[dokuwiki-teams] [Infrastructure] Firewall
- From: Dennis Ploeger <develop@xxxxxxxxxxxxxx>
- To: <dokuwiki-teams@xxxxxxxxxxxxx>
- Date: Sun, 30 Jan 2011 22:22:04 +0100 (CET)
Hi there!
Okay. I updated my knowledge of iptables script generators (aka "Software
firewalls for linux" :) ) and my first guess - shoreline/shorewall - isn't as
easy as it used to be (because of its grown complexity). I stopped at
vuurmuur.org. That firewall has a nice Curses GUI and a scripting-tool.
Visit our server and run vuurmuur_conf to get the curses-gui and look at the
rules. I migrated all firewall rules from the firewall-script to vuurmuur. I
quite like the rules overview. It is quite clear and easy to manage.
There was a section with dynamic blacklisting ssh connections. Doing this with
vuurmuur would unneccesarily complicate the setup, so I externalized it to
www.pettingers.org/code/sshblack.html, which works together with
vuurmuur_script quite easily.
There's even a traffic volume monitor integrated. I like it.
Please have a look at the whole setup and tell me, what you think. Andi, if
everybody's okay with the setup, could we please meet somewhen in the IRC and
bootup the setup?
Kind regards
Dennis
Other related posts:
