Shoreline Firewall(shorewall) for Linux OS

**praka123** · 14-03-2006, 05:09 PM

Hello All,
I am trying shoreline firewall(http://shorewall.net/) in my debian sarge.i've heard lot of good remarks about shorewall.thinking of getting latest version(3.0.5) as debian sarge with backports repo have only 2.2.3-1 version.Did anyone tried shorewall..is it tough to get it configured,if it is i think webmin-shorewall should be my last resort

..for now i use firestarter,its got nice gui to work with.comments please

**Satissh S** · 14-03-2006, 07:44 PM

LOL prakash What an avatar!! This is INCREDIBLE!!

Returning to the topic..Isn't firestarter a frontend to iptables? Besides.. i have de-activated all the firewalls b'coz it takes sometime to D/L stuff while they are active..
AFAIK any *nix mother tells you (quoted shamelessly from one of the gentoo guides) "Don't use GUI as root and u'll be safe.."
Just my opinion..

**pradeep_chauhan** · 14-03-2006, 07:44 PM

Hi I am using shorewall as a firewall(an a dedicated p3 512MB 3NIC) for one of my servers pools. Its a good and serves the purpose well. Its better then ipcop that we were using earlier. I would recommend not to use webmin as it opens up another hole in your firewall.

**praka123** · 14-03-2006, 08:49 PM

@Satissh S:Thanks Talaiva
@pradeep_chauhan:Yes sir.so is there any quick n easy howto for shorewall for my standalone computer connected to internet via aDSL.

**pradeep_chauhan** · 14-03-2006, 10:13 PM

Shorewall comes with various profiles built in one of them is the dsl - personal one where you have a single nic card please use the profile and setup the firewall. We in CERT-Army use the three zone setup where in the clasical internet - dnz and trusted lan concept is used this too is based on the pre set profile and only a few minor rule set changes are done.

**vignesh** · 15-03-2006, 11:25 AM

Ya....If we don`t use the root account at all...Istead use the sudoers list like in Ubuntu your totally safe....

**mehulved** · 15-03-2006, 12:21 PM

I have shorewall on my computer but still am not able to start it. I still am completely clueless about linux firewalls.

**praka123** · 15-03-2006, 08:53 PM

@tech:have atleast firestarter installed while browsing internet..see the events log shown hmm..for shorewall config it isnt that tough get in hold of some smart hw2's from internet and configure it!.I''ll post a shoreline fw hw2 later.

**mehulved** · 15-03-2006, 09:36 PM

Well I don't want to overload myself so I am not looking too much in learning firewalls now. I will definately learn it but a bit later on. A how-to on shorewall, or even better an article on linux firewalls, will be great.