Security
2003-Feb-05 15:00 UTC
[Shorewall-users] New Webmin 1.060 comes with Shorewall modul e
I just dumped my Mandrake 4 Interface MNF Test Box and replaced it with a Redhat 8.0 \ Shorewall 1.3.13 and added Webmin. I then copied my live shorewall files to this test box and everything came up without any problems. My compliments go out to everyone who helped create the webmin shorewall module. It interfaces with all my existing files and I can change things as needed. This is exactly what I needed. Hat''s off to Tom for such a great firewall and to the addition of the shorewall module to the webmin. Just out of curiosity... How dangerous is it to run webmin on a firewall??? Mike P.S. So Tom with a Front-end GUI will this change your thoughts on the Shorewall 2.0 Plans. How easy is it to update the webmin module??? -----Original Message----- From: Tom Eastep To: shorewall-users@lists.shorewall.net; Shorewall Announcements Sent: 2/5/03 11:36 AM Subject: re: [Shorewall-users] New Webmin 1.060 comes with Shorewall module --On Wednesday, February 05, 2003 11:35 AM -0400 Joe Gofton <jgofton@danicar.net> wrote:> I just updated my webmin on my server and noticed that the module for > Shorewall looked different. It looks like someone really cleaned it up > and had it added to the Standard Webmin Module list. Woohoo. >John Lodge provided the original Shorewall Webmin module -- I don''t know who we have to thank for carrying his work forward but I and the rest of the Shorewall community are very grateful. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.shorewall.net http://lists.shorewall.net/mailman/listinfo/shorewall-users Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
Tom Eastep
2003-Feb-05 15:37 UTC
[Shorewall-users] New Webmin 1.060 comes with Shorewall modul e
Security wrote:> > My compliments go out to everyone who helped create the webmin shorewall > module. It interfaces with all my existing files and I can change things as > needed. This is exactly what I needed.John Lodge is the prime mover in that arena I believe.> > Hat''s off to Tom for such a great firewall and to the addition of the > shorewall module to the webmin. > > Just out of curiosity... How dangerous is it to run webmin on a firewall??? >Shouldn''t be dangerous at all of you restrict access to it to hosts behind the firewall. If you open it to hosts outside the firewall, be sure that you set up SSL (http) access. There''s a button on the Webmin Configuration page.> P.S. So Tom with a Front-end GUI will this change your thoughts on the > Shorewall 2.0 Plans. How easy is it to update the webmin module???Mike, I''ve been asking myself the same question all day. Should I leave the basic firewall alone and concentrate on bringing the Webmin module up to the current Shorewall release? Should I rely on John and the other webmin folks to maintain the GUI and concentrate on the backend. My Perl fu is very weak but I planned on having to master a new language anyway. I''ll have to give it some more thought -- opinions are of course welcome. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net
Joe Gofton
2003-Feb-05 15:40 UTC
[Shorewall-users] New Webmin 1.060 comes with Shorewall modul e
Just make sure you have Webmin using ssl(https://). :-) There are docs at the Webmin site on how to do this.> I just dumped my Mandrake 4 Interface MNF Test Box and replaced it with > a Redhat 8.0 \ Shorewall 1.3.13 and added Webmin. > > I then copied my live shorewall files to this test box and everything > came up without any problems. > > My compliments go out to everyone who helped create the webmin shorewall > module. It interfaces with all my existing files and I can change things > as needed. This is exactly what I needed. > > Hat''s off to Tom for such a great firewall and to the addition of the > shorewall module to the webmin. > > Just out of curiosity... How dangerous is it to run webmin on a > firewall??? > > Mike > > P.S. So Tom with a Front-end GUI will this change your thoughts on the > Shorewall 2.0 Plans. How easy is it to update the webmin module??? > > > -----Original Message----- > From: Tom Eastep > To: shorewall-users@lists.shorewall.net; Shorewall Announcements > Sent: 2/5/03 11:36 AM > Subject: re: [Shorewall-users] New Webmin 1.060 comes with Shorewall > module > > > > --On Wednesday, February 05, 2003 11:35 AM -0400 Joe Gofton > <jgofton@danicar.net> wrote: > >> I just updated my webmin on my server and noticed that the module for >> Shorewall looked different. It looks like someone really cleaned it up >> and had it added to the Standard Webmin Module list. Woohoo. >> > > John Lodge provided the original Shorewall Webmin module -- I don''t know > > who we have to thank for carrying his work forward but I and the rest of > > the Shorewall community are very grateful. > > -Tom > -- > Tom Eastep \ Shorewall - iptables made easy > Shoreline, \ http://www.shorewall.net > Washington USA \ teastep@shorewall.net > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.shorewall.net > http://lists.shorewall.net/mailman/listinfo/shorewall-users > > > Confidentiality Notice: This e-mail message, including any attachments, > is for the sole use of the intended recipient(s) and may contain > confidential and privileged information. Any unauthorized review, use, > disclosure or distribution is prohibited. If you are not the intended > recipient, please contact the sender by reply e-mail and destroy all > copies of the original message. > > > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.shorewall.net > http://lists.shorewall.net/mailman/listinfo/shorewall-users-- Joe *** I can only please one person a day. Today is not your day and tomorrow doesn''t look good either. ***
cheers();> > P.S. So Tom with a Front-end GUI will this change your thoughts on the > > Shorewall 2.0 Plans. How easy is it to update the webmin module??? > > Mike, I''ve been asking myself the same question all day. Should I leave > the basic firewall alone and concentrate on bringing the Webmin module > up to the current Shorewall release? Should I rely on John and the other > webmin folks to maintain the GUI and concentrate on the backend. > > My Perl fu is very weak but I planned on having to master a new language > anyway. > > I''ll have to give it some more thought -- opinions are of course welcome.IMHO it is a very good starting point, when having an existing GUI. Even more, when you are not really satisfacted coding that stuff. Writing a good GUI can be really hard, especially when it is the first one... So why not profit from that existing code? With Perl you can write a X GUI (Gnome, please ;-) reusing the code for changing conf files. Perl is a very useful language: Managing plain text files even was the reason Perl exists. And there are modules, to everything considerable, including relational databases, LDAP, X, ... As someone suggested LDAP for conf ''files'': Please never drop the *nix plaintext configuration -- at least as default option. I wanted to vote for Perl anyway. ;-) Perl would even be a good language, for the shorewall code rewriting, if you still wanna do that. karsten -- Hi, I''m a signature virus. Copy me into your ~/.signature to help me spread!