4di Posted October 12, 2006 Report Share Posted October 12, 2006 i have a list of mandriva based firewall , 1. firestarter 2.guarddog 3.netfilter 4.shorewall (that i hate) 5.mandi 6.SmoothWall 7. classical iptables (homemade) 8. others (if you have another option please write it here) i've started this topic because most of us uses firewall scripts (homemade) but i find on the google many more firewall with grafic interface and there's lot of other Linux firewalls, including some distros that are specifically for this purpose, but i want to know your oppinion about the firewall you use on your mandriva. best regards, adrian [moved from Networking by spinynorman] Quote Link to comment Share on other sites More sharing options...
ianw1974 Posted October 12, 2006 Report Share Posted October 12, 2006 I've always used shorewall or iptables - although as far as I know, shorewall is based on iptables anyhow (unless I'm mistaken). I've used shorewall in Mandriva, and iptables in Red Hat. They seem to do the trick for me. I've not got used to doing it all at the command line yet. Some of it, but not a lot. I mostly do in a gui if I can :P Quote Link to comment Share on other sites More sharing options...
Qchem Posted October 12, 2006 Report Share Posted October 12, 2006 Most firewalls are indeed a front-end to iptables. I tend to use whatever default comes with the distro, or plain iptables. Quote Link to comment Share on other sites More sharing options...
Gowator Posted October 12, 2006 Report Share Posted October 12, 2006 Most firewalls are indeed a front-end to iptables. I tend to use whatever default comes with the distro, or plain iptables. This is true and most of them have either GUI config and/or Webmin modules... Most hardware firewalls also use iptables as well. Quote Link to comment Share on other sites More sharing options...
emmanuel_uk Posted October 12, 2006 Report Share Posted October 12, 2006 shorewall (that i hate) This is what I prefer to manipulate iptable. Take a bit of time to get used to. It has a blacklist etc, the most flexibility because it is txt based. The problem with GUI is incompletness often, or untold decision they take Dshield.org is a great idea while we are talking about firewall Quote Link to comment Share on other sites More sharing options...
Gowator Posted October 12, 2006 Report Share Posted October 12, 2006 shorewall (that i hate) This is what I prefer to manipulate iptable. Take a bit of time to get used to. It has a blacklist etc, the most flexibility because it is txt based. The problem with GUI is incompletness often, or untold decision they take Dshield.org is a great idea while we are talking about firewall Actually shorewall is as good a front end as any, its just the way mandriva implement it that makes it unpopular and seem overly complex but this is because mandriva use it as a base for the ICS ... The easiest way to use shorewall is to completely overwrite the mandriva settings which are kinda bizarre due to its use for Internet Connection sharing.... and then just follow the relevant quick start guide. From the shorewall site Shorewall is not the easiest to use of the available iptables configuration tools but I believe that it is the most flexible and powerful. So if you are looking for a simple point-and-click set-and-forget Linux firewall solution that requires a minimum of networking knowledge, I would encourage you to check out the following alternatives: * m0n0wall (FreeBSD Based) * Firestarter On the other hand, if you are looking for a Linux firewall solution that can handle complex and fast changing network environments then Shorewall is a logical choice. Personally I tend to use firestarter for adhoc firewalling (like runing a liveCd from someone elses house) and I use my router at home because its there anyway... Quote Link to comment Share on other sites More sharing options...
Crashdamage Posted October 14, 2006 Report Share Posted October 14, 2006 For years, I've used Bastille. It's a frontend to iptables like almost all Linux firewalls and so does all the usual firewalling chores like IP mask, NAT, etc. The difference is it's much more than just a firewall. Bastille is a comprehensive system-hardening security tool with an easy to configure, highly informative interface. I consider Bastille indispensible and install it on every Linux installation I do. There's just nothing else like it. Anyone who takes system security seriously should check it out. Quote Link to comment Share on other sites More sharing options...
SilverSurfer60 Posted October 14, 2006 Report Share Posted October 14, 2006 My favourite firewall is smoothwall. I've run this for a number of years on an old computer that was not worth using for anything else. Why do I like smoothwall? I only need the one for running a smal network and it looks after the other computers, also the ability to run a web server, mail server on the orange interface without worrying too much about staying safe on the green network. The web interface is great to use and one can keep an eye on what is happening on the various networks. Yes it is overkill for a single computer, but I like it. :P Quote Link to comment Share on other sites More sharing options...
aerogate Posted November 30, 2006 Report Share Posted November 30, 2006 For years, I've used Bastille. It's a frontend to iptables like almost all Linux firewalls and so does all the usual firewalling chores like IP mask, NAT, etc. The difference is it's much more than just a firewall. Bastille is a comprehensive system-hardening security tool with an easy to configure, highly informative interface. I consider Bastille indispensible and install it on every Linux installation I do. There's just nothing else like it. Anyone who takes system security seriously should check it out. Bastille not working on Mandriva 2007 yet, or ever? ERROR: 'MN2007.0' is not a supported operating system. Valid operating system versions are as follows: OSX: 'OSX10.2' 'OSX10.3' 'OSX10.4' HP-UX: 'HP-UX11.00' 'HP-UX11.11' 'HP-UX11.22' 'HP-UX11.23' 'HP-UX11.31' LINUX: 'DB2.2' 'DB3.0' 'RH6.0' 'RH6.1' 'RH6.2' 'RH7.0' 'RH7.1' 'RH7.2' 'RH7.3' 'RH8.0' 'RH9' 'RHEL4AS' 'RHEL4ES' 'RHEL4WS' 'RHEL3AS' 'RHEL3ES' 'RHEL3WS' 'RHEL2AS' 'RHEL2ES' 'RHEL2WS' 'RHFC1' 'RHFC2' 'RHFC3' 'RHFC4' 'RHFC5' 'MN6.0' 'MN6.1 ' 'MN7.0' 'MN7.1' 'MN7.2' 'MN8.0' 'MN8.1' 'MN8.2' 'MN9.2' 'MN10.0' 'MN10.1' 'MN2006.0' 'SE7.2' 'SE7.3' 'SE8.0' 'SE8.1' 'SE9.0' 'SE9.1' 'SE9.2' 'SE9.3' 'SE10.0' 'SESLES8' 'SESLES9' 'TB7.0' Pitty, looks great! Quote Link to comment Share on other sites More sharing options...
ianw1974 Posted November 30, 2006 Report Share Posted November 30, 2006 Check if it's in the repositories, if you downloaded source: urpmf --name bastille or you can search within the gui tools. My colleague showed me this recently, that's BSD based, but looks neat with great gui. http://m0n0.ch/wall/ Quote Link to comment Share on other sites More sharing options...
JonEberger Posted November 30, 2006 Report Share Posted November 30, 2006 i typically use whatever comes by default. i'm always behind firewalls at home or at work and so have those, but I used shorewall in mandriva, and firestarter else. firestarter just seems easy to use. Quote Link to comment Share on other sites More sharing options...
Crashdamage Posted December 1, 2006 Report Share Posted December 1, 2006 aerogate said: Bastille not working on Mandriva 2007 yet, or ever? ERROR: 'MN2007.0' is not a supported operating system. Ignore the error and try it anyway. It may work fine, possible it won't, but well worth a try at least. I got the same error when installing on 10.1, etc. It happens whenever you install Bastille on a system not listed in the file you quoted. And even if the GUI config mode doesn't work it might still work by using the text-based config, whick is really just as easy anyway. ianw1974 said: Check if it's in the repositories, I seriously doubt it. For reasons I've never understood, Bastille hasn't been included in Mandriva since 8.1 or 8.2. Quote Link to comment Share on other sites More sharing options...
jaraeez Posted December 1, 2006 Report Share Posted December 1, 2006 My favourite firewall is smoothwall. I've run this for a number of years on an old computer that was not worth using for anything else. Why do I like smoothwall? I only need the one for running a smal network and it looks after the other computers, also the ability to run a web server, mail server on the orange interface without worrying too much about staying safe on the green network. The web interface is great to use and one can keep an eye on what is happening on the various networks. Yes it is overkill for a single computer, but I like it. :P Ditto... Smoothwall all the way. Being a hardware based firewall it frees your personal PC's CPU, mem, etc to be able to get on with whatever you need to do. The forums are top notch with a friendly community & there are a lot of add-ons to make the firewall even more productive. Finally there has not been one reported case a an actual break-in...& weighing in at 35MB for the iso is a bonus ;) Smoothwall Forums Smoothwall Home Quote Link to comment Share on other sites More sharing options...
buccaneer Posted December 14, 2006 Report Share Posted December 14, 2006 DIY iptables it took a bit too learn HOWTO use iptables but i prefer it to GUI front ends Quote Link to comment Share on other sites More sharing options...
arctic Posted December 14, 2006 Report Share Posted December 14, 2006 I tested guarddog for the first time yesterday on my Debian box and it seems to be pretty good. Not too hard to configure for noobs and more powerful than firestarter imho. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.