Date: Sat, 25 Mar 2006 12:41:19 -0800
From: Rick Moen (email@example.com)
Subject: Re: [svlug] firewall utility
Quoting Ron Hinchley (firstname.lastname@example.org):
> Is there a good firewall utility to simplify the construction of a
> firewall and NAT. All I want is a basic firewall with some ports open
> inside the firewall but closed to the outside. Please advise.
GUI front-ends to iptables include Firewall Builder aka fwbuilder, GNOME lokkit, Fireflier, KDE kmyfirewall, Firestarter, Guarddog, Guidedog, gShieldConf, Knetfilter, Integrated Secure Communications System (ISCS), LutelWall, and Bifrost (proprietary).
Scripts and C programs that do it for you include Arno's IPTables-firewall, FIAIF, BullDog, gShield, ipkungfu, netscript, fireHOL, IPmenu, MonMotha's IPTables Firewall, Projectfiles.com Linux Firewall, rc.firewall (formerly Firewallscript), Ferm, AGT, shorewall, GIPTables, LinWiz firewall tools, YAFT's Another Firewall Tool, UIF, levy, Turtle Firewall Project, TuxFrw, lokkit (no longer maintained, except as a component of GNOME lokkit), and Uruk.
Or you can use NuOnce Networks's IPTables Rule Creator (proprietary) or Webmin (Web-mediated administrative tools for your system), or alternatively Easy Firewall Generator or PHP Firewall Generator (Web sites that write iptables rulesets).
Me, I just look at Rusty's Remarkably Unreliable Guides when I need to
figure something out that I've forgotten:
Especially useful bits:
Good, quick tutorials linked from Rusty Russell's site:
-- Cheers, I have yet to see any problem, however complicated, Rick Moen which, when you looked at it in the right way, did email@example.com not become still more complicated. -- Poul Anderson