Tools for creation of iptables
John A. Sullivan III
jsullivan at opensourcedevel.com
Mon Mar 14 18:36:23 CET 2005
On Mon, 2005-03-14 at 17:40 +0100, Seferovic Edvin wrote:
> Hi list,
>
> are there some tools for creation of iptables rules that you could refer me
> to. I would appreciate it when you could write an opinion to the tool you
> maybe use.
<snip>
Some of my team have used fwbuilder (http://www.fwbuilder.org) in the
past with great success. There was recently a post about a new tool,
http://firewalladmin.sf.net - I subsequently read some impressive
reviews. I believe this product is very granular and is specifically a
rule configurator.
I am the maintainer of the ISCS project (http://iscs.sourceforge.net)
which is the complete opposite -- it is designed for very large and
complex environments where it can be overwhelming to configure
everything in a granular manner. Instead, it creates dual hierarchies
with inheritance (users and resources) and creates relationships between
them. It also automates the coordination of the access control rules
with user authentication, VPN, routing, NAT and, hopefully soon,
QoS/CoS. It is thus a very different approach -- in fact we joke that
the unlearning curve is greater than the learning curve.
It's sort of a replacement for very expensive tools like SolSoft,
Provider1, and SmartPipes but much more efficient. It is designed to be
able to administer more than just Linux systems (e.g., Cisco, Juniper).
My work situation has made it a bit difficult to advance the project for
the last few months so all volunteers are gladly welcomed.
Good luck in your search - John
--
John A. Sullivan III
Open Source Development Corporation
+1 207-985-7880
jsullivan at opensourcedevel.com
Financially sustainable open source development
http://www.opensourcedevel.com
More information about the netfilter
mailing list