[Shorewall-users] Parameterized Samples Withdrawn
Tue, 9 Apr 2002 10:35:06 -0700 (PDT)
Pascal has nailed it for me. I can read the docs to see how to specify
rules and without too many lapses get the rules entered. My problem still
is understanding what ports and why special attention is warranted for
Anyone who can make a list of ports and exploits to lock out on those
ports will be doing a great service!
On 9 Apr 2002, Pascal DeMilly wrote:
> I agree with Tom that the samples as they are right now are setting the
> wrong level of expectation as he puts it. I think one issue most people
> new to firewalling (apart from setting the basics) is to know what to
> block or allow depending of the protocols/services used.
> I think a great service to all would be to have a contrib directory
> where people give examples of their rules configuration for allowing or
> disallowing a particular service.
> People could then copy those rules into their rule file and change the
> zones accordingly. I think that will be more valuable than what the
> current samples do. Let's face it, we all need to open pinholes in our
> firewall at some point. We just need to make sure they are not too big.
> On Tue, 2002-04-09 at 09:20, Jim Hubbard wrote:
> > Now this sounds good. Anything that makes it easier for newbies to just
> > pick it up and use it is good (I like the Webmin module too). The Linux
> > community should move away from the whole "you must learn the hard way
> > before you're worthy" idea. Can you imagine that kind of thinking from MS
> > or Apple?
> > All of us reading this list have already expended far more effort to learn
> > Linux than Joe Sixpack ever will. But the fact is, we need Joe to come on
> > board if we want Linux to continue to grow.
> > Sincerely,
> > Jim Hubbard
> > Visit us online at www.dyersinc.com
> > ______________________________________________________
> > > -----Original Message-----
> > > From: firstname.lastname@example.org
> > > [mailto:email@example.com]On Behalf Of Cowles, Steve
> > > Sent: Tuesday, April 09, 2002 11:23 AM
> > > To: Shorewall Users
> > > Subject: RE: [Shorewall-users] Parameterized Samples Withdrawn
> > >
> > > Furthermore, (so that we are all starting from the same page) I would like
> > > to see an "initial" install script for shorewall that prompts for basic
> > > network design parameters similar to how the "firewall in a box"
> > > manufactures like netgear, linksys, etc... do.
> > >
> > _______________________________________________
> > Shorewall-users mailing list
> > Shorewallfirstname.lastname@example.org
> > http://www.shorewall.net/mailman/listinfo/shorewall-users
> Shorewall-users mailing list