See this: http://security.linux.com/article.pl?sid=04/10/11/2030249&tid=100&tid=35 Unlike many other projects, however, Shorewall does not provide a graphical front end, and instead assumes administrators will have a fair amount of familiarity with reading and editing Linux configuration files. To its credit, though, Shorewall is an unusually well-documented open source project. I''ve been trying other frontend such as firestarter and guarddog for it''s GUI, but, I must say that none has the features and yet clear howto than shorewall. -- Fajar Priyanto | Reg''d Linux User #327841 | http://linux2.arinet.org 20:20:22 up 12:11, 2.6.11-1.1369_FC4 GNU/Linux public key: https://www.arinet.org/fajar-pub.key ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
Well, you can use Webmin for the graphical frontend for Shorewall. Sasa --On 29. avgust 2005 20:22 +0700 Fajar Priyanto <fajarpri@arinet.org> wrote:> See this: > http://security.linux.com/article.pl?sid=04/10/11/2030249&tid=100&tid=35 > > Unlike many other projects, however, Shorewall does not provide a > graphical front end, and instead assumes administrators will have a fair > amount of familiarity with reading and editing Linux configuration > files. To its credit, though, Shorewall is an unusually well-documented > open source project. > > I''ve been trying other frontend such as firestarter and guarddog for it''s > GUI, but, I must say that none has the features and yet clear howto than > shorewall.------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
On Mon, 2005-08-29 at 20:22 +0700, Fajar Priyanto wrote:> See this: > http://security.linux.com/article.pl?sid=04/10/11/2030249&tid=100&tid=35 > > Unlike many other projects, however, Shorewall does not provide a graphical > front end, and instead assumes administrators will have a fair amount of > familiarity with reading and editing Linux configuration files. To its > credit, though, Shorewall is an unusually well-documented open source > project.Hum, do I get a funky undertone from the above quote of the article that the lack of a GUI tool for Shorewall and the need to "read and edit Linux configuration files" is considered a disadvantage (even if minor)? (Admittedly, I didn''t read the entire article...) IMHO this is a huge *advantage*. :-) They are absolutely right about the outstanding documentation, though. karsten ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
K. Bräckelmann wrote:> > IMHO this is a huge *advantage*. :-) They are absolutely right about > the outstanding documentation, though. >Blush.... -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
Tom Eastep wrote:> K. Bräckelmann wrote: >>IMHO this is a huge *advantage*. :-) They are absolutely right about >>the outstanding documentation, though. >> > > Blush....See - sometimes it *is* worth it! :-) Paul ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
K. Bräckelmann wrote:>On Mon, 2005-08-29 at 20:22 +0700, Fajar Priyanto wrote: > > >>See this: >>http://security.linux.com/article.pl?sid=04/10/11/2030249&tid=100&tid=35 >> >>Unlike many other projects, however, Shorewall does not provide a graphical >>front end, and instead assumes administrators will have a fair amount of >>familiarity with reading and editing Linux configuration files. To its >>credit, though, Shorewall is an unusually well-documented open source >>project. >> >> > >Hum, do I get a funky undertone from the above quote of the article that >the lack of a GUI tool for Shorewall and the need to "read and edit >Linux configuration files" is considered a disadvantage (even if minor)? >(Admittedly, I didn''t read the entire article...) > >IMHO this is a huge *advantage*. :-) They are absolutely right about >the outstanding documentation, though. > > karsten > >No different from the dings Apache always got in the old Apache vs. IIS/others reviews so many magazines used to do... What they never got was that the Apache configuration was rich enough that a GUI configuration tool (which did exist, albeit missed) could never give you the same depth of control. -Alan -- Alan Sparks, UNIX/Linux Systems Integration and Administration <asparks@doublesparks.net> ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
On Mon, 29 Aug 2005, Tom Eastep wrote:> K. Bräckelmann wrote: >> >> IMHO this is a huge *advantage*. :-) They are absolutely right about >> the outstanding documentation, though. >> > > Blush....No need for false modesty :-) It is a simple statement of fact. I''ll even go further and opine that your documentation is better than what I got with either Checkpoint or Watchguard. Especially Checkpoint. And Shorewall is at least as good a product and is easier to set up and use IMO. -- Stephen