[NBLUG/talk] iptables guidance/guru?
E Frank Ball
frankb at frankb.us
Mon Feb 12 14:22:04 PST 2007
On Mon, Feb 12, 2007 at 01:18:21PM -0800, Glen Gunsalus wrote:
> I've got a wrt54g running OpenWrt 0.9. It functions fine as intended -
> firewall/router to internet ("WAN") with DHCP and nat on the wireless and four
> "LAN" ports using 192.168.1.0/32.
...
> Question:
>
> Is there a sane way to get where I want w/o having to master iptables ((looks
> rather formidable to me at this point after looking at e tutorials).
There are many frontend programs for iptables. Most of them are
pathetic. When I made the jump from ipchains (2.2 kernel) to iptables
(2.4 kernel) I started using Shorewall (http://www.shorewall.net/).
I knew iptables inside and out, but ipchains was another level of
complexity and I didn't want to have to deal with it.
Shorewall has worked well for me. There is no gui, but the config files
are pretty simple. The one other iptables frontend I saw that looked
good was FireHol http://sourceforge.net/projects/firehol/
Of the two shorewall looks simplier and can do what most people need.
--
E Frank Ball frankb at frankb.us
More information about the talk
mailing list