For those learning iptables, please visit my presentation I gave a couple months ago (to another LUG) and comment on it. Was it clear? Did it help? http://www.georgetoft.com/linux/plug/presentations/firewall/index.html The objective of the presentation is to give the audience the basic background to read iptables scripts so they can modify scripts for their own use. When I started the presentation, I knew nothing about iptables. Now I have a custom firewall that has been professionally tested, and works quite well. In fact, every commercial scanner/vulnerability tester has stated this level of security is very unusual, and assumed there was a problem in the testing of the firewall. Thank you. George Craig White wrote: > > On Tue, 2002-06-25 at 21:32, alandd@mindspring.com wrote: > > > > > I should know about firewall configuration. I now have a reason to learn. > > =^) > > > > > > However, as we propel Linux forward, we need to help develop tools that don't > > require the user to know how or even why he needs a firewall. The average Joe > > just wants to know that his computer is secure because he picked the secure > > option on his install. And, if he needs to close a port or open a port, he > > doesn't want to learn ipchains rule syntax or even port numbers, he wants to > > select an option and be on his merry way. Not an easy task but this is the > > mindset that company in Redmond has created and our society expects. > > > > If we want Linux on every desktop, it has to be made that easy. > > > > > ----- > I thoroughly disagree with this rant. > This has nothing whatsoever to do with Microsoft or Microsoft mindset. > In fact, your attitude represents the spoiled mentality of the Microsoft > user. > > This is open source software - when you see a need, you should offer > your time and energies to fill it - don't be content to curse the > darkness, light a candle. > > Redhat offers a simple minded 3 level firewall choice on install, all > using ipchains which is only offered on the 2.4 kernels for backwards > compatibility. You are probably wasting your time trying to learn > ipchains at this point. Netfilter/iptables is the native firewall module > for 2.4 kernels. If you want to learn something that is applicable, that > is what you should learn. > > If you want simple minded firewall configuration utility, may I suggest > firestarter. > > Craig > ________________________________________________ > See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post to the list quickly and you use Netscape to write mail. > > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss -- If you feel you have received a virus from me, please read http://www.georgetoft.com/virus.html because it wasn't me! --