Mike Radomski wrote:
> I have been trying to use SuSEfirewall for simplicity, though usually use
> ipchains.
Setting up a firewall has lots of pitfalls. You can lock yourself out of a
machine
without any trouble at all. I put logging rules in every chain and send test
packets
to test that the rules are really doing what I think.
I would stay away from ipchains unless you can guarantee that you'll by only
running 2.2.x kernels forever. All kernels from 2.4 on will have iptables
and you'll have to rewrite your rules.
Joe
--
Joseph Mack PhD, Senior Systems Engineer, Lockheed Martin
contractor to the National Environmental Supercomputer Center,
mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA
|