Re: Netfilter rule notation and rule parsers

To:	netfilter@lists.netfilter.org
Subject:	Re: Netfilter rule notation and rule parsers
From:	Franck Joncourt <joncourt_franck@yahoo.co.uk>
Date:	Mon, 19 Feb 2007 20:38:20 +0100
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	netfilter-list1@securepoint.com
Domainkey-signature:	a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.co.uk; h=Received:X-YMail-OSG:Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:References:In-Reply-To:X-Enigmail-Version:Content-Type:Content-Transfer-Encoding; b=sVI//saH+tbSf26MP7kLw+jrfsYNF/6C2uvUGlncT1poidrMdZo6zv5v1JkVxLH5sfmEy0KRkN12UD5M/aq+IT0URdknq/NqAZRWG71gceylQx2+v7F5AmclBasoSiUNNDSiufmnlQPXXGuPGZC+nnMu6+9JFGvxRkVcvRtGEC0= ;
In-reply-to:	<20070219152509.GL19622@nightfall.luchs.at>
List-archive:	</pipermail/netfilter>
List-help:	<mailto:netfilter-request@lists.netfilter.org?subject=help>
List-id:	General discussion and user questions <netfilter.lists.netfilter.org>
List-post:	<mailto:netfilter@lists.netfilter.org>
List-subscribe:	<https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=subscribe>
List-unsubscribe:	<https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=unsubscribe>
References:	<20070219152509.GL19622@nightfall.luchs.at>
Sender:	netfilter-bounces@lists.netfilter.org
User-agent:	Icedove 1.5.0.9 (X11/20061220)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

René Pfeiffer wrote:
> Hello, Netfilter List!
> 

Hi,

> I am aware that there are several rule editors out there (such as
> FWbuilder). I am more interested in a low-level approach having simple
> rules that can be parsed easily and possibly distributed among multiple
> firewall systems.
> 

I do not think there is another way to work at low level without writing
rules by yourself. The more you write, the more you understand.
This is not my job, and I am far from being an expert, but I should say,
 distibuted rules among multiple systems, is not that simple ; it
depends on your needs. Can a script for a router be useful for a server
? It can be complicated to get a script working on both systems.

Maybe I am mistaken, but this is my point of view.

- --
Franck Joncourt
http://www.debian.org
http://smhteam.info/wiki/
GPG server : pgpkeys.mit.edu
Fingerprint : C10E D1D0 EF70 0A2A CACF  9A3C C490 534E 75C0 89FE
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFF2fysxJBTTnXAif4RAttPAJ9p1VGA3hZj+DNSu+i9f2YakFwjtQCdE+JC
J85trawUWu1ICtM86GyPNB0=
=LW0Y
-----END PGP SIGNATURE-----

___________________________________________________________ 
All new Yahoo! Mail "The new Interface is stunning in its simplicity and ease 
of use." - PC Magazine 
http://uk.docs.yahoo.com/nowyoucan.html

<Prev in Thread]	Current Thread	[Next in Thread>
Netfilter rule notation and rule parsers, René Pfeiffer Re: Netfilter rule notation and rule parsers, Franck Joncourt <= Re: Netfilter rule notation and rule parsers, René Pfeiffer

Previous by Date:	Netfilter rule notation and rule parsers, René Pfeiffer
Next by Date:	Re: Netfilter rule notation and rule parsers, René Pfeiffer
Previous by Thread:	Netfilter rule notation and rule parsers, René Pfeiffer
Next by Thread:	Re: Netfilter rule notation and rule parsers, René Pfeiffer
Indexes:	[Date] [Thread] [Top] [All Lists]