technomage wrote:
> Ok,
> I remember the presentation about a year ago when fwbuilder was first
> introduced. I thought it might be an interesting tool.
>
> However, there are some problems with how it functions (namely, after the
> firewall is compiled, some things don't work quite as expected, and other
> "features" in the program itself require retooling).
>
> firstly,
> the program doesn't allow me to initialize a "deny all" on the internet
> interface and then followup with specified port openings (error: rules 0
> shades rule 1. compile failed).
Normal behavior. The second rule shadows the first, and you have 'check for
rule shadowing' enabled, which it is by default. Catch all rules should go
towards the bottom.
>
> Another problem, I can't tell it to allow ping requests on the firewall. after
> compile with that rule, the firewall still will not respond to pings.
I know this works too. How are you trying to do it? Are you trying to allow
pings to the firewall or through the firewall?
Have you checked the box "consider firewall part of 'any'"?
(This setting makes a big difference)
Using the wizard to make a 'quick firewall' will give you something to look at
as an example. Looking at the script output from the program will help you
learn what the program generates in response to a rule.
If you haven't read the whole manual for fwbuilder, you should.
- --
KevinO
Go placidly amid the noise and waste, and remember what value there may
be in owning a piece thereof.
-- National Lampoon, "Deteriorata"
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)