Ipchains and Iptables

[Longman, Bill]

> Just poking fun... do check out gnome-lokkit.  Using it does not 
> liberate anyone from cogent thinking regards what the 
> computer is doing 
> and what you don't want it to do but it's one step better 
> than referring 
> to iptables which somehow reminds me that hacking in hex 
> would be easier 
> (at least I can cross check the hex with dec).  I'll check 
> out iptables, 
> when I've more time on my hands and less pressure.  Thanks, just the 
> same. :-)

Way to go, Derick! It's not surprising that most of the firewall tools out
there are merely front ends to make manipulating the iptables less onerous.
It's tedium and no one in their right mind wants to monkey with them
directly. I've used shorewall and firestarter on other boxes, so I recommend
others take a look at those as well.

Shorewall is basically a set of configuration files that describe your
overall network setup and what kind of services you want to provide to those
networks. Then, shorewall fires up iptables entries to meet that setup.

Firestarter is a GUI frontend that provides granular control to the iptable
rules themselves.

There's lots of others out there. My gentoo box has:

dshieldpy    firestorm  gtk-iptables       ipkungfu     psad
dynfw        fwbuilder  guarddog           iptables     shorewall
firehol      giptables  ipchains           kmyfirewall  timestamp.x
firestarter  gshield    ipchains-firewall  knetfilter

as available firewall packages.