Menu
▾
▴
Re: [Devil-Linux-discuss] is there a life after fwbuilder?
|
From: Udo L. <ul...@po...> - 2016-08-04 06:39:03
|
Hi, just an remark. I had switch back from an dl1.8 firewall to dl1.6.9 because the firewall script generated with fwbuilder work not right with the new iptables. First it's looks good, but after add/remove rules we had the effect, that old rules was extend (not fresh created) with new content!! Extremly dangerous. Will take a look at shorewall next week... Udo On 09.05.2016 14:50, Frank Weis wrote: > Hi fellow DL-Users, > > I know that this is probably not the best place to ask this, but I hope > you don't mind me picking your clustered brains : > > I have >60 DL firewalls in operation, and the fact that fwbuilder > development is halted is increasingly concerning me. The generated policies > use constructs that become obsolete or even wrong with recent netfilter > versions (ie 'any ICMP' in a NAT rule is no longer supported in DL-1.8's > iptables). > > How do you people address this? What do you use to generate your > firewall rules? Any suggestions for me? > > Thanks a lot in advance, > > Frank > |
