[Shorewall-users] Parameterized Samples Withdrawn

Alok K. Dhir alok@dhir.net
Mon, 8 Apr 2002 23:31:05 -0400


LoL - great message - very enjoyable!

Good luck with that firewall...  And enjoy the beer! ;)

> -----Original Message-----
> From: shorewall-users-admin@shorewall.net 
> [mailto:shorewall-users-admin@shorewall.net] On Behalf Of Jim Hubbard
> Sent: Monday, April 08, 2002 11:07 PM
> To: shorewall-users@shorewall.net
> Subject: RE: [Shorewall-users] Parameterized Samples Withdrawn
> 
> 
> Tom,
> I wish you wouldn't withdraw the samples.  The reason people 
> like me ask so many dumb questions is because there are a lot 
> of us who would prefer to learn by modifying a sample and 
> playing with it instead of by reading the very complete, but 
> (typical of Linux) lengthy documentation.  We don't want to 
> know how Shorewall works, all we want to know is how to turn 
> the darn thing on and off.  Newbies don't care about ipsec 
> tunnels, proxies, or traffic shaping.  All we want is to do 
> is install it, make a couple of quick modifications, then 
> have a beer; content in the thought that our security isn't 
> perfect, and it may not work at all, but it's bound to be 
> better than it was.  We'll tighten it up tomorrow.
> 
> The question is one of viewpoints, and it's a common 
> situation with Linux. At one end we have the new user who 
> just wants to "try" Linux and get it to do something - 
> anything useful with a minumum of effort.  At the other end 
> is the guru, who is tired of answering the same silly 
> questions and would rather the user read and understand the 
> whole thing first.  The newbie just wants it to work; he 
> doesn't care how, how well, or why right now because he'll 
> read the docs and tweak his setup later (maybe).  Newbies 
> don't want to read and understand, we want a sample and some 
> quick pointers for common setups.  Once our firewall is 
> running and everything still works, THEN we'll read.  It's 
> kinda like those instructions that came with your kid's bike. 
> Nobody reads those first; we look at the pictures, bolt it 
> all together, and then we read to figure out where all the 
> extra parts go.  It's just human nature.
> 
> I installed Shorewall today on a server that's already behind 
> a firewall. But without a sample to follow, know what I did?  
> Skimmed the documentation, then started playing with it.  I 
> figured I could at least gain a little more security without 
> breaking anything.  After about 2 hours I had to leave, so 
> here's my temporary solution:
> 
> /etc/shorewall/policy
> all	all	ACCEPT
> 
> I'm dreading reading the documentation again, but the system 
> had no firewall before, so I'm having a beer anyway.  Sure 
> would have been easier with a sample.
> 
> Sincerely,
> Jim Hubbard
> jimh@xlproject.com
> 
> Visit my website at www.XLProject.com
> 
> PS - Why not just ignore any post that begins with "I'm using 
> the __ interface sample"?
> 
> _____________________________________________
> 
> 
> 
> > -----Original Message-----
> > From: shorewall-users-admin@shorewall.net
> > [mailto:shorewall-users-admin@shorewall.net]On Behalf Of Tom Eastep
> > Sent: Monday, April 08, 2002 3:48 PM
> > To: Shorewall Users; Shorewall Announcements
> > Subject: [Shorewall-users] Parameterized Samples Withdrawn
> >
> >
> > Although the parameterized samples have allowed people to get a 
> > firewall up and running quickly, they have unfortunately 
> set the wrong 
> > level of expectation among those who have used them. I am therefore 
> > withdrawing support for the samples and I am recommending that they 
> > not be used in new Shorewall installations.
> >
> > -Tom
> > --
> > Tom Eastep    \ Shorewall - iptables made easy
> > AIM: tmeastep  \ http://www.shorewall.net
> > ICQ: #60745924  \ teastep@shorewall.net
> >
> > _______________________________________________
> > Shorewall-users mailing list
> > Shorewall-users@shorewall.net 
> > http://www.shorewall.net/mailman/listinfo/shorewall-users
> >
> 
> _______________________________________________
> Shorewall-users mailing list
> Shorewall-users@shorewall.net 
> http://www.shorewall.net/mailman/listinfo/shorewall-users
>