Why don't you plan your work and work your plan, you will waste your effort if you are in hurry. As far as I know, shorewall.net is the best documented package I had ever seen. Spend some time reading and understand it.
This goes the same to OpenVPN or any that you may come across.
Amir Haris Ahmad <firstname.lastname@example.org> wrote:
Michael Cozzi ... i will study about the OpenVPN
On 1/31/06, Cristian Rodriguez <email@example.com> wrote:Amir Haris Ahmad wrote:
> Ermm.. well the application server is the critical database server..
That's another reason to implement a decent solution right now.
> time.. i need the fast solutions
Fast solutions ... no. security needs REAL ,reliable,manageable solutions.
which mean using shorewall.. and on next
> stage.. i will figure out .. and perhaps using vpn... for now i found
> shorewall drop and shorewall allow. can the shorewall allow a certain ports?
> which mean allow port 3079.. e.g allow from 220.127.116.11 with 3079 port?
<zoneof-the-internal-system>:ip-of-the-internal-system tcp 3079
good luck, and you have been warned.