups.
To: redhat-list@listman.redhat.com From: "Thomas E. Dukes" <edukes@alltel.net> Subject: iptables and Shorewall Date: Tue, 25 Feb 2003 18:55:59 -0500 Currently I'm using my Win XP Pro system as my gateway to the internet. Since most of my personal stuff is on this box I would like to move my RH 8.0 box out front if I can get Tk-pppoe and internet sharing working. The system works fine now but I don't trust M$ built in firewall. I'm a little bit fuzzy on the relationship of these two. Can someone give me an idea how they interact? Is there a need for both? === To: redhat-list@listman.redhat.com From: Ed.Greshko@greshko.com Subject: Re: iptables and Shorewall Date: Wed, 26 Feb 2003 08:56:46 +0800 On Tue, 25 Feb 2003, Thomas E. Dukes wrote: > Currently I'm using my Win XP Pro system as my gateway to the internet. > Since most of my personal stuff is on this box I would like to move my > RH 8.0 box out front if I can get Tk-pppoe and internet sharing working. > The system works fine now but I don't trust M$ built in firewall. > > I'm a little bit fuzzy on the relationship of these two. Can someone > give me an idea how they interact? Is there a need for both? Shorewall is a "frontend" to iptables. You install both iptables and shorewall. You read the Shorewall documentation and tailor its config files for you needs. On startup, Shorewall will generate the needed iptables commands based on your configuration. Once that is done, shorewall exits and only iptables contiues to run. Shorewall is text based config files. There is work (webadmin?) to get a GUI frontend to shorewall....but IMHO you don't learn that much about security that way. Shorewall makes iptables easy. === To: redhat-list@listman.redhat.com From: "Thomas E. Dukes" <edukes@alltel.net> Subject: Re: iptables and Shorewall Date: 25 Feb 2003 20:29:32 -0500 On Tue, 2003-02-25 at 19:56, Ed.Greshko@greshko.com wrote: > Shorewall is a "frontend" to iptables. > > You install both iptables and shorewall. You read the Shorewall > documentation and tailor its config files for you needs. On startup, > Shorewall will generate the needed iptables commands based on your > configuration. Once that is done, shorewall exits and only iptables > contiues to run. > > Shorewall is text based config files. There is work (webadmin?) to get a > GUI frontend to shorewall....but IMHO you don't learn that much about > security that way. > > Shorewall makes iptables easy. > I had read that it was "frontend", but looking at the different files it installed lead me to believe otherwise. I was concerned they may clash if the both are running. Thanks for clearing that up! === To: redhat-list@listman.redhat.com From: Gene Yoo <gyoo@attbi.com> Subject: Re: iptables and Shorewall Date: Wed, 26 Feb 2003 09:47:41 -0800 Ed.Greshko@greshko.com wrote: [...] > Shorewall is text based config files. There is work (webadmin?) to get a > GUI frontend to shorewall....but IMHO you don't learn that much about > security that way. webmin does support the web frontend interface for IPTABLES and Shorewall. i'm currently using webmin 1.070. make sure to get the latest release since 1.050 has a significant vulnerability that was recently introduced. === To: redhat-list@listman.redhat.com From: "Raymundo M. Vega" <rmvega@san.rr.com> Subject: Re: iptables and Shorewall Date: Wed, 26 Feb 2003 11:43:20 -0800 if you like graphical interfaces, then use firewall builder. ===