| |
|
 |
|
 |
|
|
|
| |
|
|
xen-users
Re: [Xen-users] IpTables config file for Dom0
I happily manage via ssh, Shorewall iptables rules for Dom0-DomU
routing, with three external public IP addresses, and two vpn WANs.
Shorewall version 3 is fantastic. Especially if you're prepared to
properly paramatise your script.
I don't feel I'd trust a GUI.
Appologies for off-topic.
piersdd@xxxxxxxxxxxxx
http://web.mac.com/piersdd/iWeb/Five9s/ethereality/ethereality.html
On 27/04/2006, at 10:30 AM, Molle Bestefich wrote:
Heiko Wundram wrote:
Molle Bestefich:
Non-GUI-managed firewalls?
When was that considered practical.. circa 1980?
Huh? I don't use a GUI to manage our firewall, and that's pretty
standard for
all organizations I know around here.
If you had tried it, I don't think you would be going back to editing
configuration files :-).
Using a GUI to manage a firewall (and
hiding the inherent complexity that a firewall always is), is more
errorprone
than an administrator who knows what he's doing and can reasonably
efficiently see what parts of the system a change to the firewall
rules would
affect,
I don't think that's true.
In fact, I'll bet that the non-GUI user introduces many more errors
because he has a lack of overview in comparison to the GUI user.
additionally, an administrator can compute much shorter
rulesets than an equivalent automated tool.
Who said anything about automated?
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
|
|
| |
|
Home